Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233352e302f32342d3234203d3e20313336373837.roa
File: 38352e3139302e3233352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: rEz5xKI4oj+r40QwJVvyrM2Q1hqWXDw50LM8bwvmJcE=
Subject key identifier: C7:1E:A4:37:61:9B:5C:7A:3D:4A:CB:AC:33:8E:DE:87:EB:F3:45:76
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7159608575FDBD4311D0CAEDB312EEF9A270B9AD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233352e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:19 +0000
ROA not before: Sun 27 Oct 2024 20:00:19 +0000
ROA not after: Sun 26 Oct 2025 20:05:19 +0000
asID: 136787
IP address blocks: 85.190.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:59:60:85:75:fd:bd:43:11:d0:ca:ed:b3:12:ee:f9:a2:70:b9:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:19 2024 GMT
Not After : Oct 26 20:05:19 2025 GMT
Subject: CN=C71EA437619B5C7A3D4ACBAC338EDE87EBF34576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:72:78:f0:c6:3a:45:c6:aa:c5:7a:f4:02:ca:
e0:0d:43:87:a3:de:91:84:3f:ee:52:25:9a:de:57:
33:f5:4e:32:15:9b:06:1e:40:b5:3e:8c:68:22:da:
c5:9b:d1:13:bf:64:f6:9c:38:e2:0c:6c:89:16:7b:
37:fc:48:62:c4:10:bb:fd:ec:99:1e:99:01:4e:09:
c9:78:15:9f:88:90:76:dc:43:b8:ad:4f:76:49:57:
a5:66:0b:7d:bd:df:47:83:df:52:a2:26:2b:44:df:
b5:a7:04:ca:6f:c6:ee:0c:b3:d0:eb:18:92:99:32:
1f:7f:17:69:b3:e1:30:96:15:c6:0a:84:b2:88:96:
c3:82:2a:7d:81:03:3e:c5:cd:bc:d5:c8:0b:35:b0:
33:b3:2e:55:3f:a8:80:34:9f:b6:a3:cb:9d:05:48:
f3:db:be:a2:a2:bf:ec:32:53:04:75:b0:f1:87:a0:
8c:03:44:37:d4:b6:e1:20:50:fd:ed:de:e5:a2:0f:
88:ce:6d:73:8f:39:3d:50:61:3b:41:eb:f1:03:17:
17:57:62:97:a4:92:b4:96:52:d0:03:68:95:45:0c:
f6:de:e7:24:64:0a:2d:ab:77:39:1f:9e:e9:63:40:
5f:66:e0:4e:4e:1e:04:54:a5:2e:f1:07:3c:42:36:
e0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:1E:A4:37:61:9B:5C:7A:3D:4A:CB:AC:33:8E:DE:87:EB:F3:45:76
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.235.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:a2:a2:67:4f:de:80:b1:80:e4:60:b5:92:dd:05:df:af:29:
9c:76:bb:0d:01:7c:5a:6e:e8:bb:46:42:5c:1e:16:1d:70:09:
64:9b:b9:13:de:9a:f9:58:d5:4a:16:bd:4f:03:16:b0:f7:ca:
f9:5e:7f:30:9d:0d:47:0c:d7:7b:16:0b:71:39:0d:f0:f8:8f:
9b:2f:bd:ff:50:b2:79:3e:90:3f:8c:e4:4a:99:05:8a:8b:ed:
99:55:8d:2a:31:34:50:93:01:3b:a1:3d:7a:bc:38:0f:9b:d4:
48:1f:fa:7d:44:68:be:ed:e3:69:4e:1b:e6:60:07:2f:ab:13:
de:10:19:a1:eb:35:e5:92:a9:16:d6:73:16:a0:02:74:09:0a:
1c:cb:3b:07:1b:d5:e7:f6:fd:8d:94:b8:ad:ca:73:83:43:b6:
37:3a:2c:e8:60:ab:c2:75:38:c7:d0:5b:48:c3:e7:98:0b:23:
34:e2:0d:4c:f0:0c:73:fe:4f:11:ce:f5:64:00:2a:02:be:db:
5b:f3:b3:cc:e0:ec:30:07:1e:06:aa:2a:e2:95:12:01:66:d1:
2d:47:cd:62:6a:a4:2c:fc:d1:f5:7b:dc:20:46:23:dd:ff:e9:
f7:71:35:8e:73:1b:fe:91:31:8d:b0:dd:ac:3a:55:93:0e:75:
a0:2a:d0:21
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcVlghXX9vUMR0MrtsxLu+aJwua0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMTlaFw0yNTEwMjYyMDA1MTlaMDMxMTAvBgNV
BAMTKEM3MUVBNDM3NjE5QjVDN0EzRDRBQ0JBQzMzOEVERTg3RUJGMzQ1NzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKcnjwxjpFxqrFevQCyuANQ4ej
3pGEP+5SJZreVzP1TjIVmwYeQLU+jGgi2sWb0RO/ZPacOOIMbIkWezf8SGLEELv9
7JkemQFOCcl4FZ+IkHbcQ7itT3ZJV6VmC32930eD31KiJitE37WnBMpvxu4Ms9Dr
GJKZMh9/F2mz4TCWFcYKhLKIlsOCKn2BAz7FzbzVyAs1sDOzLlU/qIA0n7ajy50F
SPPbvqKiv+wyUwR1sPGHoIwDRDfUtuEgUP3t3uWiD4jObXOPOT1QYTtB6/EDFxdX
YpekkrSWUtADaJVFDPbe5yRkCi2rdzkfnuljQF9m4E5OHgRUpS7xBzxCNuAHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUxx6kN2GbXHo9SsusM47eh+vzRXYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjMz
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVvuswDQYJKoZIhvcNAQELBQADggEBAEyiomdP3oCxgORgtZLdBd+vKZx2uw0B
fFpu6LtGQlweFh1wCWSbuRPemvlY1UoWvU8DFrD3yvlefzCdDUcM13sWC3E5DfD4
j5svvf9Qsnk+kD+M5EqZBYqL7ZlVjSoxNFCTATuhPXq8OA+b1Egf+n1EaL7t42lO
G+ZgBy+rE94QGaHrNeWSqRbWcxagAnQJChzLOwcb1ef2/Y2UuK3Kc4NDtjc6LOhg
q8J1OMfQW0jD55gLIzTiDUzwDHP+TxHO9WQAKgK+21vzs8zg7DAHHgaqKuKVEgFm
0S1HzWJqpCz80fV73CBGI93/6fdxNY5zG/6RMY2w3aw6VZMOdaAq0CE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org