Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233332e302f32342d3234203d3e20323037313337.roa
File: 38352e3139302e3233332e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: p/RUQl2X0PABcSRf9gkNsPZEWkAxMrEK6QD4H1WIkoE=
Subject key identifier: 4A:B2:D7:3B:8A:46:8E:ED:19:EF:A7:12:E7:B1:4C:38:76:3D:BD:2B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 77325975BC4FB5B6DD6750EA598C618AFBBA0635
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233332e302f32342d3234203d3e20323037313337.roa
Signing time: Mon 27 Jan 2025 09:45:02 +0000
ROA not before: Mon 27 Jan 2025 09:40:02 +0000
ROA not after: Mon 26 Jan 2026 09:45:02 +0000
asID: 207137
IP address blocks: 85.190.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:32:59:75:bc:4f:b5:b6:dd:67:50:ea:59:8c:61:8a:fb:ba:06:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:02 2025 GMT
Not After : Jan 26 09:45:02 2026 GMT
Subject: CN=4AB2D73B8A468EED19EFA712E7B14C38763DBD2B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:13:03:15:d5:66:16:f1:1a:71:cd:5d:2e:1f:
bc:a0:51:b1:22:0b:c5:0c:8d:96:3c:e2:c0:1a:87:
fb:b7:25:d4:e5:6a:ae:88:cb:b9:c0:55:34:1c:f4:
d7:4d:55:9c:5e:d1:7b:69:d9:d0:99:93:b5:cf:79:
4d:c3:13:44:2f:eb:98:67:24:f6:7a:13:56:ac:e8:
97:03:c4:72:80:dc:56:aa:51:1c:ad:a6:3f:50:40:
bc:ce:b0:bc:b8:a4:7f:37:05:c9:f7:96:eb:d6:4e:
98:d4:c0:39:77:14:fd:97:08:56:6f:83:a2:2a:27:
66:37:ac:a8:1c:a4:68:ca:0f:08:7b:1b:17:5f:b7:
05:94:f2:cf:3b:31:10:85:3f:fa:d1:ba:ca:13:f9:
95:25:04:1e:fe:04:0f:e7:29:d1:56:11:7d:79:c4:
5a:fa:91:2d:f7:15:24:a4:22:af:b1:19:92:23:4f:
f2:19:9e:d0:c9:61:b8:00:a1:7b:55:39:60:16:85:
eb:c1:eb:ac:33:23:82:f0:a8:bd:2e:5b:b3:9e:52:
de:f3:c8:22:1e:ef:fc:9f:ac:03:18:85:d6:6e:e5:
35:50:32:78:30:76:01:6f:0b:f3:9c:9a:3e:2f:bd:
fd:02:b5:8c:da:73:3a:f3:05:1f:22:f7:44:b3:e9:
ea:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:B2:D7:3B:8A:46:8E:ED:19:EF:A7:12:E7:B1:4C:38:76:3D:BD:2B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233332e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.233.0/24
Signature Algorithm: sha256WithRSAEncryption
83:39:25:61:9c:ce:61:70:8d:ed:db:0c:4e:fb:e9:03:30:37:
fa:79:b3:bf:20:10:6b:1a:60:fa:33:47:35:cf:11:51:5e:ca:
83:9d:ef:53:53:64:92:1c:dd:b9:2e:e0:bd:3a:7d:01:bc:35:
a3:07:2e:64:87:e7:94:f9:71:01:a0:3d:d7:3f:b2:22:b9:f9:
b0:82:40:17:ae:46:72:b9:57:24:34:38:00:eb:30:69:2e:ca:
21:1a:bc:fc:d4:68:3f:23:a7:37:49:a0:65:d7:0d:38:94:15:
fd:d2:7f:0c:10:2f:e6:7b:f5:2f:10:2b:ea:c5:6a:fe:c4:12:
f2:68:7b:67:2e:a0:ac:a5:de:a9:ae:e4:2a:a4:64:f9:56:2c:
55:10:ee:cc:97:a2:52:52:99:ee:1d:34:13:1e:d6:de:74:9b:
0f:d0:29:4e:7d:2f:96:ae:5d:ec:58:07:8b:d2:68:50:d3:72:
3c:23:cd:b0:f5:45:38:55:b9:06:42:6a:fb:a4:0a:bc:5d:d1:
e0:02:d3:ca:29:dd:d5:a6:84:ab:fe:56:41:51:50:c2:1a:31:
4a:44:5d:84:79:2d:39:6a:e1:06:a3:e7:79:de:f7:9f:53:6b:
84:40:d4:86:72:58:a6:a3:6a:2b:49:55:86:d8:ea:5c:00:f0:
85:9e:bd:29
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdzJZdbxPtbbdZ1DqWYxhivu6BjUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDJaFw0yNjAxMjYwOTQ1MDJaMDMxMTAvBgNV
BAMTKDRBQjJENzNCOEE0NjhFRUQxOUVGQTcxMkU3QjE0QzM4NzYzREJEMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnEwMV1WYW8RpxzV0uH7ygUbEi
C8UMjZY84sAah/u3JdTlaq6Iy7nAVTQc9NdNVZxe0Xtp2dCZk7XPeU3DE0Qv65hn
JPZ6E1as6JcDxHKA3FaqURytpj9QQLzOsLy4pH83Bcn3luvWTpjUwDl3FP2XCFZv
g6IqJ2Y3rKgcpGjKDwh7GxdftwWU8s87MRCFP/rRusoT+ZUlBB7+BA/nKdFWEX15
xFr6kS33FSSkIq+xGZIjT/IZntDJYbgAoXtVOWAWhevB66wzI4LwqL0uW7OeUt7z
yCIe7/yfrAMYhdZu5TVQMngwdgFvC/Ocmj4vvf0CtYzaczrzBR8i90Sz6epxAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUSrLXO4pGju0Z76cS57FMOHY9vSswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjMz
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVvukwDQYJKoZIhvcNAQELBQADggEBAIM5JWGczmFwje3bDE776QMwN/p5s78g
EGsaYPozRzXPEVFeyoOd71NTZJIc3bku4L06fQG8NaMHLmSH55T5cQGgPdc/siK5
+bCCQBeuRnK5VyQ0OADrMGkuyiEavPzUaD8jpzdJoGXXDTiUFf3SfwwQL+Z79S8Q
K+rFav7EEvJoe2cuoKyl3qmu5CqkZPlWLFUQ7syXolJSme4dNBMe1t50mw/QKU59
L5auXexYB4vSaFDTcjwjzbD1RThVuQZCavukCrxd0eAC08op3dWmhKv+VkFRUMIa
MUpEXYR5LTlq4Qaj53ne959Ta4RA1IZyWKajaitJVYbY6lwA8IWevSk=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:30:26 2025 by rpki-client