Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233392e302f32342d3234203d3e20323037313337.roa
File: 38352e3139302e3233392e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: +MEp5zdj389htnX8r6CdTvaY+huE1O2WS8fvfG8Cs/Y=
Subject key identifier: 09:BC:DE:A1:BA:D1:21:D9:87:53:E2:3A:7D:AB:28:74:11:55:6B:43
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4298307D507F972DD1EAF998B7826990D5462F60
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233392e302f32342d3234203d3e20323037313337.roa
Signing time: Wed 06 Dec 2023 12:29:44 +0000
ROA not before: Wed 06 Dec 2023 12:24:44 +0000
ROA not after: Wed 04 Dec 2024 12:29:44 +0000
asID: 207137
IP address blocks: 85.190.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:98:30:7d:50:7f:97:2d:d1:ea:f9:98:b7:82:69:90:d5:46:2f:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 6 12:24:44 2023 GMT
Not After : Dec 4 12:29:44 2024 GMT
Subject: CN=09BCDEA1BAD121D98753E23A7DAB287411556B43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:11:b3:0b:18:4e:32:e4:14:19:86:19:77:df:
fc:79:b1:fd:3a:4d:92:29:4a:57:c1:dc:10:f4:9d:
a0:26:3a:b1:ae:53:68:0c:61:99:ad:fa:02:fd:8a:
f8:91:7c:bc:73:9b:66:8f:e4:aa:6b:93:37:19:3d:
e5:ab:9e:99:fe:d7:1a:8c:8c:55:98:66:f4:04:11:
d4:85:1a:ff:83:b8:fd:b1:f1:34:74:2a:a2:ed:fe:
e2:f6:6f:31:7a:8f:ef:c9:4f:b0:c1:f8:a1:fa:27:
65:53:eb:57:a9:90:a9:79:db:ac:81:7f:7c:0e:e0:
18:14:47:ea:50:21:29:d3:41:b4:6b:5f:80:a9:2f:
f5:e8:64:65:9f:f4:9b:94:5d:28:75:53:07:f7:40:
cc:82:ae:8b:69:71:01:a8:b0:d9:a4:30:50:58:2e:
6c:ea:8e:0d:60:9b:60:6f:e5:fa:3f:49:e7:3e:2b:
82:60:78:5d:98:6a:e8:b4:9b:e5:82:2a:b3:37:68:
6d:47:f6:f3:ac:f0:5e:f3:7b:4b:2e:b4:66:a9:cd:
b3:45:8e:61:00:6c:8a:ec:ab:25:9f:7f:6d:59:d1:
d3:19:d1:80:61:bb:84:ee:da:40:35:21:49:7e:e4:
77:e3:84:d3:3b:83:f9:d8:a0:8b:53:ed:76:b9:fa:
3d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:BC:DE:A1:BA:D1:21:D9:87:53:E2:3A:7D:AB:28:74:11:55:6B:43
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233392e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.239.0/24
Signature Algorithm: sha256WithRSAEncryption
61:28:49:22:bb:96:15:a8:1f:e8:90:9d:8e:29:5f:86:e8:c1:
f7:11:d9:f1:97:2b:16:b8:ea:da:45:cc:5e:c7:39:64:92:c0:
02:52:e7:57:f4:ce:83:9a:a1:19:89:d8:44:d2:e2:4d:4b:16:
38:71:d5:56:85:2c:f0:7d:4b:85:c1:c3:fb:05:da:a0:4f:12:
b7:a2:95:f7:7f:7e:ba:6f:8b:5f:03:3b:4f:38:bf:81:98:14:
f2:32:de:b5:3a:b3:b1:a8:db:7f:2a:9d:7c:2f:40:38:77:71:
7e:51:0a:3e:fe:c2:a9:99:4c:18:86:83:cd:b9:fc:fc:7f:12:
df:ea:6d:14:6f:cd:f4:c9:b2:0d:5b:1e:0b:5c:b4:55:89:33:
d0:77:76:e9:54:a7:c6:80:50:6b:da:15:11:c2:3f:12:17:74:
ee:52:6f:ad:77:b1:fe:16:3a:d8:e0:b0:8b:d0:7e:46:dd:70:
43:14:49:80:c1:f8:7f:76:6a:68:13:c7:a6:2a:f0:5e:33:2d:
aa:7f:63:1d:73:88:ac:17:46:80:25:10:63:d1:ba:c4:fe:f2:
93:b6:27:5c:ed:f5:85:8a:64:cf:d7:37:ff:95:36:1b:5e:77:
3e:36:6a:d9:94:cb:dd:89:1f:72:18:72:40:1f:34:9a:25:b5:
09:38:00:c0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQpgwfVB/ly3R6vmYt4JpkNVGL2AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEyMDYxMjI0NDRaFw0yNDEyMDQxMjI5NDRaMDMxMTAvBgNV
BAMTKDA5QkNERUExQkFEMTIxRDk4NzUzRTIzQTdEQUIyODc0MTE1NTZCNDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaEbMLGE4y5BQZhhl33/x5sf06
TZIpSlfB3BD0naAmOrGuU2gMYZmt+gL9iviRfLxzm2aP5KprkzcZPeWrnpn+1xqM
jFWYZvQEEdSFGv+DuP2x8TR0KqLt/uL2bzF6j+/JT7DB+KH6J2VT61epkKl526yB
f3wO4BgUR+pQISnTQbRrX4CpL/XoZGWf9JuUXSh1Uwf3QMyCrotpcQGosNmkMFBY
Lmzqjg1gm2Bv5fo/Sec+K4JgeF2Yaui0m+WCKrM3aG1H9vOs8F7ze0sutGapzbNF
jmEAbIrsqyWff21Z0dMZ0YBhu4Tu2kA1IUl+5HfjhNM7g/nYoItT7Xa5+j21AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUCbzeobrRIdmHU+I6fasodBFVa0MwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjMz
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVvu8wDQYJKoZIhvcNAQELBQADggEBAGEoSSK7lhWoH+iQnY4pX4bowfcR2fGX
Kxa46tpFzF7HOWSSwAJS51f0zoOaoRmJ2ETS4k1LFjhx1VaFLPB9S4XBw/sF2qBP
Ereilfd/frpvi18DO084v4GYFPIy3rU6s7Go238qnXwvQDh3cX5RCj7+wqmZTBiG
g825/Px/Et/qbRRvzfTJsg1bHgtctFWJM9B3dulUp8aAUGvaFRHCPxIXdO5Sb613
sf4WOtjgsIvQfkbdcEMUSYDB+H92amgTx6Yq8F4zLap/Yx1ziKwXRoAlEGPRusT+
8pO2J1zt9YWKZM/XN/+VNhtedz42atmUy92JH3IYckAfNJoltQk4AMA=
-----END CERTIFICATE-----
Generated at Tue May 21 21:12:37 2024 by rpki-client on console-fra.rpki-client.org