Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3232392e302f32342d3332203d3e20313336373837.roa
File: 38352e3139302e3232392e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: MeQELkiCXEl4IpVXOn106LOp4iLdSAfKDuNt4CsmWQA=
Subject key identifier: 0D:B7:B3:5B:3E:DC:29:CA:E8:86:7B:AD:7C:6A:A5:6D:FF:E7:E7:D8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 410698B0684D2FCAB5F2CAD8629BA9C6965413C5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3232392e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:45:02 +0000
ROA not before: Mon 27 Jan 2025 09:40:02 +0000
ROA not after: Mon 26 Jan 2026 09:45:02 +0000
asID: 136787
IP address blocks: 85.190.229.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:06:98:b0:68:4d:2f:ca:b5:f2:ca:d8:62:9b:a9:c6:96:54:13:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:02 2025 GMT
Not After : Jan 26 09:45:02 2026 GMT
Subject: CN=0DB7B35B3EDC29CAE8867BAD7C6AA56DFFE7E7D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:da:ea:8b:66:26:2f:f2:3e:6c:71:0d:58:c7:
38:75:71:b2:35:fb:55:61:ef:51:93:0e:85:2b:83:
c4:d9:3a:75:a1:4c:3e:b9:0f:6c:de:e6:ef:3d:b4:
14:8a:7b:b6:1f:7b:0a:14:7f:ea:6d:25:98:fb:ec:
0c:e4:7c:8c:cd:54:63:6b:63:07:85:e1:78:93:7a:
9a:7f:7b:01:f7:b3:4a:69:36:86:4c:65:4c:fa:af:
e2:d9:9c:29:f5:e2:62:8c:cf:4a:52:a6:a1:0f:93:
bf:d1:ab:f0:50:16:25:d7:ed:13:a8:3d:2f:0e:a4:
a8:d6:3b:2f:c3:a8:0e:57:84:85:85:55:4b:13:b8:
85:94:17:43:11:cc:f1:ac:3c:b3:d5:95:48:11:0e:
ca:3f:d5:df:73:22:81:8e:9a:45:1c:c2:52:9f:e9:
16:7b:47:df:ce:d4:00:39:c3:6a:92:5b:f7:90:a1:
d3:c7:1a:f5:1a:86:02:2f:95:0a:14:67:e8:a5:a8:
33:85:5a:fe:54:ae:e9:70:0a:b1:ea:74:ec:b2:f0:
96:9f:56:f4:52:77:4d:d1:ff:24:1d:42:e5:72:6e:
fc:78:7c:8e:df:dc:78:71:bb:2f:9f:72:5e:6f:01:
fc:24:90:0e:43:80:73:bb:67:ec:3c:2a:78:d3:19:
e9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:B7:B3:5B:3E:DC:29:CA:E8:86:7B:AD:7C:6A:A5:6D:FF:E7:E7:D8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3232392e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.229.0/24
Signature Algorithm: sha256WithRSAEncryption
72:13:f1:3c:a2:70:d0:aa:49:58:3c:22:e4:b7:79:c0:41:88:
a1:96:b5:30:14:98:56:b3:00:70:a4:3e:3a:5b:a1:54:fd:50:
e0:26:6b:d5:30:de:b8:08:cc:20:52:6e:1a:7c:b4:3d:87:29:
1c:44:67:08:4b:f1:18:76:2c:99:aa:08:49:48:35:a6:43:8b:
11:d0:60:08:7f:93:f9:21:c1:0b:11:36:20:31:65:d2:9d:5f:
9d:16:77:40:96:eb:c2:1c:9c:f6:fb:db:10:c6:22:82:8a:1d:
e7:22:73:82:de:73:22:dd:65:f6:ec:64:35:24:ad:31:57:67:
68:1c:ce:fd:c7:23:49:04:f6:1c:f7:3b:1f:c0:33:d7:1e:bd:
54:4a:41:1d:0b:e4:d0:fa:d5:01:e8:7d:d3:4d:dc:c1:9d:79:
5e:44:82:6f:52:c2:9c:8f:b7:75:bc:17:9d:a3:70:c4:88:52:
e3:8c:6d:16:bc:28:4b:43:e6:ef:68:49:f1:23:28:d5:d8:c7:
2e:4d:82:c2:41:9b:b1:e1:2d:af:ff:ff:f4:67:fb:8a:97:06:
80:79:26:e2:09:a4:8c:a5:4b:f2:6d:9d:79:6f:ed:ce:c4:c2:
36:dc:3a:fc:a4:28:9a:84:9a:3b:9d:6d:73:eb:99:81:7e:7b:
a7:35:be:18
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQQaYsGhNL8q18srYYpupxpZUE8UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDJaFw0yNjAxMjYwOTQ1MDJaMDMxMTAvBgNV
BAMTKDBEQjdCMzVCM0VEQzI5Q0FFODg2N0JBRDdDNkFBNTZERkZFN0U3RDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF2uqLZiYv8j5scQ1Yxzh1cbI1
+1Vh71GTDoUrg8TZOnWhTD65D2ze5u89tBSKe7YfewoUf+ptJZj77AzkfIzNVGNr
YweF4XiTepp/ewH3s0ppNoZMZUz6r+LZnCn14mKMz0pSpqEPk7/Rq/BQFiXX7ROo
PS8OpKjWOy/DqA5XhIWFVUsTuIWUF0MRzPGsPLPVlUgRDso/1d9zIoGOmkUcwlKf
6RZ7R9/O1AA5w2qSW/eQodPHGvUahgIvlQoUZ+ilqDOFWv5UrulwCrHqdOyy8Jaf
VvRSd03R/yQdQuVybvx4fI7f3Hhxuy+fcl5vAfwkkA5DgHO7Z+w8KnjTGeknAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUDbezWz7cKcrohnutfGqlbf/n59gwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjMy
MzkyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVvuUwDQYJKoZIhvcNAQELBQADggEBAHIT8TyicNCqSVg8IuS3ecBBiKGWtTAU
mFazAHCkPjpboVT9UOAma9Uw3rgIzCBSbhp8tD2HKRxEZwhL8Rh2LJmqCElINaZD
ixHQYAh/k/khwQsRNiAxZdKdX50Wd0CW68IcnPb72xDGIoKKHecic4LecyLdZfbs
ZDUkrTFXZ2gczv3HI0kE9hz3Ox/AM9cevVRKQR0L5ND61QHofdNN3MGdeV5Egm9S
wpyPt3W8F52jcMSIUuOMbRa8KEtD5u9oSfEjKNXYxy5NgsJBm7HhLa////Rn+4qX
BoB5JuIJpIylS/JtnXlv7c7EwjbcOvykKJqEmjudbXPrmYF+e6c1vhg=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:28:30 2025 by rpki-client