Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3232392e302f32342d3332203d3e20313336373837.roa
File: 38352e3139302e3232392e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: snULvHLUDsV2rasAl0HXuU6znT1miKCk/7ws+tJWwzk=
Subject key identifier: AD:E0:DA:89:C9:78:CC:0F:BB:81:E1:3F:C2:A8:50:6D:76:86:03:57
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 626061AA5F87CE1D01E9458153ABA78B1D633A67
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3232392e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:33 +0000
ROA not before: Mon 26 Feb 2024 08:48:33 +0000
ROA not after: Mon 24 Feb 2025 08:53:33 +0000
asID: 136787
IP address blocks: 85.190.229.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:60:61:aa:5f:87:ce:1d:01:e9:45:81:53:ab:a7:8b:1d:63:3a:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:33 2024 GMT
Not After : Feb 24 08:53:33 2025 GMT
Subject: CN=ADE0DA89C978CC0FBB81E13FC2A8506D76860357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:bc:d0:fb:a0:aa:9c:36:ee:ea:39:5a:d9:56:
44:2f:6f:77:89:e6:9c:40:98:5e:6a:37:f0:bb:83:
f4:85:05:b8:0e:53:72:8b:9f:aa:1a:2d:f6:6d:76:
84:c3:38:25:d0:9a:08:b4:01:23:0c:86:32:58:95:
d2:26:79:51:e4:f3:aa:5f:c5:22:31:bf:9f:68:4d:
71:05:f6:12:72:91:5c:6b:40:8e:2c:cb:c6:05:76:
ca:5e:ab:fd:3e:a1:a0:e2:ea:d0:21:9e:a5:45:56:
12:83:94:2b:8c:14:1b:b5:9b:cc:32:3f:5e:0c:f6:
f3:b7:5f:b3:2d:c2:9d:35:55:5d:a5:eb:f8:31:39:
42:7a:60:26:25:08:3e:cb:f6:48:6f:84:a5:23:ac:
64:42:47:bd:05:95:3c:1b:b0:11:d7:14:2f:04:f9:
8b:ba:b4:c5:1a:ee:b8:3e:7d:1c:ed:eb:dc:43:94:
fe:9a:82:48:3a:2b:86:61:44:a2:36:22:1d:10:bf:
9f:0e:4f:55:89:f3:8c:0f:dd:3b:39:8d:df:96:6c:
ea:e0:15:c2:b7:d6:7f:d2:50:08:c7:c8:56:67:49:
57:f3:50:73:a9:23:de:9f:1f:d1:38:e2:86:2a:43:
60:23:2f:26:04:3c:a5:4f:1f:36:bb:84:40:65:03:
23:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:E0:DA:89:C9:78:CC:0F:BB:81:E1:3F:C2:A8:50:6D:76:86:03:57
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3232392e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.229.0/24
Signature Algorithm: sha256WithRSAEncryption
86:b4:69:ea:46:86:06:4e:59:a2:ea:a3:80:e8:4a:3f:39:b0:
34:de:ad:57:87:fd:8e:1e:de:1e:da:c0:37:e1:7d:78:8b:79:
03:fb:e7:98:20:5d:28:80:67:4c:e9:fb:da:da:16:12:68:26:
d1:89:46:a5:ef:38:02:ed:38:7c:51:ae:97:f3:1e:bf:0b:46:
30:fe:8a:01:e3:d5:37:6c:9f:d4:f2:95:89:f5:97:ab:f2:32:
b4:37:16:2c:28:07:28:e1:30:e1:51:4b:66:7f:9f:19:85:10:
9c:00:68:cb:3d:ed:29:02:ff:49:1a:dc:02:10:1a:2f:b3:7d:
24:bd:b3:57:d2:53:97:11:33:f5:62:fe:1a:03:09:44:66:da:
5a:04:23:54:e0:35:1e:d4:5a:cb:ae:a7:95:08:4d:27:a9:09:
92:19:41:c0:aa:22:41:20:da:d2:5d:f6:d9:53:39:f4:6a:21:
30:e9:45:fe:26:29:0a:84:e0:6b:67:85:02:91:44:21:80:fa:
52:26:2f:7a:98:20:45:1f:5d:3b:25:d8:99:dc:d9:36:f7:88:
88:9f:47:a2:67:10:34:1f:d3:6e:d0:98:a1:c6:53:4c:a5:bd:
6f:a9:32:9a:e8:80:1a:61:e6:a9:35:61:cd:a7:9b:d0:97:c5:
cd:6f:6c:f3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYmBhql+Hzh0B6UWBU6unix1jOmcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MzNaFw0yNTAyMjQwODUzMzNaMDMxMTAvBgNV
BAMTKEFERTBEQTg5Qzk3OENDMEZCQjgxRTEzRkMyQTg1MDZENzY4NjAzNTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrvND7oKqcNu7qOVrZVkQvb3eJ
5pxAmF5qN/C7g/SFBbgOU3KLn6oaLfZtdoTDOCXQmgi0ASMMhjJYldImeVHk86pf
xSIxv59oTXEF9hJykVxrQI4sy8YFdspeq/0+oaDi6tAhnqVFVhKDlCuMFBu1m8wy
P14M9vO3X7Mtwp01VV2l6/gxOUJ6YCYlCD7L9khvhKUjrGRCR70FlTwbsBHXFC8E
+Yu6tMUa7rg+fRzt69xDlP6agkg6K4ZhRKI2Ih0Qv58OT1WJ84wP3Ts5jd+WbOrg
FcK31n/SUAjHyFZnSVfzUHOpI96fH9E44oYqQ2AjLyYEPKVPHza7hEBlAyPtAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUreDaicl4zA+7geE/wqhQbXaGA1cwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjMy
MzkyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVvuUwDQYJKoZIhvcNAQELBQADggEBAIa0aepGhgZOWaLqo4DoSj85sDTerVeH
/Y4e3h7awDfhfXiLeQP755ggXSiAZ0zp+9raFhJoJtGJRqXvOALtOHxRrpfzHr8L
RjD+igHj1Tdsn9TylYn1l6vyMrQ3FiwoByjhMOFRS2Z/nxmFEJwAaMs97SkC/0ka
3AIQGi+zfSS9s1fSU5cRM/Vi/hoDCURm2loEI1TgNR7UWsuup5UITSepCZIZQcCq
IkEg2tJd9tlTOfRqITDpRf4mKQqE4GtnhQKRRCGA+lImL3qYIEUfXTsl2Jnc2Tb3
iIifR6JnEDQf027QmKHGU0ylvW+pMprogBph5qk1Yc2nm9CXxc1vbPM=
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:54 2024 by rpki-client on console-ams.rpki-client.org