Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31392e302f32342d3234203d3e203236373337.roa
File: 38352e3230392e31392e302f32342d3234203d3e203236373337.roa (raw, json)
Hash identifier: SGL5IEW2JopNPhh1E9HXv/wmh67qnx4oLbRQQWWSjBI=
Subject key identifier: 3E:80:AD:39:51:36:D6:51:C8:12:CB:0D:28:C3:66:F0:E5:76:DD:EF
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 4D386478AB3EDF81F83E53EE03B299BE45564C64
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31392e302f32342d3234203d3e203236373337.roa
Signing time: Mon 12 Feb 2024 20:43:07 +0000
ROA not before: Mon 12 Feb 2024 20:38:07 +0000
ROA not after: Mon 10 Feb 2025 20:43:07 +0000
asID: 26737
IP address blocks: 85.209.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.mft
rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 15:47:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:38:64:78:ab:3e:df:81:f8:3e:53:ee:03:b2:99:be:45:56:4c:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Feb 12 20:38:07 2024 GMT
Not After : Feb 10 20:43:07 2025 GMT
Subject: CN=3E80AD395136D651C812CB0D28C366F0E576DDEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:28:83:0d:d9:5c:fe:ad:78:c0:34:95:0c:10:
37:52:ea:6c:0d:5c:25:f6:97:08:53:03:d0:4b:f1:
f5:c6:41:d5:ed:53:f0:8c:b6:c6:6a:75:7f:d7:2a:
c2:69:54:40:bd:ac:72:60:59:4d:d7:70:4a:96:2d:
ea:39:b5:e5:02:cc:88:b3:2d:dd:94:68:d8:d9:dc:
46:4d:4d:d8:44:59:9e:17:e1:d8:75:9e:2a:dd:a1:
cd:30:e5:15:1a:b4:24:86:bc:39:f4:2a:7e:70:5b:
36:66:78:b0:6f:f5:8a:89:f5:01:88:4a:a5:68:6d:
f2:79:3e:dd:ab:5f:b7:82:1b:26:81:e7:b2:49:af:
5b:63:db:15:2c:3f:b6:11:c9:98:ee:8b:4c:2e:34:
a2:6d:6f:d4:d3:69:53:74:3b:3f:89:cd:ac:ce:74:
f0:8d:13:2a:5b:60:2f:c6:4c:52:9c:32:1e:2e:4b:
09:03:14:02:0b:94:4a:c8:83:12:fc:9e:49:02:a7:
bd:c8:ca:2c:66:ff:a8:40:99:81:79:54:b1:35:14:
0e:c8:c0:58:38:b0:1d:18:23:23:c7:1f:1c:a6:72:
9d:bb:a5:09:ba:78:6c:12:d6:bc:80:60:3b:0c:01:
c0:2d:28:c6:30:8e:2b:ab:08:85:da:fd:04:90:06:
56:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:80:AD:39:51:36:D6:51:C8:12:CB:0D:28:C3:66:F0:E5:76:DD:EF
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31392e302f32342d3234203d3e203236373337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.19.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:68:5f:37:fe:fe:4e:e1:3c:07:e8:67:ce:aa:e4:0d:35:18:
f6:be:ce:5c:65:c0:6e:77:43:c5:9c:62:32:99:4a:19:17:e7:
4b:a5:9d:e3:65:40:a6:27:69:8b:3f:b5:45:3e:e3:3f:0a:8e:
f9:d8:d1:3c:5f:71:11:86:7e:ab:16:73:e6:9a:44:40:8d:af:
9f:62:d2:e3:56:7e:f6:ea:3a:5b:0f:bc:ea:60:6e:ff:34:67:
95:09:49:26:74:23:21:18:b6:d5:5d:aa:d8:29:a8:b7:59:4f:
c1:e9:57:e0:7d:87:48:cd:31:f4:7c:a7:d5:2c:17:22:0d:7e:
49:5d:f7:57:8d:ab:20:5e:4e:8b:b8:e0:84:a8:7d:c1:17:bb:
4b:0e:18:a9:d0:35:77:29:06:97:05:48:28:f2:71:a1:4d:be:
20:7c:7e:c9:04:ec:e9:30:33:b7:ff:5c:5d:7d:25:26:46:4a:
6c:f1:23:0e:b3:6c:26:36:0e:00:1b:33:22:68:9c:2e:d3:72:
92:cb:03:b9:99:9d:e4:0c:06:05:eb:82:2b:1d:42:ca:55:3a:
24:ba:3f:7e:fd:5a:70:39:ec:75:c9:13:64:77:b3:b8:ad:01:
ba:74:51:b3:a8:0a:f1:a4:c5:8e:7a:35:55:e9:28:ef:fb:a7:
71:15:bb:cd
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUTThkeKs+34H4PlPuA7KZvkVWTGQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNDAyMTIyMDM4MDdaFw0yNTAyMTAyMDQzMDdaMDMxMTAvBgNV
BAMTKDNFODBBRDM5NTEzNkQ2NTFDODEyQ0IwRDI4QzM2NkYwRTU3NkRERUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwKIMN2Vz+rXjANJUMEDdS6mwN
XCX2lwhTA9BL8fXGQdXtU/CMtsZqdX/XKsJpVEC9rHJgWU3XcEqWLeo5teUCzIiz
Ld2UaNjZ3EZNTdhEWZ4X4dh1nirdoc0w5RUatCSGvDn0Kn5wWzZmeLBv9YqJ9QGI
SqVobfJ5Pt2rX7eCGyaB57JJr1tj2xUsP7YRyZjui0wuNKJtb9TTaVN0Oz+JzazO
dPCNEypbYC/GTFKcMh4uSwkDFAILlErIgxL8nkkCp73Iyixm/6hAmYF5VLE1FA7I
wFg4sB0YIyPHHxymcp27pQm6eGwS1ryAYDsMAcAtKMYwjiurCIXa/QSQBlZbAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUPoCtOVE21lHIEssNKMNm8OV23e8wHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzgzNTJlMzIzMDM5MmUzMTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM3MzMzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXR
EzANBgkqhkiG9w0BAQsFAAOCAQEAzGhfN/7+TuE8B+hnzqrkDTUY9r7OXGXAbndD
xZxiMplKGRfnS6Wd42VApidpiz+1RT7jPwqO+djRPF9xEYZ+qxZz5ppEQI2vn2LS
41Z+9uo6Ww+86mBu/zRnlQlJJnQjIRi21V2q2Cmot1lPwelX4H2HSM0x9Hyn1SwX
Ig1+SV33V42rIF5Oi7jghKh9wRe7Sw4YqdA1dykGlwVIKPJxoU2+IHx+yQTs6TAz
t/9cXX0lJkZKbPEjDrNsJjYOABszImicLtNykssDuZmd5AwGBeuCKx1CylU6JLo/
fv1acDnsdckTZHezuK0BunRRs6gK8aTFjno1Veko7/uncRW7zQ==
-----END CERTIFICATE-----
Generated at Sat May 11 20:11:49 2024 by rpki-client on console-fra.rpki-client.org