Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233352e302f32342d3234203d3e20313336373837.roa
File: 38352e3139302e3233352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 6aBktomFMeY4W/0ja9pJJX7U/Xoew7IrfN4mdd+3t9M=
Subject key identifier: 8F:E0:BE:32:F1:27:D9:4D:3B:40:F0:F7:42:04:08:CC:0D:C8:98:19
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 21A99478589025E425805D1ED621B72455659DD7
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233352e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:48:45 +0000
ROA not before: Sun 26 Nov 2023 19:43:45 +0000
ROA not after: Sun 24 Nov 2024 19:48:45 +0000
asID: 136787
IP address blocks: 85.190.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:a9:94:78:58:90:25:e4:25:80:5d:1e:d6:21:b7:24:55:65:9d:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:43:45 2023 GMT
Not After : Nov 24 19:48:45 2024 GMT
Subject: CN=8FE0BE32F127D94D3B40F0F7420408CC0DC89819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:51:cd:5b:02:52:66:da:49:45:16:5b:80:be:
9f:e7:6f:01:4a:8c:ce:2e:8e:b0:d8:32:d8:f3:0f:
1e:a2:c5:64:dc:75:e3:fc:ec:f2:e7:39:08:0e:87:
09:b0:24:d7:31:32:fb:7f:35:cd:91:63:bb:db:67:
9e:75:90:71:2e:e2:5f:54:bf:6d:6d:a5:ed:c5:a3:
74:d9:41:f8:53:a5:48:ba:f6:31:53:2f:ce:a8:b8:
cc:c8:70:a0:d2:e9:a1:ec:cf:f6:7d:16:45:68:2a:
e6:f1:fe:c9:89:5d:d0:6f:0f:c3:b6:9a:9c:4d:57:
05:bb:17:af:f2:0d:77:f5:5a:87:14:aa:46:f0:c6:
b5:b4:9f:86:5d:9d:1e:c0:2b:79:d7:19:d3:5e:5a:
61:fd:92:e5:b8:ee:bc:ff:78:15:b4:4e:84:ec:4a:
8f:d5:e0:0d:40:52:d8:8f:a5:85:04:07:d4:ad:58:
7e:a7:ea:14:bf:7d:7b:92:26:4f:56:b6:de:e3:b4:
17:6e:8a:0f:40:d0:f0:98:48:06:f2:6b:89:42:7f:
c8:4a:27:ea:25:44:0f:ee:79:e9:62:5b:68:d7:f8:
7e:25:d1:cd:0d:5e:23:7b:fd:be:c2:41:e6:3a:e5:
34:b0:fc:b5:0d:c5:8a:1b:b0:f6:40:38:6c:0a:e9:
07:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:E0:BE:32:F1:27:D9:4D:3B:40:F0:F7:42:04:08:CC:0D:C8:98:19
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.235.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:e7:d5:3d:88:90:35:d0:88:77:a7:9f:fd:84:be:da:65:cb:
57:17:2b:a0:04:43:8d:b2:6f:32:cf:e6:c1:9e:df:24:20:e3:
25:ef:8a:03:c3:e4:47:e4:1d:8d:92:27:a6:3e:96:c2:bf:c2:
f2:20:13:db:a9:c8:0f:cb:79:6c:1c:5f:04:2c:fa:b0:1d:43:
57:d2:84:1d:d8:be:d0:f9:00:34:a4:ca:46:5d:43:ef:8e:35:
2d:80:c9:0b:db:96:81:aa:92:cd:1d:ab:b1:db:22:9c:3a:6e:
de:ad:87:dd:ae:69:7b:55:70:a7:b6:16:89:2d:cb:38:d8:12:
99:18:e7:9b:50:f1:14:c7:06:d8:70:e1:86:f7:47:ce:d0:0f:
b8:b5:6c:3a:33:e5:b2:d2:9e:35:13:bb:cf:c3:8d:f1:d3:74:
cd:aa:8b:fa:71:6b:46:b0:ce:bb:2b:b7:be:98:64:60:17:f5:
03:43:0a:32:24:79:6d:32:64:41:c4:b0:72:8e:0e:81:84:e5:
1e:df:d4:a2:b6:ef:f0:d7:4d:f8:2d:5a:01:d5:a4:81:b1:d0:
76:04:2c:d0:d8:4e:78:39:4c:f8:81:3f:6c:29:60:93:cc:57:
e8:5c:9c:ce:67:54:80:21:06:18:02:1f:98:1d:d1:b4:8a:ef:
b5:38:e7:eb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIamUeFiQJeQlgF0e1iG3JFVlndcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQzNDVaFw0yNDExMjQxOTQ4NDVaMDMxMTAvBgNV
BAMTKDhGRTBCRTMyRjEyN0Q5NEQzQjQwRjBGNzQyMDQwOENDMERDODk4MTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDUc1bAlJm2klFFluAvp/nbwFK
jM4ujrDYMtjzDx6ixWTcdeP87PLnOQgOhwmwJNcxMvt/Nc2RY7vbZ551kHEu4l9U
v21tpe3Fo3TZQfhTpUi69jFTL86ouMzIcKDS6aHsz/Z9FkVoKubx/smJXdBvD8O2
mpxNVwW7F6/yDXf1WocUqkbwxrW0n4ZdnR7AK3nXGdNeWmH9kuW47rz/eBW0ToTs
So/V4A1AUtiPpYUEB9StWH6n6hS/fXuSJk9Wtt7jtBduig9A0PCYSAbya4lCf8hK
J+olRA/ueeliW2jX+H4l0c0NXiN7/b7CQeY65TSw/LUNxYobsPZAOGwK6QerAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUj+C+MvEn2U07QPD3QgQIzA3ImBkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjMz
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVvuswDQYJKoZIhvcNAQELBQADggEBAI3n1T2IkDXQiHenn/2Evtply1cXK6AE
Q42ybzLP5sGe3yQg4yXvigPD5EfkHY2SJ6Y+lsK/wvIgE9upyA/LeWwcXwQs+rAd
Q1fShB3YvtD5ADSkykZdQ++ONS2AyQvbloGqks0dq7HbIpw6bt6th92uaXtVcKe2
FoktyzjYEpkY55tQ8RTHBthw4Yb3R87QD7i1bDoz5bLSnjUTu8/DjfHTdM2qi/px
a0awzrsrt76YZGAX9QNDCjIkeW0yZEHEsHKODoGE5R7f1KK27/DXTfgtWgHVpIGx
0HYELNDYTng5TPiBP2wpYJPMV+hcnM5nVIAhBhgCH5gd0bSK77U45+s=
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:26 2024 by rpki-client on console-fra.rpki-client.org