Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232302e302f32342d3234203d3e203634323637.roa
File: 38352e3230392e3232302e302f32342d3234203d3e203634323637.roa (raw, json)
Hash identifier: lsl+nNqLUSVxWT337fIWYBAUSqr6IuN84DVl2b6e3uE=
Subject key identifier: B2:E6:4A:5D:61:74:AC:8F:FC:32:4B:B3:1F:0B:2E:34:52:25:CC:AF
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 036D12204CB5D8D5DD5E5C534E6CE1ED83FEC83D
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232302e302f32342d3234203d3e203634323637.roa
Signing time: Fri 05 Jul 2024 15:05:18 +0000
ROA not before: Fri 05 Jul 2024 15:00:18 +0000
ROA not after: Fri 04 Jul 2025 15:05:18 +0000
asID: 64267
IP address blocks: 85.209.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:6d:12:20:4c:b5:d8:d5:dd:5e:5c:53:4e:6c:e1:ed:83:fe:c8:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jul 5 15:00:18 2024 GMT
Not After : Jul 4 15:05:18 2025 GMT
Subject: CN=B2E64A5D6174AC8FFC324BB31F0B2E345225CCAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c8:60:70:47:fc:2f:56:14:fe:15:59:0e:5d:
6e:5d:a9:db:81:c4:d9:a8:ff:e4:cd:86:33:c3:57:
f7:71:08:fb:ce:a0:c4:8a:5d:f0:74:78:fc:1c:33:
16:0d:32:79:47:15:3e:56:ab:fb:61:19:19:dd:44:
7c:a7:02:ed:46:eb:18:a8:4b:95:6d:d7:fb:63:63:
f4:b5:f8:39:69:03:1e:58:86:4d:15:b3:f9:ef:73:
af:93:a4:e3:8b:65:4b:6e:9f:70:23:0b:db:ce:ea:
e3:17:3e:5b:66:1b:77:2f:91:10:60:b7:75:9b:2b:
db:16:ef:ff:7b:bf:e4:d3:cb:ee:37:3c:61:34:7c:
84:b5:66:c7:17:56:df:85:11:1b:76:f1:bf:c9:d5:
bf:60:17:1c:a7:b8:83:20:9b:3b:12:13:93:cd:3f:
9c:f9:f9:ea:d8:be:43:64:60:4f:b3:a0:12:8c:86:
78:f2:5a:ad:61:87:47:71:a1:cd:01:1c:95:78:fe:
14:5e:e1:60:5b:da:c0:1a:cf:96:e6:0d:46:4b:af:
fc:29:7d:90:bd:47:d5:13:6d:f2:1b:67:d9:7d:58:
fb:a3:60:ef:b5:3c:69:84:c4:2a:1b:7b:ee:7d:e5:
3a:83:f9:0b:17:41:7e:fc:78:57:16:1f:b0:5d:be:
89:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:E6:4A:5D:61:74:AC:8F:FC:32:4B:B3:1F:0B:2E:34:52:25:CC:AF
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232302e302f32342d3234203d3e203634323637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.220.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:9f:d1:ab:1a:19:18:4e:ff:0a:55:d5:29:ac:71:16:5a:d1:
08:ef:09:27:92:15:6f:d8:73:99:bc:7c:46:a7:71:33:42:66:
5f:28:b9:d4:90:be:1c:8a:24:30:98:8b:08:46:cf:d6:38:3e:
bf:ff:bd:ba:6a:9f:00:fd:3e:ef:7b:0f:7d:f9:90:25:bb:28:
6e:b5:02:d1:8f:ce:8f:c5:bc:bd:15:73:1b:d9:20:8b:28:24:
21:72:fb:d7:96:b1:1e:c4:f3:67:39:52:e4:ec:48:67:91:15:
4f:f2:e7:07:01:6c:32:35:54:6c:a6:50:46:fe:45:e9:62:60:
12:c0:e8:b0:98:73:cf:d2:2c:e3:00:a2:77:0c:eb:82:90:ad:
73:7a:9e:dd:d6:5c:0e:ad:9e:60:eb:e8:22:24:87:32:a6:f8:
c2:cc:8e:58:41:62:60:e4:94:d6:8a:7e:cc:2c:37:1c:4a:07:
b5:32:01:61:63:aa:2c:6d:b4:4e:bc:e9:ba:cd:b6:02:cd:68:
aa:fd:82:e1:95:9b:3e:e8:00:cb:0b:e5:95:2d:88:d9:ab:47:
6e:76:7e:f1:42:fd:c8:dc:8e:b3:ef:55:c3:e9:d2:87:47:c9:
58:8a:af:8e:31:f6:61:72:37:e4:ec:b8:5b:12:8a:08:20:1a:
92:4f:ee:4e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUA20SIEy12NXdXlxTTmzh7YP+yD0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA3MDUxNTAwMThaFw0yNTA3MDQxNTA1MThaMDMxMTAvBgNV
BAMTKEIyRTY0QTVENjE3NEFDOEZGQzMyNEJCMzFGMEIyRTM0NTIyNUNDQUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCLyGBwR/wvVhT+FVkOXW5dqduB
xNmo/+TNhjPDV/dxCPvOoMSKXfB0ePwcMxYNMnlHFT5Wq/thGRndRHynAu1G6xio
S5Vt1/tjY/S1+DlpAx5Yhk0Vs/nvc6+TpOOLZUtun3AjC9vO6uMXPltmG3cvkRBg
t3WbK9sW7/97v+TTy+43PGE0fIS1ZscXVt+FERt28b/J1b9gFxynuIMgmzsSE5PN
P5z5+erYvkNkYE+zoBKMhnjyWq1hh0dxoc0BHJV4/hRe4WBb2sAaz5bmDUZLr/wp
fZC9R9UTbfIbZ9l9WPujYO+1PGmExCobe+595TqD+QsXQX78eFcWH7BdvolhAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUsuZKXWF0rI/8MkuzHwsuNFIlzK8wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzgzNTJlMzIzMDM5MmUzMjMy
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjM0MzIzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdHcMA0GCSqGSIb3DQEBCwUAA4IBAQC/n9GrGhkYTv8KVdUprHEWWtEI7wknkhVv
2HOZvHxGp3EzQmZfKLnUkL4ciiQwmIsIRs/WOD6//726ap8A/T7vew99+ZAluyhu
tQLRj86Pxby9FXMb2SCLKCQhcvvXlrEexPNnOVLk7EhnkRVP8ucHAWwyNVRsplBG
/kXpYmASwOiwmHPP0izjAKJ3DOuCkK1zep7d1lwOrZ5g6+giJIcypvjCzI5YQWJg
5JTWin7MLDccSge1MgFhY6osbbROvOm6zbYCzWiq/YLhlZs+6ADLC+WVLYjZq0du
dn7xQv3I3I6z71XD6dKHR8lYiq+OMfZhcjfk7LhbEooIIBqST+5O
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:20 2024 by rpki-client on console-ams.rpki-client.org