Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/38352e3230322e38312e302f32342d3234203d3e20323037313337.roa
File: 38352e3230322e38312e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: GUedu+wcHVyrdhUCFNgYOMCzWH5pwDpzch6qlrFa+EE=
Subject key identifier: 5A:E1:5C:EB:70:AC:A3:A7:8D:A2:14:47:AC:65:53:C9:33:A8:47:D2
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 139EDA457B95CD224E50B4F109DA36D6BA696863
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/38352e3230322e38312e302f32342d3234203d3e20323037313337.roa
Signing time: Mon 26 Feb 2024 08:52:47 +0000
ROA not before: Mon 26 Feb 2024 08:47:47 +0000
ROA not after: Mon 24 Feb 2025 08:52:47 +0000
asID: 207137
IP address blocks: 85.202.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:9e:da:45:7b:95:cd:22:4e:50:b4:f1:09:da:36:d6:ba:69:68:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:47 2024 GMT
Not After : Feb 24 08:52:47 2025 GMT
Subject: CN=5AE15CEB70ACA3A78DA21447AC6553C933A847D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:af:87:66:46:65:9c:94:da:8e:f0:32:65:b2:
c9:c1:98:a8:49:27:20:d7:c6:78:5d:59:fd:d2:8b:
20:03:4b:dc:2a:b9:af:a4:e4:40:89:18:92:44:f2:
f3:76:84:86:84:ff:ad:92:6f:a9:fc:81:8f:f8:03:
2d:9c:60:2f:2e:6f:0c:8c:f6:d6:ae:f0:06:04:0e:
97:00:33:92:67:73:58:d7:00:83:33:25:43:6b:4e:
09:75:b7:ba:eb:e7:5f:e4:5c:a4:c1:ba:9f:f7:1e:
46:2b:c4:62:97:5e:e7:13:ec:2f:8a:4a:bb:e0:4d:
ea:55:a0:1b:c5:68:31:23:a3:0b:27:3d:5f:df:b4:
e9:cd:51:2b:4c:47:94:d8:68:e3:89:da:c7:57:2d:
12:cd:a1:49:d6:7d:c9:00:a2:9a:5e:02:34:7f:1c:
4f:a6:f0:da:e2:d5:22:33:f6:a1:be:6b:b2:c4:fc:
d0:6a:8a:29:2e:e7:5c:81:3e:91:02:e9:1c:b7:b5:
72:20:c3:b7:8c:af:9f:c4:4b:5d:99:bd:36:97:34:
b7:9b:10:80:c0:c0:69:6e:5f:4f:ee:b2:64:c6:9c:
52:e5:a4:d4:ff:ea:4b:b2:86:e8:49:80:f1:56:73:
92:aa:e9:a0:8d:63:61:b8:5f:69:4f:cf:c5:78:8a:
57:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:E1:5C:EB:70:AC:A3:A7:8D:A2:14:47:AC:65:53:C9:33:A8:47:D2
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/38352e3230322e38312e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.81.0/24
Signature Algorithm: sha256WithRSAEncryption
00:73:13:b9:82:0b:8f:77:af:fb:7f:76:53:63:31:55:92:32:
e1:78:47:3b:cd:1a:8b:b8:51:f8:99:0d:50:91:fb:e6:7d:da:
e4:79:9c:f3:8b:93:f5:07:75:12:7a:c0:70:57:24:99:f9:6f:
f0:81:5f:fa:54:16:ea:e3:1b:fd:a9:6a:13:66:2d:42:60:d4:
4f:95:9e:e7:a0:bb:25:94:1c:c0:c3:b3:88:47:b6:1e:a6:c8:
06:97:2a:56:88:83:1e:3e:6a:be:79:5a:8a:c6:96:fa:01:ae:
5b:32:d7:2a:f0:e8:46:ed:bf:72:b3:88:0a:81:58:19:9f:b3:
c4:ed:f0:76:00:ee:bf:df:7c:f9:19:91:59:71:77:11:51:a5:
90:dc:49:8f:e1:c6:bc:ee:12:a0:79:04:2a:53:db:00:fb:49:
c3:85:b5:9c:9d:b2:a5:f5:c3:67:91:a1:b8:f0:e1:96:d3:83:
88:c4:d9:e0:dc:b3:f5:0d:63:59:93:4e:d2:1c:b1:45:9f:bc:
c6:25:57:3c:06:25:c6:f1:b7:86:82:91:4b:77:65:91:83:d2:
f6:e5:dc:63:b3:38:d4:b7:05:26:a5:1f:30:33:67:5e:3f:76:
c6:ac:80:20:58:02:40:8b:93:c0:41:43:af:a7:6d:8c:0f:61:
cd:ca:18:f3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUE57aRXuVzSJOULTxCdo21rppaGMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NDdaFw0yNTAyMjQwODUyNDdaMDMxMTAvBgNV
BAMTKDVBRTE1Q0VCNzBBQ0EzQTc4REEyMTQ0N0FDNjU1M0M5MzNBODQ3RDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDur4dmRmWclNqO8DJlssnBmKhJ
JyDXxnhdWf3SiyADS9wqua+k5ECJGJJE8vN2hIaE/62Sb6n8gY/4Ay2cYC8ubwyM
9tau8AYEDpcAM5Jnc1jXAIMzJUNrTgl1t7rr51/kXKTBup/3HkYrxGKXXucT7C+K
SrvgTepVoBvFaDEjowsnPV/ftOnNUStMR5TYaOOJ2sdXLRLNoUnWfckAoppeAjR/
HE+m8Nri1SIz9qG+a7LE/NBqiiku51yBPpEC6Ry3tXIgw7eMr5/ES12ZvTaXNLeb
EIDAwGluX0/usmTGnFLlpNT/6kuyhuhJgPFWc5Kq6aCNY2G4X2lPz8V4ilePAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUWuFc63Cso6eNohRHrGVTyTOoR9IwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzgzNTJlMzIzMDMyMmUzODMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM3MzEzMzM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VcpRMA0GCSqGSIb3DQEBCwUAA4IBAQAAcxO5gguPd6/7f3ZTYzFVkjLheEc7zRqL
uFH4mQ1QkfvmfdrkeZzzi5P1B3USesBwVySZ+W/wgV/6VBbq4xv9qWoTZi1CYNRP
lZ7noLsllBzAw7OIR7YepsgGlypWiIMePmq+eVqKxpb6Aa5bMtcq8OhG7b9ys4gK
gVgZn7PE7fB2AO6/33z5GZFZcXcRUaWQ3EmP4ca87hKgeQQqU9sA+0nDhbWcnbKl
9cNnkaG48OGW04OIxNng3LP1DWNZk07SHLFFn7zGJVc8BiXG8beGgpFLd2WRg9L2
5dxjszjUtwUmpR8wM2deP3bGrIAgWAJAi5PAQUOvp22MD2HNyhjz
-----END CERTIFICATE-----
Generated at Sun May 12 14:13:09 2024 by rpki-client on console-ams.rpki-client.org