Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233372e302f32342d3234203d3e20313336373837.roa
File: 38352e3139302e3233372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: eLA0yPN4NiuSXnB6unhpPz1M+I05ZTJCtloLB97gvBk=
Subject key identifier: B5:4E:0E:F4:AC:D4:7A:E8:74:E3:B9:A6:4D:8A:11:3F:B9:F0:EC:8B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0361ADF9D600C2A08DA3AE367F9D64BCF756363B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233372e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:21 +0000
ROA not before: Sun 27 Oct 2024 20:00:21 +0000
ROA not after: Sun 26 Oct 2025 20:05:21 +0000
asID: 136787
IP address blocks: 85.190.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:61:ad:f9:d6:00:c2:a0:8d:a3:ae:36:7f:9d:64:bc:f7:56:36:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:21 2024 GMT
Not After : Oct 26 20:05:21 2025 GMT
Subject: CN=B54E0EF4ACD47AE874E3B9A64D8A113FB9F0EC8B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ce:00:16:fe:f3:40:d4:4e:33:49:8a:3c:ab:
ba:68:c2:52:07:42:87:1a:39:1a:01:d4:ca:d2:c4:
85:8b:1c:cd:5a:20:59:fa:da:5a:a4:9f:1a:7f:90:
b2:d1:75:bf:d0:9c:e5:ac:f5:64:0c:f0:15:cb:5e:
9d:26:8a:42:0c:a7:43:3d:e7:d7:61:12:6c:01:6e:
c7:9f:d8:fd:4b:f9:3e:97:0e:fc:98:ff:06:21:3c:
47:1d:f4:51:3a:2f:52:23:42:90:74:69:ea:26:93:
7a:1c:55:cb:a9:31:f7:25:32:6a:c2:5d:9e:c0:cf:
b5:5b:70:d2:47:55:e5:76:b3:76:91:c4:5c:5b:6b:
79:d3:ed:5c:58:15:bc:fb:11:a5:7b:90:2e:8c:95:
5b:25:41:02:b8:85:cb:6e:f4:3c:55:51:9d:6e:3f:
34:7b:8a:b3:82:0a:18:9f:e8:68:76:65:16:d1:4e:
3c:b6:7e:25:4b:e3:12:37:46:ce:18:0e:69:04:7f:
e3:53:59:b6:a1:0b:56:ac:dd:6b:bd:fd:47:b1:a2:
87:88:81:e7:45:e2:df:ed:48:41:bd:dd:bd:00:c7:
27:bf:23:9d:30:70:c1:45:41:50:94:11:b4:81:e8:
34:8c:2b:85:53:8e:90:70:e1:53:db:be:2e:a4:0e:
8e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:4E:0E:F4:AC:D4:7A:E8:74:E3:B9:A6:4D:8A:11:3F:B9:F0:EC:8B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.237.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:32:f0:41:01:01:ce:fa:b6:de:d3:1d:82:b0:5c:1f:79:82:
ab:fd:b0:af:4a:62:52:60:f5:fc:63:46:43:44:82:2a:91:e7:
36:8e:b8:da:36:6d:4f:87:13:b3:f5:ff:ae:8f:15:a8:9e:e4:
14:4e:87:e7:4c:30:5e:24:32:3a:de:8f:5b:43:7b:95:e7:34:
df:0f:4b:8a:ff:c5:e2:0c:c7:d0:10:14:de:da:88:26:c2:6e:
c5:03:13:a7:d9:56:e2:ff:23:83:10:23:1d:31:e5:32:c4:cb:
56:f1:e9:b5:49:80:08:37:22:34:07:c1:55:88:91:df:5f:d4:
4b:34:92:b5:46:b9:ff:42:aa:cf:5a:4e:90:93:c5:bb:03:35:
77:ed:a0:4a:2c:4e:f8:17:25:49:32:6c:56:1d:a2:12:64:a1:
cb:a8:5e:e4:22:69:76:85:38:24:7d:26:0e:71:5c:85:a1:a1:
b6:00:e9:88:34:83:79:36:df:89:1c:3e:02:34:80:d8:fe:2c:
b9:a9:6e:3e:e8:b8:06:70:02:e2:df:5d:ad:c8:b4:a7:5e:15:
00:dc:b5:73:d9:c4:fc:5c:16:f1:33:33:c9:ca:24:1b:93:4d:
d1:7c:ac:1a:40:58:ea:dd:87:53:f0:57:6b:35:a5:c1:c8:ca:
1e:fd:64:e4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUA2Gt+dYAwqCNo642f51kvPdWNjswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMjFaFw0yNTEwMjYyMDA1MjFaMDMxMTAvBgNV
BAMTKEI1NEUwRUY0QUNENDdBRTg3NEUzQjlBNjREOEExMTNGQjlGMEVDOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1zgAW/vNA1E4zSYo8q7powlIH
QocaORoB1MrSxIWLHM1aIFn62lqknxp/kLLRdb/QnOWs9WQM8BXLXp0mikIMp0M9
59dhEmwBbsef2P1L+T6XDvyY/wYhPEcd9FE6L1IjQpB0aeomk3ocVcupMfclMmrC
XZ7Az7VbcNJHVeV2s3aRxFxba3nT7VxYFbz7EaV7kC6MlVslQQK4hctu9DxVUZ1u
PzR7irOCChif6Gh2ZRbRTjy2fiVL4xI3Rs4YDmkEf+NTWbahC1as3Wu9/UexooeI
gedF4t/tSEG93b0Axye/I50wcMFFQVCUEbSB6DSMK4VTjpBw4VPbvi6kDo5zAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUtU4O9KzUeuh047mmTYoRP7nw7IswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjMz
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVvu0wDQYJKoZIhvcNAQELBQADggEBAHoy8EEBAc76tt7THYKwXB95gqv9sK9K
YlJg9fxjRkNEgiqR5zaOuNo2bU+HE7P1/66PFaie5BROh+dMMF4kMjrej1tDe5Xn
NN8PS4r/xeIMx9AQFN7aiCbCbsUDE6fZVuL/I4MQIx0x5TLEy1bx6bVJgAg3IjQH
wVWIkd9f1Es0krVGuf9Cqs9aTpCTxbsDNXftoEosTvgXJUkybFYdohJkocuoXuQi
aXaFOCR9Jg5xXIWhobYA6Yg0g3k234kcPgI0gNj+LLmpbj7ouAZwAuLfXa3ItKde
FQDctXPZxPxcFvEzM8nKJBuTTdF8rBpAWOrdh1PwV2s1pcHIyh79ZOQ=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:15 2024 by rpki-client on console-ams.rpki-client.org