Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233342e302f32342d3234203d3e20313336373837.roa
File: 38352e3139302e3233342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: aTYKxODlNH4PB7jJyk4jgWIa7hbv0Qfm6t0oHF6Gz5U=
Subject key identifier: 62:51:5E:49:E0:2E:28:61:6D:A5:00:69:47:A4:28:A0:9E:AF:A6:0C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 70B610BEC29370EB7BBB31A56638F7B746279E0E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233342e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 03 Apr 2024 19:03:26 +0000
ROA not before: Wed 03 Apr 2024 18:58:26 +0000
ROA not after: Wed 02 Apr 2025 19:03:26 +0000
asID: 136787
IP address blocks: 85.190.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:b6:10:be:c2:93:70:eb:7b:bb:31:a5:66:38:f7:b7:46:27:9e:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 3 18:58:26 2024 GMT
Not After : Apr 2 19:03:26 2025 GMT
Subject: CN=62515E49E02E28616DA5006947A428A09EAFA60C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f5:c5:14:b3:89:89:95:17:13:78:a2:58:27:
e4:50:13:9c:bb:9d:1a:6a:f0:28:26:9e:39:7b:15:
53:f8:55:45:26:e4:f0:e0:6d:87:90:26:60:12:cd:
d2:fc:a1:64:29:14:16:80:34:4e:0d:cc:8d:01:fe:
0b:8e:b1:96:66:f1:b0:cb:20:ce:fd:ed:dc:98:51:
91:9e:99:1d:2c:23:ff:c5:75:14:5e:1a:09:37:d1:
33:b7:00:b5:4f:b5:70:ae:75:80:55:66:9e:8c:2c:
6c:c0:de:d9:ab:b1:79:0f:5c:96:e9:de:72:e3:2a:
39:fe:65:b8:ea:78:71:11:3c:ab:4b:23:e1:c2:71:
3d:28:87:37:b0:11:88:dd:cd:42:7f:67:be:3a:24:
5f:03:f3:49:09:ea:74:28:60:8b:e5:06:f7:56:93:
f6:bf:df:1b:f0:f6:bf:54:93:5c:83:1e:48:4c:cc:
8d:14:7a:b3:2a:6f:f5:6d:05:6c:b4:ab:7d:04:2d:
85:bd:fd:dc:ac:00:81:09:73:ed:df:b6:65:50:70:
e1:69:fb:c5:9c:48:00:9e:14:c1:c8:51:31:1c:99:
21:77:57:a3:47:03:e8:3d:8f:e0:6b:05:36:96:6b:
62:10:6a:81:bc:c0:a6:45:d8:2f:e4:75:00:30:22:
e4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:51:5E:49:E0:2E:28:61:6D:A5:00:69:47:A4:28:A0:9E:AF:A6:0C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.234.0/24
Signature Algorithm: sha256WithRSAEncryption
10:1e:a1:90:c3:34:cf:63:57:37:d3:c1:5e:c4:e0:a6:ae:4d:
1c:95:b5:d1:b8:02:20:a1:75:00:34:67:d0:7a:e2:85:da:83:
30:c4:cb:bd:c9:35:71:50:38:0e:92:78:ec:b6:97:2f:e9:39:
7f:91:cb:84:c1:a8:ca:b9:a5:a7:da:7a:c2:dd:e3:ca:d7:4d:
6f:97:1d:a0:de:af:2d:dc:2a:40:04:9f:da:04:09:fa:a5:35:
5e:29:46:3c:33:64:f3:60:12:d6:dd:71:c0:4f:5e:f8:11:58:
83:06:2c:bc:f9:51:0e:39:b3:74:78:57:c5:80:78:70:41:49:
65:1c:72:ee:ef:53:ca:00:ce:f4:20:ad:00:7b:8c:9e:d2:2a:
18:b9:c3:07:da:52:38:52:e8:47:57:1c:ee:5d:d0:a4:ff:e3:
b6:59:66:84:3f:dc:3b:60:4c:8c:6e:4e:29:cc:24:1d:ca:74:
dd:52:62:38:1d:d2:00:01:bd:c9:84:eb:65:a3:aa:b7:6a:83:
a6:31:c4:8f:3c:f7:9b:f5:e2:5b:2a:b3:86:ea:a8:93:ab:c6:
f8:3c:d8:ff:e6:0f:9c:1c:2f:e6:4c:8e:a9:e6:b0:86:87:ec:
ce:43:0e:c8:24:3c:21:50:8c:a9:c3:b6:dd:94:ed:8e:21:14:
dc:33:df:7c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcLYQvsKTcOt7uzGlZjj3t0Ynng4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA0MDMxODU4MjZaFw0yNTA0MDIxOTAzMjZaMDMxMTAvBgNV
BAMTKDYyNTE1RTQ5RTAyRTI4NjE2REE1MDA2OTQ3QTQyOEEwOUVBRkE2MEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx9cUUs4mJlRcTeKJYJ+RQE5y7
nRpq8Cgmnjl7FVP4VUUm5PDgbYeQJmASzdL8oWQpFBaANE4NzI0B/guOsZZm8bDL
IM797dyYUZGemR0sI//FdRReGgk30TO3ALVPtXCudYBVZp6MLGzA3tmrsXkPXJbp
3nLjKjn+ZbjqeHERPKtLI+HCcT0ohzewEYjdzUJ/Z746JF8D80kJ6nQoYIvlBvdW
k/a/3xvw9r9Uk1yDHkhMzI0UerMqb/VtBWy0q30ELYW9/dysAIEJc+3ftmVQcOFp
+8WcSACeFMHIUTEcmSF3V6NHA+g9j+BrBTaWa2IQaoG8wKZF2C/kdQAwIuSZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUYlFeSeAuKGFtpQBpR6QooJ6vpgwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjMz
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVvuowDQYJKoZIhvcNAQELBQADggEBABAeoZDDNM9jVzfTwV7E4KauTRyVtdG4
AiChdQA0Z9B64oXagzDEy73JNXFQOA6SeOy2ly/pOX+Ry4TBqMq5pafaesLd48rX
TW+XHaDery3cKkAEn9oECfqlNV4pRjwzZPNgEtbdccBPXvgRWIMGLLz5UQ45s3R4
V8WAeHBBSWUccu7vU8oAzvQgrQB7jJ7SKhi5wwfaUjhS6EdXHO5d0KT/47ZZZoQ/
3DtgTIxuTinMJB3KdN1SYjgd0gABvcmE62Wjqrdqg6YxxI8895v14lsqs4bqqJOr
xvg82P/mD5wcL+ZMjqnmsIaH7M5DDsgkPCFQjKnDtt2U7Y4hFNwz33w=
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:24 2024 by rpki-client on console-fra.rpki-client.org