Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232302e302f32342d3234203d3e203634323637.roa
File: 38352e3230392e3232302e302f32342d3234203d3e203634323637.roa (raw, json)
Hash identifier: BspVKyvzopxY/doNJ/wSM0ZNuMgSmsULfV8l4GvzHXs=
Subject key identifier: D4:AB:5B:28:91:E9:9D:DC:33:34:5A:2A:6C:FE:0A:76:73:80:7E:E3
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 551F3BD82D7B3D304CB6EA3E8175378CC5B7B671
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232302e302f32342d3234203d3e203634323637.roa
Signing time: Fri 04 Aug 2023 14:34:51 +0000
ROA not before: Fri 04 Aug 2023 14:29:51 +0000
ROA not after: Fri 02 Aug 2024 14:34:51 +0000
asID: 64267
IP address blocks: 85.209.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 14:08:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:1f:3b:d8:2d:7b:3d:30:4c:b6:ea:3e:81:75:37:8c:c5:b7:b6:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Aug 4 14:29:51 2023 GMT
Not After : Aug 2 14:34:51 2024 GMT
Subject: CN=D4AB5B2891E99DDC33345A2A6CFE0A7673807EE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0d:03:c8:3e:c2:ab:d4:c4:b3:cd:42:eb:8e:
8c:af:b6:bf:2c:2a:c0:2b:30:83:60:27:e7:62:90:
dc:e5:d3:9d:af:c8:a9:be:e4:c7:60:3e:7d:19:fa:
e4:e5:98:ed:25:59:c4:f1:97:3a:b3:07:c9:c9:96:
1e:71:32:57:0d:dc:07:a8:4c:7e:da:04:fe:ee:7c:
fd:1f:79:54:b5:a0:ff:88:3a:88:61:d0:2f:79:69:
2a:2c:09:75:86:01:ad:9e:24:e7:fc:8e:f9:b3:48:
46:38:4f:73:53:71:dc:28:3d:06:c7:83:0f:75:fa:
e7:a7:f2:da:4d:7a:18:fe:13:2c:26:9b:e1:f4:ce:
3a:30:b0:f9:7f:c9:92:8a:0f:66:20:30:3b:15:bb:
32:3f:b8:f8:70:a6:50:b5:ce:0b:c7:f8:40:0e:02:
cf:02:2e:6a:d4:62:33:d9:6a:4c:5a:1e:2b:b7:b5:
3c:3d:e8:ab:e4:b5:dd:7c:21:b1:5a:e9:e6:40:34:
57:32:a5:2e:77:d8:14:0b:0b:03:8e:9c:ea:7d:aa:
da:c5:28:c5:db:c2:f0:9c:88:75:c6:c1:71:61:8b:
b0:74:be:09:db:23:8c:53:9a:2c:6d:d5:38:a5:3f:
87:7e:ad:fd:96:5f:1c:3c:8e:2a:c3:94:68:b4:46:
6d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:AB:5B:28:91:E9:9D:DC:33:34:5A:2A:6C:FE:0A:76:73:80:7E:E3
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232302e302f32342d3234203d3e203634323637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.220.0/24
Signature Algorithm: sha256WithRSAEncryption
36:e9:e0:59:20:25:35:0a:99:8f:21:3b:33:a4:e4:d5:35:9c:
61:9a:c2:74:4d:54:7b:35:c2:1c:c0:53:57:f8:c3:46:e8:c8:
d2:8c:5f:98:df:44:d5:c6:89:7b:9b:9c:ea:dd:fd:b1:ac:46:
46:91:ae:26:b8:ea:ff:8d:3d:a2:64:b2:a4:44:72:cd:5c:22:
79:2d:74:a4:ea:6c:c5:79:72:bc:43:75:13:e1:8d:37:3a:a2:
55:fa:74:94:a1:9d:01:8c:61:60:1b:00:92:4d:38:d5:52:b4:
e9:e4:cc:32:15:49:ff:00:d6:aa:9e:fd:73:f3:c8:9c:21:66:
c5:1e:cf:38:b8:3b:81:e3:29:3d:a9:40:a1:00:05:17:a9:80:
2d:72:ff:16:f7:ad:e9:f7:25:90:13:fc:2d:89:d0:b1:e3:8f:
d1:dd:a0:3e:fa:a3:22:02:2d:70:15:3e:09:46:f3:92:4d:f5:
c3:ba:2e:4f:2f:08:62:13:2c:7a:3a:21:3d:e5:45:9b:8b:f2:
5b:4c:b4:87:89:04:ad:a5:a5:b6:98:4c:da:39:27:23:cb:eb:
44:3c:78:8d:43:51:e4:54:16:bb:ed:a0:5a:cc:89:31:f1:87:
ce:1e:9c:27:f5:c7:80:52:52:c7:fb:ba:36:81:20:6c:8d:40:
ff:32:c7:d1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUVR872C17PTBMtuo+gXU3jMW3tnEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzA4MDQxNDI5NTFaFw0yNDA4MDIxNDM0NTFaMDMxMTAvBgNV
BAMTKEQ0QUI1QjI4OTFFOTlEREMzMzM0NUEyQTZDRkUwQTc2NzM4MDdFRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3DQPIPsKr1MSzzULrjoyvtr8s
KsArMINgJ+dikNzl052vyKm+5MdgPn0Z+uTlmO0lWcTxlzqzB8nJlh5xMlcN3Aeo
TH7aBP7ufP0feVS1oP+IOohh0C95aSosCXWGAa2eJOf8jvmzSEY4T3NTcdwoPQbH
gw91+uen8tpNehj+Eywmm+H0zjowsPl/yZKKD2YgMDsVuzI/uPhwplC1zgvH+EAO
As8CLmrUYjPZakxaHiu3tTw96Kvktd18IbFa6eZANFcypS532BQLCwOOnOp9qtrF
KMXbwvCciHXGwXFhi7B0vgnbI4xTmixt1TilP4d+rf2WXxw8jirDlGi0Rm37AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU1KtbKJHpndwzNFoqbP4KdnOAfuMwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzgzNTJlMzIzMDM5MmUzMjMy
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjM0MzIzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdHcMA0GCSqGSIb3DQEBCwUAA4IBAQA26eBZICU1CpmPITszpOTVNZxhmsJ0TVR7
NcIcwFNX+MNG6MjSjF+Y30TVxol7m5zq3f2xrEZGka4muOr/jT2iZLKkRHLNXCJ5
LXSk6mzFeXK8Q3UT4Y03OqJV+nSUoZ0BjGFgGwCSTTjVUrTp5MwyFUn/ANaqnv1z
88icIWbFHs84uDuB4yk9qUChAAUXqYAtcv8W963p9yWQE/wtidCx44/R3aA++qMi
Ai1wFT4JRvOSTfXDui5PLwhiEyx6OiE95UWbi/JbTLSHiQStpaW2mEzaOScjy+tE
PHiNQ1HkVBa77aBazIkx8YfOHpwn9ceAUlLH+7o2gSBsjUD/MsfR
-----END CERTIFICATE-----
Generated at Sat May 11 18:18:50 2024 by rpki-client on console-ams.rpki-client.org