Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232312e302f32342d3234203d3e20323132333834.roa
File: 38352e3230392e3232312e302f32342d3234203d3e20323132333834.roa (raw, json)
Hash identifier: k4Ppq/bRhOsiqRd+OMqDLt62tYpIVgo1AbL//M2yc1o=
Subject key identifier: EE:C7:81:1A:9E:8F:67:1B:8E:E6:63:88:37:D0:98:E5:24:40:9D:BE
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 0D6BFFD901E64FFAEB8DAE5E9992FEF8FB8BC6F3
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232312e302f32342d3234203d3e20323132333834.roa
Signing time: Wed 11 Oct 2023 12:21:14 +0000
ROA not before: Wed 11 Oct 2023 12:16:14 +0000
ROA not after: Wed 09 Oct 2024 12:21:14 +0000
asID: 212384
IP address blocks: 85.209.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 16:37:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:6b:ff:d9:01:e6:4f:fa:eb:8d:ae:5e:99:92:fe:f8:fb:8b:c6:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Oct 11 12:16:14 2023 GMT
Not After : Oct 9 12:21:14 2024 GMT
Subject: CN=EEC7811A9E8F671B8EE6638837D098E524409DBE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:21:d5:79:ae:1b:17:fd:83:48:20:90:58:1f:
ce:6b:69:49:9d:b3:16:be:40:41:09:75:f5:5a:20:
96:56:0e:53:fa:66:54:1d:0c:78:13:f5:44:c6:f7:
f6:c3:43:53:8e:78:6b:92:25:b9:99:f3:21:02:33:
d0:51:f5:a6:62:fc:e0:0c:ba:f4:76:31:1c:2d:3b:
c9:a7:bc:65:78:c8:ec:83:8d:d3:89:78:a6:9e:a1:
32:07:4e:3d:80:d2:f0:be:47:f6:e9:14:b5:34:05:
92:c9:2f:10:20:f6:ea:8e:3f:c6:b1:54:60:f4:fc:
ab:a5:c9:3f:fd:c4:62:9f:ff:92:09:47:4f:ec:2d:
57:ee:6a:50:75:b0:3a:cb:54:5f:47:fb:20:82:5c:
84:e7:bd:bb:7f:d5:14:5a:87:42:78:ea:af:13:64:
11:85:73:9f:75:f0:76:6b:08:92:01:63:13:fe:73:
2d:35:29:3b:dd:20:50:06:d1:d7:ed:a4:75:a9:ee:
61:fc:f2:41:6a:c2:17:5a:6d:80:a2:bd:5a:6a:1a:
68:c0:dd:a2:5b:78:e0:37:5a:0c:f6:64:4f:b8:e3:
63:1f:80:6b:0f:97:e5:a7:4b:54:7e:6f:71:ac:52:
db:44:c0:7c:60:88:47:1b:5c:3f:3f:57:40:51:b6:
5c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C7:81:1A:9E:8F:67:1B:8E:E6:63:88:37:D0:98:E5:24:40:9D:BE
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232312e302f32342d3234203d3e20323132333834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.221.0/24
Signature Algorithm: sha256WithRSAEncryption
45:2a:d0:1e:6e:6b:36:af:6a:4c:7d:32:23:0d:18:2f:55:85:
04:d3:ea:82:cc:a7:d9:67:14:cf:e8:0e:c5:cc:47:b4:dd:c7:
84:98:78:2e:1c:22:ed:4f:7e:29:bb:e6:86:c9:3a:eb:ee:5a:
de:99:35:43:a1:86:79:ac:4b:fc:29:ef:f8:12:a6:55:92:cd:
92:6b:a1:6f:f9:b3:d9:20:77:63:4d:93:26:e5:ba:fd:56:4a:
fb:95:73:29:ef:d8:0f:38:99:23:4a:89:e5:94:19:26:17:ab:
e8:87:aa:4a:90:8a:8f:6c:b2:9b:25:3e:51:66:42:2b:37:3d:
7c:3e:a9:d0:6c:e1:61:8d:a7:b3:f9:d2:f7:27:d6:7b:40:b8:
76:87:e1:81:d6:07:a6:6e:1e:5a:71:30:dc:eb:a2:89:0f:ab:
31:47:f3:ea:dd:2d:4c:b4:c3:65:72:35:73:b6:d6:9a:f5:84:
13:ca:dc:4d:7c:4c:64:11:44:0b:ce:f9:8e:28:02:c9:8f:2b:
72:6a:f5:0d:8c:00:b0:1d:d6:65:e8:fc:6e:79:97:d0:3b:10:
fc:7f:fe:b5:c4:32:83:4d:5d:16:aa:c8:81:03:68:db:d4:2c:
ff:4e:59:93:4c:4e:ee:4e:53:c9:40:52:f6:8c:8c:05:03:4a:
46:0b:cf:e3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDWv/2QHmT/rrja5emZL++PuLxvMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzEwMTExMjE2MTRaFw0yNDEwMDkxMjIxMTRaMDMxMTAvBgNV
BAMTKEVFQzc4MTFBOUU4RjY3MUI4RUU2NjM4ODM3RDA5OEU1MjQ0MDlEQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBIdV5rhsX/YNIIJBYH85raUmd
sxa+QEEJdfVaIJZWDlP6ZlQdDHgT9UTG9/bDQ1OOeGuSJbmZ8yECM9BR9aZi/OAM
uvR2MRwtO8mnvGV4yOyDjdOJeKaeoTIHTj2A0vC+R/bpFLU0BZLJLxAg9uqOP8ax
VGD0/KulyT/9xGKf/5IJR0/sLVfualB1sDrLVF9H+yCCXITnvbt/1RRah0J46q8T
ZBGFc5918HZrCJIBYxP+cy01KTvdIFAG0dftpHWp7mH88kFqwhdabYCivVpqGmjA
3aJbeOA3Wgz2ZE+442MfgGsPl+WnS1R+b3GsUttEwHxgiEcbXD8/V0BRtlz/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU7seBGp6PZxuO5mOIN9CY5SRAnb4wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzgzNTJlMzIzMDM5MmUzMjMy
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMzM4MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV0d0wDQYJKoZIhvcNAQELBQADggEBAEUq0B5uazavakx9MiMNGC9VhQTT6oLM
p9lnFM/oDsXMR7Tdx4SYeC4cIu1Pfim75obJOuvuWt6ZNUOhhnmsS/wp7/gSplWS
zZJroW/5s9kgd2NNkybluv1WSvuVcynv2A84mSNKieWUGSYXq+iHqkqQio9sspsl
PlFmQis3PXw+qdBs4WGNp7P50vcn1ntAuHaH4YHWB6ZuHlpxMNzrookPqzFH8+rd
LUy0w2VyNXO21pr1hBPK3E18TGQRRAvO+Y4oAsmPK3Jq9Q2MALAd1mXo/G55l9A7
EPx//rXEMoNNXRaqyIEDaNvULP9OWZNMTu5OU8lAUvaMjAUDSkYLz+M=
-----END CERTIFICATE-----
Generated at Sat May 11 20:11:50 2024 by rpki-client on console-fra.rpki-client.org