Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31392e302f32342d3234203d3e20333935383939.roa
File: 38352e3230392e31392e302f32342d3234203d3e20333935383939.roa (raw, json)
Hash identifier: 8qyeB5GEXAQh8r3Hg24XZ/nXbjK7C5wmVXrShhitSDM=
Subject key identifier: 2D:ED:B6:91:E3:D4:59:7C:E9:1E:AC:A0:97:CE:8E:8E:D8:62:F1:E2
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 4354B96214D2705C0EB7696AD7320F60FD77E082
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31392e302f32342d3234203d3e20333935383939.roa
Signing time: Mon 12 Feb 2024 20:43:07 +0000
ROA not before: Mon 12 Feb 2024 20:38:07 +0000
ROA not after: Mon 10 Feb 2025 20:43:07 +0000
asID: 395899
IP address blocks: 85.209.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.mft
rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:54:b9:62:14:d2:70:5c:0e:b7:69:6a:d7:32:0f:60:fd:77:e0:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Feb 12 20:38:07 2024 GMT
Not After : Feb 10 20:43:07 2025 GMT
Subject: CN=2DEDB691E3D4597CE91EACA097CE8E8ED862F1E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:26:0c:cb:fa:82:79:e4:0b:a6:e3:7b:86:91:
2a:61:bf:3d:c6:6c:44:b6:24:cd:60:03:44:bf:09:
79:0b:1d:ba:8c:12:f7:a9:5f:8c:50:62:69:dd:06:
b4:91:37:b3:36:a7:82:0b:e2:df:78:9b:2e:d0:de:
60:82:c7:08:f4:82:8b:01:ee:7b:6b:40:f3:7e:8c:
1a:02:2b:bd:0c:e5:8a:78:3d:e8:66:1d:58:94:92:
b5:b4:88:fe:43:4f:39:ef:e6:5a:e2:b5:da:0b:a1:
2b:ab:7e:04:8d:be:26:24:26:2f:a1:f4:ac:73:ca:
6f:8c:6c:48:96:37:5a:a4:85:eb:47:4f:a8:a0:7b:
b4:ec:e1:c4:8f:6f:27:4b:72:cd:92:48:9a:44:74:
c5:d9:19:72:6b:7c:a1:ed:f2:ec:96:7f:d1:9d:32:
cc:9b:d6:13:bc:4a:a7:04:6a:86:a2:41:00:59:04:
24:35:35:22:74:03:cf:4e:22:fb:ed:a7:df:43:46:
20:4a:2f:f2:9c:ce:95:ab:82:1a:88:d9:76:7e:2a:
68:98:c8:2d:7f:03:8e:a2:9c:b3:3f:83:07:c2:7b:
01:d7:b7:7c:2b:43:20:63:16:fd:ec:9b:0a:a6:cc:
e8:1c:48:bb:19:10:38:59:ca:08:fd:c0:7e:b6:41:
5e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:ED:B6:91:E3:D4:59:7C:E9:1E:AC:A0:97:CE:8E:8E:D8:62:F1:E2
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31392e302f32342d3234203d3e20333935383939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.19.0/24
Signature Algorithm: sha256WithRSAEncryption
59:a4:62:28:c5:f6:ca:17:64:fe:75:87:bf:47:46:f4:ce:c3:
b3:f9:5d:cf:79:95:30:3f:4f:45:1e:9d:f9:e4:f3:a5:bd:5a:
58:a4:c9:4a:89:53:d3:8d:b4:ec:56:07:ea:58:55:80:f6:fd:
17:96:1c:ac:47:44:f6:68:4a:42:bd:34:ed:83:d8:ad:3d:85:
3b:63:c0:27:ee:6e:53:a7:8d:ca:d7:fc:92:c5:3f:aa:3a:86:
04:14:45:08:51:01:43:65:94:e7:a1:1f:68:f2:30:b9:5d:e8:
06:a5:01:20:c0:fb:d9:18:63:bf:62:55:04:68:1d:5b:41:e9:
09:51:44:21:0a:36:1e:54:e2:99:43:a5:50:ec:ef:e6:08:9a:
a5:55:86:cf:15:a8:e5:d9:7f:c6:cf:6a:89:95:df:de:eb:40:
86:9c:8a:41:9f:c0:25:22:4f:47:0a:86:06:0b:cc:e6:ca:ba:
f8:18:ad:41:15:d7:b5:0d:dc:92:92:01:da:22:76:23:cc:a1:
17:ae:05:41:b1:ef:f8:09:0f:4d:57:02:16:7c:22:ef:64:34:
2b:8e:70:28:70:5d:47:b5:31:f6:3c:cc:fb:21:de:eb:32:1e:
79:89:b7:f7:f8:b5:86:f7:11:31:73:21:30:45:83:b0:0c:98:
15:5b:09:c3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQ1S5YhTScFwOt2lq1zIPYP134IIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNDAyMTIyMDM4MDdaFw0yNTAyMTAyMDQzMDdaMDMxMTAvBgNV
BAMTKDJERURCNjkxRTNENDU5N0NFOTFFQUNBMDk3Q0U4RThFRDg2MkYxRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7JgzL+oJ55Aum43uGkSphvz3G
bES2JM1gA0S/CXkLHbqMEvepX4xQYmndBrSRN7M2p4IL4t94my7Q3mCCxwj0gosB
7ntrQPN+jBoCK70M5Yp4PehmHViUkrW0iP5DTznv5lritdoLoSurfgSNviYkJi+h
9Kxzym+MbEiWN1qkhetHT6ige7Ts4cSPbydLcs2SSJpEdMXZGXJrfKHt8uyWf9Gd
Msyb1hO8SqcEaoaiQQBZBCQ1NSJ0A89OIvvtp99DRiBKL/KczpWrghqI2XZ+KmiY
yC1/A46inLM/gwfCewHXt3wrQyBjFv3smwqmzOgcSLsZEDhZygj9wH62QV5bAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQULe22kePUWXzpHqygl86Ojthi8eIwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzgzNTJlMzIzMDM5MmUzMTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzOTM1MzgzOTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdETMA0GCSqGSIb3DQEBCwUAA4IBAQBZpGIoxfbKF2T+dYe/R0b0zsOz+V3PeZUw
P09FHp355POlvVpYpMlKiVPTjbTsVgfqWFWA9v0XlhysR0T2aEpCvTTtg9itPYU7
Y8An7m5Tp43K1/ySxT+qOoYEFEUIUQFDZZTnoR9o8jC5XegGpQEgwPvZGGO/YlUE
aB1bQekJUUQhCjYeVOKZQ6VQ7O/mCJqlVYbPFajl2X/Gz2qJld/e60CGnIpBn8Al
Ik9HCoYGC8zmyrr4GK1BFde1DdySkgHaInYjzKEXrgVBse/4CQ9NVwIWfCLvZDQr
jnAocF1HtTH2PMz7Id7rMh55ibf3+LWG9xExcyEwRYOwDJgVWwnD
-----END CERTIFICATE-----
Generated at Fri May 10 18:20:20 2024 by rpki-client on console-ams.rpki-client.org