Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232332e302f32342d3234203d3e203538303631.roa
File: 38352e3230392e3232332e302f32342d3234203d3e203538303631.roa (raw, json)
Hash identifier: XniC1lL/DX+OWTQ87N6tpfZxDRfqBNNLKSmyumex8HE=
Subject key identifier: 3F:28:E8:32:EE:0B:DB:AB:F9:95:0D:C8:59:31:D6:D0:38:C2:52:08
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 3504A766AA6F6935D07E53BBADFFD94593813116
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232332e302f32342d3234203d3e203538303631.roa
Signing time: Fri 23 Feb 2024 18:32:02 +0000
ROA not before: Fri 23 Feb 2024 18:27:02 +0000
ROA not after: Fri 21 Feb 2025 18:32:02 +0000
asID: 58061
IP address blocks: 85.209.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:04:a7:66:aa:6f:69:35:d0:7e:53:bb:ad:ff:d9:45:93:81:31:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 23 18:27:02 2024 GMT
Not After : Feb 21 18:32:02 2025 GMT
Subject: CN=3F28E832EE0BDBABF9950DC85931D6D038C25208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:33:a6:0b:1a:01:7e:19:d0:c9:32:68:62:72:
8d:22:47:4a:d6:cb:16:fb:d9:87:15:28:10:14:f9:
5e:a8:9e:91:95:17:89:7d:cd:64:f3:9c:ce:34:cb:
54:00:4d:b9:2e:5b:25:48:fc:f7:2a:b3:7a:36:56:
7e:5c:f9:d7:9a:d7:1c:9e:3e:96:5e:8a:a5:96:93:
59:ea:a5:d1:39:4a:36:4b:fa:38:da:36:34:dc:00:
04:bc:6b:9c:e0:06:d5:9f:93:42:31:62:aa:74:e3:
d0:f0:49:d8:b8:dd:e9:1a:59:02:7d:09:7a:75:5d:
0f:c7:45:c1:26:75:64:d9:82:02:07:cb:12:76:60:
58:96:b6:36:47:32:86:c1:64:ed:03:97:d6:b0:2d:
b8:71:83:89:4d:81:a5:f1:ae:3f:b8:d5:fd:27:67:
14:69:50:b5:ae:94:72:1b:22:13:54:23:e0:49:3b:
81:07:d2:94:31:46:d9:13:4f:d0:f0:dc:3a:9e:ff:
61:84:9d:82:45:43:13:2f:66:68:31:d2:63:28:c6:
2e:4b:50:d2:6f:e3:01:6e:7e:dc:55:cc:49:41:59:
8e:30:39:bd:ac:93:c1:98:ce:5c:8e:42:2e:1d:0a:
ab:fc:99:f4:78:3d:67:1a:b4:97:77:23:53:71:0d:
ca:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:28:E8:32:EE:0B:DB:AB:F9:95:0D:C8:59:31:D6:D0:38:C2:52:08
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232332e302f32342d3234203d3e203538303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.223.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:91:ca:b2:1c:fc:47:08:48:26:c9:60:47:55:62:de:3b:82:
1e:bc:c6:17:bf:80:f4:67:d3:f5:75:d4:a4:62:73:b0:a2:d9:
06:17:1d:22:88:d2:b2:d1:02:7d:c7:f8:ca:d0:33:3f:7c:3d:
8e:fc:95:cb:6c:e9:49:a7:97:32:dc:1a:2a:3e:88:42:e3:f6:
23:2e:fb:40:a7:c5:f7:bd:e6:f9:e7:e0:84:b2:e2:ab:36:97:
9d:68:e7:14:b6:e8:03:81:20:db:c7:ac:b2:8b:de:57:5d:bb:
4e:dd:c0:94:bc:9b:b7:40:f2:0c:c8:a9:8d:f0:fe:80:96:ed:
c2:b2:28:a2:96:6c:ab:dc:16:3f:e0:47:fb:93:b6:96:56:07:
40:4f:a6:15:23:16:e4:12:46:0e:07:1c:a9:19:05:16:24:04:
90:ac:68:b0:a8:25:d2:33:55:cb:db:79:c1:4d:4e:2a:41:c9:
53:1a:80:69:9d:cb:b6:78:1a:a0:bf:a5:bc:a2:0a:65:ab:16:
89:17:a1:f8:38:76:9e:2b:84:ba:e2:24:81:a2:e5:fb:ae:0d:
e5:4c:9b:65:fb:06:22:35:96:da:9b:4e:3a:36:5a:db:c7:b7:
6f:7a:8c:a7:fe:1b:f2:17:4c:93:c0:3a:2b:fd:a7:67:10:de:
38:4a:29:39
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUNQSnZqpvaTXQflO7rf/ZRZOBMRYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDAyMjMxODI3MDJaFw0yNTAyMjExODMyMDJaMDMxMTAvBgNV
BAMTKDNGMjhFODMyRUUwQkRCQUJGOTk1MERDODU5MzFENkQwMzhDMjUyMDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3M6YLGgF+GdDJMmhico0iR0rW
yxb72YcVKBAU+V6onpGVF4l9zWTznM40y1QATbkuWyVI/Pcqs3o2Vn5c+dea1xye
PpZeiqWWk1nqpdE5SjZL+jjaNjTcAAS8a5zgBtWfk0IxYqp049DwSdi43ekaWQJ9
CXp1XQ/HRcEmdWTZggIHyxJ2YFiWtjZHMobBZO0Dl9awLbhxg4lNgaXxrj+41f0n
ZxRpULWulHIbIhNUI+BJO4EH0pQxRtkTT9Dw3Dqe/2GEnYJFQxMvZmgx0mMoxi5L
UNJv4wFuftxVzElBWY4wOb2sk8GYzlyOQi4dCqv8mfR4PWcatJd3I1NxDcoRAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUPyjoMu4L26v5lQ3IWTHW0DjCUggwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzgzNTJlMzIzMDM5MmUzMjMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM4MzAzNjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdHfMA0GCSqGSIb3DQEBCwUAA4IBAQCPkcqyHPxHCEgmyWBHVWLeO4IevMYXv4D0
Z9P1ddSkYnOwotkGFx0iiNKy0QJ9x/jK0DM/fD2O/JXLbOlJp5cy3BoqPohC4/Yj
LvtAp8X3veb55+CEsuKrNpedaOcUtugDgSDbx6yyi95XXbtO3cCUvJu3QPIMyKmN
8P6Alu3Csiiilmyr3BY/4Ef7k7aWVgdAT6YVIxbkEkYOBxypGQUWJASQrGiwqCXS
M1XL23nBTU4qQclTGoBpncu2eBqgv6W8ogplqxaJF6H4OHaeK4S64iSBouX7rg3l
TJtl+wYiNZbam046Nlrbx7dveoyn/hvyF0yTwDor/adnEN44Sik5
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:43 2024 by rpki-client on console-ams.rpki-client.org