Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232312e302f32342d3234203d3e20323132333834.roa
File: 38352e3230392e3232312e302f32342d3234203d3e20323132333834.roa (raw, json)
Hash identifier: S1sKl+8Krj0zU+ebfGzwDZrwHxm5b8mc2Kwuq7mFbMg=
Subject key identifier: 29:22:31:8E:D0:3B:BA:22:6D:D2:74:46:D1:88:89:56:72:E5:BD:8C
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 75B0F301B9FFFAF67F13842415D36866F7DAB7C6
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232312e302f32342d3234203d3e20323132333834.roa
Signing time: Wed 11 Sep 2024 13:05:20 +0000
ROA not before: Wed 11 Sep 2024 13:00:20 +0000
ROA not after: Wed 10 Sep 2025 13:05:20 +0000
asID: 212384
IP address blocks: 85.209.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:b0:f3:01:b9:ff:fa:f6:7f:13:84:24:15:d3:68:66:f7:da:b7:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Sep 11 13:00:20 2024 GMT
Not After : Sep 10 13:05:20 2025 GMT
Subject: CN=2922318ED03BBA226DD27446D188895672E5BD8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:92:94:05:2b:28:86:ff:62:51:26:33:10:3d:
10:8f:55:80:88:46:ce:e1:88:62:fd:9a:53:17:19:
52:1c:a4:18:a3:9c:e1:df:b3:5e:d2:36:8a:9c:6f:
a5:f9:37:d9:b1:08:15:30:0f:6c:e5:5a:73:d5:8d:
0e:0a:b0:8c:fe:85:9f:e6:51:23:ea:6a:37:60:1c:
96:06:0c:c3:ef:23:35:a2:2e:9c:5f:6a:99:75:70:
38:fc:9a:88:13:7a:ef:41:5f:5e:5a:a7:b2:19:66:
2b:74:5f:9f:f6:79:a9:e9:bc:81:6d:ad:1f:03:2a:
02:46:36:33:09:93:2a:51:b5:72:eb:65:cb:80:aa:
34:60:26:b4:9b:54:1f:58:ed:41:4a:fb:ef:9d:f1:
93:11:7b:73:77:1d:e1:4e:11:34:b3:eb:4b:b9:db:
82:b7:f0:fe:1b:20:08:a8:2c:af:84:2e:78:38:e0:
55:f2:8c:c9:a1:9d:f4:a8:4f:79:72:81:4f:0e:14:
c8:5c:8f:c5:e3:89:ed:71:dc:79:81:c2:0c:82:99:
99:ad:0f:f2:80:45:72:2f:c9:db:a5:50:4a:79:46:
b3:68:d5:16:9e:5c:92:05:ef:31:95:ec:76:47:a2:
da:0c:d3:5c:bf:81:b9:74:b4:0b:dc:c0:0c:77:85:
6c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:22:31:8E:D0:3B:BA:22:6D:D2:74:46:D1:88:89:56:72:E5:BD:8C
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232312e302f32342d3234203d3e20323132333834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.221.0/24
Signature Algorithm: sha256WithRSAEncryption
62:25:78:2b:8f:e9:eb:f0:6f:d6:be:00:79:54:cc:9d:79:cc:
96:bb:13:3b:1c:b8:05:b8:30:0e:53:2e:66:b8:c1:f4:51:5d:
47:e9:8c:b8:ea:45:8c:f3:41:cd:32:33:60:94:dc:a4:d1:97:
7e:ec:83:42:3e:11:da:30:0d:4e:4f:ba:25:d2:5c:b6:69:a2:
f4:ad:6a:bf:c4:50:31:4e:ac:d2:1e:08:36:57:b6:e3:08:30:
35:74:06:6b:17:c7:08:f2:9f:dc:8a:8e:f9:c2:ad:02:e5:88:
6a:c8:c8:af:78:0e:4d:7b:0b:8d:ee:0e:94:6b:48:cb:ec:35:
83:47:13:de:c1:9b:db:d8:47:4e:55:38:90:0c:86:4f:bc:e6:
81:ab:be:f4:98:ab:3c:56:91:1b:0e:2e:cb:c8:61:8f:82:0e:
06:23:a2:09:83:de:58:84:79:ce:fd:4c:9c:48:c6:2f:da:6d:
9d:1f:a6:45:be:13:ee:50:69:7d:05:00:32:9b:dc:db:9f:fe:
f0:9e:fa:15:ef:c4:98:b5:63:84:53:9c:b3:32:6d:1b:cd:31:
3d:9f:f6:85:9f:19:29:c4:6e:9d:23:b6:f7:39:f4:60:b9:ec:
5d:90:78:f5:42:b5:f5:68:e9:6a:93:28:b6:53:a0:95:d3:43:
69:f8:8a:61
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdbDzAbn/+vZ/E4QkFdNoZvfat8YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA5MTExMzAwMjBaFw0yNTA5MTAxMzA1MjBaMDMxMTAvBgNV
BAMTKDI5MjIzMThFRDAzQkJBMjI2REQyNzQ0NkQxODg4OTU2NzJFNUJEOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrkpQFKyiG/2JRJjMQPRCPVYCI
Rs7hiGL9mlMXGVIcpBijnOHfs17SNoqcb6X5N9mxCBUwD2zlWnPVjQ4KsIz+hZ/m
USPqajdgHJYGDMPvIzWiLpxfapl1cDj8mogTeu9BX15ap7IZZit0X5/2eanpvIFt
rR8DKgJGNjMJkypRtXLrZcuAqjRgJrSbVB9Y7UFK+++d8ZMRe3N3HeFOETSz60u5
24K38P4bIAioLK+ELng44FXyjMmhnfSoT3lygU8OFMhcj8Xjie1x3HmBwgyCmZmt
D/KARXIvydulUEp5RrNo1RaeXJIF7zGV7HZHotoM01y/gbl0tAvcwAx3hWxfAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUKSIxjtA7uiJt0nRG0YiJVnLlvYwwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzgzNTJlMzIzMDM5MmUzMjMy
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMzM4MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV0d0wDQYJKoZIhvcNAQELBQADggEBAGIleCuP6evwb9a+AHlUzJ15zJa7Ezsc
uAW4MA5TLma4wfRRXUfpjLjqRYzzQc0yM2CU3KTRl37sg0I+EdowDU5PuiXSXLZp
ovStar/EUDFOrNIeCDZXtuMIMDV0BmsXxwjyn9yKjvnCrQLliGrIyK94Dk17C43u
DpRrSMvsNYNHE97Bm9vYR05VOJAMhk+85oGrvvSYqzxWkRsOLsvIYY+CDgYjogmD
3liEec79TJxIxi/abZ0fpkW+E+5QaX0FADKb3Nuf/vCe+hXvxJi1Y4RTnLMybRvN
MT2f9oWfGSnEbp0jtvc59GC57F2QePVCtfVo6WqTKLZToJXTQ2n4imE=
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:20 2024 by rpki-client on console-ams.rpki-client.org