Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233322e302f32342d3234203d3e20323037313337.roa
File: 38352e3139302e3233322e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: QUwxE3c7yU07X8nI1g+QX+zanEDmCazCs23NlRTisSs=
Subject key identifier: 60:BB:87:00:8F:2D:E6:24:77:EB:A9:50:2D:DA:B4:02:5F:72:4C:71
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 31775BC8861479DFAAB4B48B9D99FD5472448640
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233322e302f32342d3234203d3e20323037313337.roa
Signing time: Mon 27 Jan 2025 09:45:00 +0000
ROA not before: Mon 27 Jan 2025 09:40:00 +0000
ROA not after: Mon 26 Jan 2026 09:45:00 +0000
asID: 207137
IP address blocks: 85.190.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:77:5b:c8:86:14:79:df:aa:b4:b4:8b:9d:99:fd:54:72:44:86:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:00 2025 GMT
Not After : Jan 26 09:45:00 2026 GMT
Subject: CN=60BB87008F2DE62477EBA9502DDAB4025F724C71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:b5:a1:2d:9f:b0:34:d5:76:8f:43:c3:a8:1c:
5e:50:63:e0:ce:1e:31:c0:d1:6a:e3:c8:ca:dd:25:
1f:e1:84:52:0d:b7:c6:76:fe:72:6f:51:18:65:0e:
a5:85:fd:4b:e7:81:77:e9:f1:56:50:1d:ef:04:00:
67:56:ce:e2:69:64:c5:14:08:b7:8d:2b:72:3e:c9:
fa:70:fb:79:8c:8d:fd:26:cb:ba:3c:d9:d7:c5:06:
e2:b5:e9:69:db:ff:9b:99:cf:ed:b1:b5:76:25:99:
00:be:9e:9b:5a:54:12:29:a5:aa:07:8e:48:12:79:
fe:ea:1a:48:bb:10:12:a3:ce:29:6a:b5:18:3d:39:
91:a4:25:b0:a8:7f:8c:bb:d8:3c:7d:f9:c8:0c:31:
d4:f5:8f:03:e7:d6:3d:92:5c:e8:5e:1a:7c:bb:46:
49:03:7f:ca:18:6a:1d:66:36:cb:a7:51:de:08:a8:
2d:21:83:b7:da:78:78:aa:90:a9:59:42:5c:21:fd:
2b:d7:d6:0b:f9:e1:54:c3:57:db:af:ff:d6:8b:0f:
f2:c6:7c:c1:2f:dd:fc:b8:12:97:b3:4f:3c:60:d4:
68:94:57:ea:e6:94:66:13:5c:91:1e:d8:a2:44:1f:
c3:71:e4:42:28:6e:07:c3:3e:0f:43:92:98:a0:e9:
e6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:BB:87:00:8F:2D:E6:24:77:EB:A9:50:2D:DA:B4:02:5F:72:4C:71
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233322e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.232.0/24
Signature Algorithm: sha256WithRSAEncryption
12:0b:77:5f:98:37:d1:ad:25:35:59:e9:ba:ab:bd:ea:13:1c:
6a:ed:0e:c0:74:f3:d5:28:06:93:de:f6:6c:ce:c9:3b:68:08:
92:07:4f:43:32:b3:b6:ad:2a:ad:06:18:f2:8a:f2:ce:f6:cb:
c6:e8:08:1e:89:db:82:cc:68:3d:1f:64:6f:f6:c1:5c:1a:45:
6d:e9:49:b5:9e:30:69:92:7a:d1:15:24:07:27:a8:22:06:be:
53:e4:e7:73:aa:27:03:09:a9:51:42:43:1b:00:9d:f1:c2:ad:
a5:7e:35:8e:3a:f5:bf:ab:84:8c:e1:3e:d5:2d:8a:db:98:d6:
c4:2a:34:13:32:a0:31:1a:9b:23:e2:52:06:8e:77:7e:c5:b9:
60:8f:0b:ff:87:1d:18:e6:7a:f3:3e:45:e5:c7:c7:30:f3:bc:
3c:d2:d2:50:cb:d8:e3:11:93:6a:68:26:5e:e7:f8:93:16:9e:
5c:fa:99:cb:61:1c:cb:86:ac:d6:3c:be:e6:53:da:18:2b:06:
11:1e:31:e8:d6:13:6e:ea:95:d5:3c:82:68:31:37:eb:62:42:
d2:91:68:4b:ee:6f:4c:69:62:5e:a4:80:93:e3:a3:6e:ad:97:
8b:e2:a3:e2:8f:f2:b8:05:8d:a6:38:28:49:65:03:24:a0:e6:
33:97:3a:0b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMXdbyIYUed+qtLSLnZn9VHJEhkAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDBaFw0yNjAxMjYwOTQ1MDBaMDMxMTAvBgNV
BAMTKDYwQkI4NzAwOEYyREU2MjQ3N0VCQTk1MDJEREFCNDAyNUY3MjRDNzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgtaEtn7A01XaPQ8OoHF5QY+DO
HjHA0WrjyMrdJR/hhFINt8Z2/nJvURhlDqWF/UvngXfp8VZQHe8EAGdWzuJpZMUU
CLeNK3I+yfpw+3mMjf0my7o82dfFBuK16Wnb/5uZz+2xtXYlmQC+nptaVBIppaoH
jkgSef7qGki7EBKjzilqtRg9OZGkJbCof4y72Dx9+cgMMdT1jwPn1j2SXOheGny7
RkkDf8oYah1mNsunUd4IqC0hg7faeHiqkKlZQlwh/SvX1gv54VTDV9uv/9aLD/LG
fMEv3fy4EpezTzxg1GiUV+rmlGYTXJEe2KJEH8Nx5EIobgfDPg9Dkpig6ebvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUYLuHAI8t5iR366lQLdq0Al9yTHEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjMz
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVvugwDQYJKoZIhvcNAQELBQADggEBABILd1+YN9GtJTVZ6bqrveoTHGrtDsB0
89UoBpPe9mzOyTtoCJIHT0Mys7atKq0GGPKK8s72y8boCB6J24LMaD0fZG/2wVwa
RW3pSbWeMGmSetEVJAcnqCIGvlPk53OqJwMJqVFCQxsAnfHCraV+NY469b+rhIzh
PtUtituY1sQqNBMyoDEamyPiUgaOd37FuWCPC/+HHRjmevM+ReXHxzDzvDzS0lDL
2OMRk2poJl7n+JMWnlz6mcthHMuGrNY8vuZT2hgrBhEeMejWE27qldU8gmgxN+ti
QtKRaEvub0xpYl6kgJPjo26tl4vio+KP8rgFjaY4KEllAySg5jOXOgs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:07:53 2025 by rpki-client