Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232322e302f32342d3234203d3e203631333137.roa
File: 38352e3230392e3232322e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: xSHsrTxETVhEOWRBDn/W+NsumT1HZBZeakZuJmQMJSk=
Subject key identifier: 9F:19:26:A0:2D:62:6F:34:11:9D:EC:E4:DA:25:D9:B7:3D:E9:0A:BB
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 74A6244D24E15242C42FB14978358FEE9622D1B9
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232322e302f32342d3234203d3e203631333137.roa
Signing time: Sun 02 Jun 2024 03:05:16 +0000
ROA not before: Sun 02 Jun 2024 03:00:16 +0000
ROA not after: Sun 01 Jun 2025 03:05:16 +0000
asID: 61317
IP address blocks: 85.209.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:a6:24:4d:24:e1:52:42:c4:2f:b1:49:78:35:8f:ee:96:22:d1:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 2 03:00:16 2024 GMT
Not After : Jun 1 03:05:16 2025 GMT
Subject: CN=9F1926A02D626F34119DECE4DA25D9B73DE90ABB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e7:b3:5b:1f:07:2b:d5:c4:61:08:54:7e:8d:
a5:77:1d:ef:ad:f2:66:81:1f:5f:54:1f:07:3e:a0:
74:f6:e5:8a:79:d0:c6:cc:e3:92:a1:08:dd:7c:d6:
2f:14:c1:46:84:f5:46:69:05:79:0c:2d:19:9d:f6:
ed:14:37:de:77:5c:e8:af:9d:64:d9:10:9c:7a:21:
d0:44:a7:a0:d0:13:34:96:de:24:90:62:c8:ca:e9:
ea:d2:0a:8c:29:f5:c3:78:60:7c:75:64:4e:d8:84:
40:0d:fd:87:e0:45:70:97:a9:0c:c1:5e:1e:90:8e:
c9:51:cd:af:8b:ee:fa:d9:36:8c:bb:4e:20:03:a4:
34:80:ea:c2:47:5a:cb:d8:1d:a3:55:e8:58:10:19:
58:6f:b7:9d:25:48:ec:25:f9:6a:20:4e:cb:1b:48:
39:14:75:98:e0:2c:16:bf:28:fb:c3:db:26:da:3d:
11:18:95:19:e5:95:bd:ab:fc:fc:45:f6:34:23:59:
f5:96:b1:04:9b:1e:f2:54:99:28:94:1c:fd:9e:37:
e6:92:ff:5a:7b:73:98:a1:28:f4:35:1d:40:12:2c:
04:28:f5:b4:d9:6c:48:59:eb:4c:f7:0f:78:0d:af:
76:cc:17:cf:2a:e8:45:24:c8:64:e2:27:a3:d2:18:
6b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:19:26:A0:2D:62:6F:34:11:9D:EC:E4:DA:25:D9:B7:3D:E9:0A:BB
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232322e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.222.0/24
Signature Algorithm: sha256WithRSAEncryption
48:55:0f:3a:dc:82:d1:cc:6a:10:a6:72:89:39:99:16:5b:68:
80:5d:89:ff:c3:a1:27:28:b5:c2:4b:13:01:95:47:ce:9b:71:
2c:e0:84:48:1f:d4:df:6d:d2:2b:1e:f6:1f:e2:c5:d1:00:9d:
2f:1a:54:1b:13:08:e0:95:92:e1:da:12:41:15:58:46:43:fa:
66:15:51:c4:23:f9:b0:05:50:85:7a:f5:36:5f:a7:c0:a7:2d:
02:18:dc:b4:e6:02:2c:38:8f:50:66:66:2d:68:28:40:80:28:
41:29:b0:0d:cf:42:61:38:7e:9a:f4:c9:b4:4e:66:80:a3:6b:
1b:27:2f:7c:4c:b2:93:0b:2e:45:5b:50:a3:ab:53:c4:8e:7a:
b1:1f:b3:69:df:eb:0a:87:bf:ac:1f:4a:0d:20:83:c6:e3:5c:
b9:7c:dd:25:ba:4f:71:b3:97:07:16:04:e8:95:82:15:ad:22:
2d:eb:2a:c5:8d:f2:69:a2:0a:33:a9:4a:0d:c9:11:ba:70:d7:
f9:4d:0a:96:ab:d0:2f:18:38:90:48:10:39:37:e0:07:8c:30:
05:20:5e:58:61:32:ba:3a:84:09:03:b6:26:73:2c:f4:f1:2c:
ca:81:b5:a1:55:bc:55:27:03:f8:88:e3:e9:6f:bc:3a:7d:c4:
cf:e0:b4:a4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdKYkTSThUkLEL7FJeDWP7pYi0bkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA2MDIwMzAwMTZaFw0yNTA2MDEwMzA1MTZaMDMxMTAvBgNV
BAMTKDlGMTkyNkEwMkQ2MjZGMzQxMTlERUNFNERBMjVEOUI3M0RFOTBBQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn57NbHwcr1cRhCFR+jaV3He+t
8maBH19UHwc+oHT25Yp50MbM45KhCN181i8UwUaE9UZpBXkMLRmd9u0UN953XOiv
nWTZEJx6IdBEp6DQEzSW3iSQYsjK6erSCowp9cN4YHx1ZE7YhEAN/YfgRXCXqQzB
Xh6QjslRza+L7vrZNoy7TiADpDSA6sJHWsvYHaNV6FgQGVhvt50lSOwl+WogTssb
SDkUdZjgLBa/KPvD2ybaPREYlRnllb2r/PxF9jQjWfWWsQSbHvJUmSiUHP2eN+aS
/1p7c5ihKPQ1HUASLAQo9bTZbEhZ60z3D3gNr3bMF88q6EUkyGTiJ6PSGGudAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUnxkmoC1ibzQRnezk2iXZtz3pCrswHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzgzNTJlMzIzMDM5MmUzMjMy
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdHeMA0GCSqGSIb3DQEBCwUAA4IBAQBIVQ863ILRzGoQpnKJOZkWW2iAXYn/w6En
KLXCSxMBlUfOm3Es4IRIH9TfbdIrHvYf4sXRAJ0vGlQbEwjglZLh2hJBFVhGQ/pm
FVHEI/mwBVCFevU2X6fApy0CGNy05gIsOI9QZmYtaChAgChBKbANz0JhOH6a9Mm0
TmaAo2sbJy98TLKTCy5FW1Cjq1PEjnqxH7Np3+sKh7+sH0oNIIPG41y5fN0luk9x
s5cHFgTolYIVrSIt6yrFjfJpogozqUoNyRG6cNf5TQqWq9AvGDiQSBA5N+AHjDAF
IF5YYTK6OoQJA7Ymcyz08SzKgbWhVbxVJwP4iOPpb7w6fcTP4LSk
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:49:13 2025 by rpki-client