Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233362e302f32342d3234203d3e20313336373837.roa
File: 38352e3139302e3233362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: ulncvs5O04JzWlLcJ+gs/V/PgQQ8QONXGyqekTU9WDc=
Subject key identifier: DB:E1:9C:00:1A:F8:65:CC:F6:1B:E2:5A:0E:99:08:17:42:58:2C:C8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1F7E079F1D755DBB9A2CD71CE08EA948289BFDC0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233362e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:48:50 +0000
ROA not before: Sun 26 Nov 2023 19:43:50 +0000
ROA not after: Sun 24 Nov 2024 19:48:50 +0000
asID: 136787
IP address blocks: 85.190.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:7e:07:9f:1d:75:5d:bb:9a:2c:d7:1c:e0:8e:a9:48:28:9b:fd:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:43:50 2023 GMT
Not After : Nov 24 19:48:50 2024 GMT
Subject: CN=DBE19C001AF865CCF61BE25A0E99081742582CC8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:cc:c5:74:db:bc:50:b3:78:7a:f2:59:46:0e:
99:bf:e5:0b:5d:70:8a:3e:a8:f8:e3:e0:92:27:21:
1a:e0:6d:e7:6b:8e:c9:5f:ca:2b:31:17:88:7f:80:
37:47:9a:2b:f6:fb:9e:d6:9f:1d:3b:3f:b9:47:b9:
23:d8:cd:65:fa:e4:9e:cf:01:b5:86:60:8f:c6:ef:
9c:84:e4:e5:06:a1:01:3c:d7:ca:3d:b5:d9:24:ab:
79:f7:36:e0:1f:c3:e4:0f:99:46:1e:0a:3e:24:76:
f2:44:22:70:87:b4:03:5d:e9:cd:46:a7:63:78:93:
83:d4:dc:50:10:25:df:9b:3a:44:63:fd:53:1a:5a:
71:49:5a:27:07:06:54:d6:2b:10:bd:33:df:fa:92:
c5:05:87:bf:58:93:e8:fb:31:8a:43:f6:d0:69:f6:
1f:56:bf:9d:da:12:64:49:7e:d1:d9:12:8b:67:86:
f0:48:52:e2:f0:97:27:54:ca:5d:6d:c7:f2:50:9b:
6e:42:cf:04:75:9a:3a:c5:e1:2a:94:1f:c9:59:56:
77:7b:e4:de:f8:3a:c4:04:1d:0e:38:9c:6a:64:f1:
f2:5b:c2:2a:fa:29:c8:95:8a:6f:08:8b:c8:76:5f:
f5:25:c1:dc:50:d4:85:ae:82:83:d6:8b:f1:0e:1e:
44:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:E1:9C:00:1A:F8:65:CC:F6:1B:E2:5A:0E:99:08:17:42:58:2C:C8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.236.0/24
Signature Algorithm: sha256WithRSAEncryption
18:4c:d5:44:09:a4:75:a7:08:a0:48:4f:a1:96:00:17:e0:cc:
2d:e0:14:2f:4a:d5:ef:bf:48:12:49:8d:52:88:59:b5:a7:35:
2a:28:73:f8:03:04:28:27:3d:13:b4:26:82:93:fb:a1:eb:f6:
97:75:31:00:bd:72:a2:51:16:9c:e0:c6:42:45:07:3a:70:2b:
c5:67:0f:8c:89:41:1f:06:96:f3:5f:e4:92:b6:fd:43:96:fa:
f1:94:fc:19:53:40:a3:63:15:98:09:67:35:07:9b:60:0b:5c:
13:f9:1a:95:0b:d7:ad:4e:ee:5b:a6:d4:19:07:c5:07:f9:1b:
20:2a:f0:a6:9c:61:eb:ba:a6:3d:73:84:6c:37:0a:91:41:cc:
45:d5:17:a1:e2:5a:1e:71:50:b7:1c:c6:d2:1a:80:65:b4:13:
33:fb:5a:ce:c8:70:b5:d1:3b:81:59:f8:b6:04:25:fe:e6:26:
a3:2d:05:49:68:65:29:30:35:60:cb:9e:3b:12:05:fc:f8:ec:
4c:da:2f:17:84:f2:cd:7e:da:2e:22:90:fe:f5:ee:80:e6:e5:
50:f3:f9:b3:79:0f:63:b1:33:c6:8e:64:4f:10:60:bb:fd:88:
c5:b7:e2:7c:eb:18:e7:55:30:ad:f0:db:3f:28:0a:a0:84:ce:
6a:f5:69:8f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUH34Hnx11XbuaLNcc4I6pSCib/cAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQzNTBaFw0yNDExMjQxOTQ4NTBaMDMxMTAvBgNV
BAMTKERCRTE5QzAwMUFGODY1Q0NGNjFCRTI1QTBFOTkwODE3NDI1ODJDQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCozMV027xQs3h68llGDpm/5Qtd
cIo+qPjj4JInIRrgbedrjslfyisxF4h/gDdHmiv2+57Wnx07P7lHuSPYzWX65J7P
AbWGYI/G75yE5OUGoQE818o9tdkkq3n3NuAfw+QPmUYeCj4kdvJEInCHtANd6c1G
p2N4k4PU3FAQJd+bOkRj/VMaWnFJWicHBlTWKxC9M9/6ksUFh79Yk+j7MYpD9tBp
9h9Wv53aEmRJftHZEotnhvBIUuLwlydUyl1tx/JQm25CzwR1mjrF4SqUH8lZVnd7
5N74OsQEHQ44nGpk8fJbwir6KciVim8Ii8h2X/UlwdxQ1IWugoPWi/EOHkQlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU2+GcABr4Zcz2G+JaDpkIF0JYLMgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjMz
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVvuwwDQYJKoZIhvcNAQELBQADggEBABhM1UQJpHWnCKBIT6GWABfgzC3gFC9K
1e+/SBJJjVKIWbWnNSooc/gDBCgnPRO0JoKT+6Hr9pd1MQC9cqJRFpzgxkJFBzpw
K8VnD4yJQR8GlvNf5JK2/UOW+vGU/BlTQKNjFZgJZzUHm2ALXBP5GpUL161O7lum
1BkHxQf5GyAq8KacYeu6pj1zhGw3CpFBzEXVF6HiWh5xULccxtIagGW0EzP7Ws7I
cLXRO4FZ+LYEJf7mJqMtBUloZSkwNWDLnjsSBfz47EzaLxeE8s1+2i4ikP717oDm
5VDz+bN5D2OxM8aOZE8QYLv9iMW34nzrGOdVMK3w2z8oCqCEzmr1aY8=
-----END CERTIFICATE-----
Generated at Tue May 7 21:04:28 2024 by rpki-client on console-fra.rpki-client.org