Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/38352e3230322e38322e302f32342d3332203d3e203536383736.roa
File: 38352e3230322e38322e302f32342d3332203d3e203536383736.roa (raw, json)
Hash identifier: pke8GYLUa+TyzEr/m1hudHh2+9oVTDbfWM1dbeKfVvU=
Subject key identifier: AB:3D:44:1F:98:5E:6B:3C:94:22:20:43:05:DB:F8:01:DE:32:95:3C
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 5225B523746B9FDBCA0EABD4FC17261AF89550F0
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/38352e3230322e38322e302f32342d3332203d3e203536383736.roa
Signing time: Mon 26 Feb 2024 08:52:50 +0000
ROA not before: Mon 26 Feb 2024 08:47:50 +0000
ROA not after: Mon 24 Feb 2025 08:52:50 +0000
asID: 56876
IP address blocks: 85.202.82.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:25:b5:23:74:6b:9f:db:ca:0e:ab:d4:fc:17:26:1a:f8:95:50:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:50 2024 GMT
Not After : Feb 24 08:52:50 2025 GMT
Subject: CN=AB3D441F985E6B3C9422204305DBF801DE32953C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8b:b5:30:a3:94:69:26:29:8f:b9:a0:7d:e6:
6a:0c:59:08:3e:ad:2f:28:0f:3f:4f:b9:eb:4d:ce:
f3:88:a0:9b:26:bb:8c:4f:78:3d:35:c4:2e:82:1f:
b6:85:04:6a:bf:22:7a:b4:90:a3:dc:5c:48:bb:12:
8d:b6:87:b0:95:88:b5:f4:98:39:25:ae:d2:e5:ea:
d3:44:35:bd:30:a7:71:6c:08:82:87:19:2a:91:98:
37:e0:e0:e6:1c:eb:97:c5:05:61:44:aa:32:aa:4e:
cd:95:ef:b5:6f:11:69:37:68:b5:f6:0b:67:15:b4:
fa:48:cd:85:9b:89:5c:f2:54:31:2e:3a:ad:c2:5b:
60:88:da:57:d4:40:06:22:01:62:35:85:83:43:33:
e6:7f:6c:a6:66:6e:7c:21:1a:16:4a:6a:7e:fc:76:
4a:95:6a:fd:9a:b9:54:e2:dd:c3:0c:8f:77:a4:de:
87:42:6b:ab:bf:eb:94:8d:c5:e0:38:93:20:23:b4:
32:31:27:94:90:8d:b1:3d:b9:e7:ff:89:d1:19:50:
32:6b:9b:41:71:a2:c8:9e:56:5f:ea:07:b2:60:5d:
f1:1e:17:b3:c3:79:8a:df:77:95:1e:b9:0f:07:f2:
e2:2d:fc:05:0c:37:16:05:a5:6a:51:ec:02:51:1c:
38:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:3D:44:1F:98:5E:6B:3C:94:22:20:43:05:DB:F8:01:DE:32:95:3C
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/38352e3230322e38322e302f32342d3332203d3e203536383736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.82.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:62:8e:32:8b:2f:24:00:1e:90:c2:31:b2:0a:16:b9:ac:a2:
4e:2b:2a:a9:f6:b0:0d:21:17:1f:5f:c9:8a:ba:2c:25:8a:ca:
87:5e:59:c8:93:34:30:49:96:19:40:c5:8a:fc:32:d4:61:92:
ff:04:41:ad:f1:82:6b:e8:91:c5:63:00:98:e1:f7:93:86:5c:
4b:70:cf:9f:14:97:54:53:6d:8a:a7:47:7d:9c:50:bd:2c:07:
2c:8c:9a:2f:58:48:a4:5c:12:ff:ad:1a:b2:f9:be:5e:67:98:
0b:cd:37:48:24:93:59:bb:6c:26:48:4e:92:cc:ce:4d:17:c6:
3f:55:8a:f1:dc:41:7b:57:c6:9f:33:3d:34:7c:16:7a:4d:59:
25:54:0e:b4:4b:d0:de:f8:65:5e:f4:fe:b1:82:d3:5a:3e:44:
62:62:4c:e1:0c:31:5e:3d:36:90:d7:c0:9a:88:e3:18:fe:06:
34:de:08:35:52:e2:91:86:17:91:b6:e3:86:72:a7:3e:45:ea:
d2:8b:a6:02:25:35:1c:24:46:04:cb:69:83:a7:30:41:e8:ff:
de:11:38:c3:3c:3c:65:7f:54:ea:6c:8b:3d:2d:b1:1d:6c:d1:
b0:72:7a:ef:92:35:43:03:05:99:43:3b:5d:0f:9a:47:4d:0c:
fa:5f:bf:e1
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUUiW1I3Rrn9vKDqvU/BcmGviVUPAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NTBaFw0yNTAyMjQwODUyNTBaMDMxMTAvBgNV
BAMTKEFCM0Q0NDFGOTg1RTZCM0M5NDIyMjA0MzA1REJGODAxREUzMjk1M0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9i7Uwo5RpJimPuaB95moMWQg+
rS8oDz9PuetNzvOIoJsmu4xPeD01xC6CH7aFBGq/Inq0kKPcXEi7Eo22h7CViLX0
mDklrtLl6tNENb0wp3FsCIKHGSqRmDfg4OYc65fFBWFEqjKqTs2V77VvEWk3aLX2
C2cVtPpIzYWbiVzyVDEuOq3CW2CI2lfUQAYiAWI1hYNDM+Z/bKZmbnwhGhZKan78
dkqVav2auVTi3cMMj3ek3odCa6u/65SNxeA4kyAjtDIxJ5SQjbE9uef/idEZUDJr
m0FxosieVl/qB7JgXfEeF7PDeYrfd5UeuQ8H8uIt/AUMNxYFpWpR7AJRHDiVAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUqz1EH5heazyUIiBDBdv4Ad4ylTwwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzgzNTJlMzIzMDMyMmUzODMy
MmUzMDJmMzIzNDJkMzMzMjIwM2QzZTIwMzUzNjM4MzczNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXK
UjANBgkqhkiG9w0BAQsFAAOCAQEAO2KOMosvJAAekMIxsgoWuayiTisqqfawDSEX
H1/JirosJYrKh15ZyJM0MEmWGUDFivwy1GGS/wRBrfGCa+iRxWMAmOH3k4ZcS3DP
nxSXVFNtiqdHfZxQvSwHLIyaL1hIpFwS/60asvm+XmeYC803SCSTWbtsJkhOkszO
TRfGP1WK8dxBe1fGnzM9NHwWek1ZJVQOtEvQ3vhlXvT+sYLTWj5EYmJM4QwxXj02
kNfAmojjGP4GNN4INVLikYYXkbbjhnKnPkXq0oumAiU1HCRGBMtpg6cwQej/3hE4
wzw8ZX9U6myLPS2xHWzRsHJ675I1QwMFmUM7XQ+aR00M+l+/4Q==
-----END CERTIFICATE-----
Generated at Mon May 13 09:30:59 2024 by rpki-client on console-fra.rpki-client.org