Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233392e302f32342d3234203d3e20323037313337.roa
File: 38352e3139302e3233392e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: i5StlrWDAxQlntMAUhrbuCJ0cRFLVX1mffukOeYL+8Q=
Subject key identifier: 3D:AF:96:CA:8A:A3:F7:1D:F8:0E:0A:BB:AA:16:88:90:6C:AB:CD:1A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5427BD313BEF1AE96924E6300670908A3C276C42
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233392e302f32342d3234203d3e20323037313337.roa
Signing time: Wed 06 Nov 2024 13:05:30 +0000
ROA not before: Wed 06 Nov 2024 13:00:30 +0000
ROA not after: Wed 05 Nov 2025 13:05:30 +0000
asID: 207137
IP address blocks: 85.190.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:27:bd:31:3b:ef:1a:e9:69:24:e6:30:06:70:90:8a:3c:27:6c:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 6 13:00:30 2024 GMT
Not After : Nov 5 13:05:30 2025 GMT
Subject: CN=3DAF96CA8AA3F71DF80E0ABBAA1688906CABCD1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:07:43:36:3c:d1:be:01:2e:e6:35:d0:46:59:
b0:28:29:ac:5f:b4:dd:3e:c1:cf:44:d4:8e:4f:1a:
35:c2:32:e8:4d:3e:cf:be:73:eb:2d:6c:5a:65:54:
49:74:fc:6c:77:f2:35:2e:36:a4:7b:56:57:04:44:
d8:f8:09:7d:55:64:29:ea:80:c2:9b:d4:5c:0f:d6:
1b:0d:c4:98:1b:30:93:2a:b7:75:c1:ae:a0:fd:91:
46:b9:5c:64:f7:b5:69:e7:a5:d9:40:28:b5:3f:12:
74:0c:15:e2:6d:3e:2c:80:36:94:a2:72:bf:10:f3:
c2:45:a8:f8:0f:6a:4f:65:c8:d5:03:70:58:a9:33:
cd:e3:4d:71:30:4a:cd:71:7c:34:b5:64:c4:e1:30:
fe:25:c9:ee:4d:a1:d5:d2:da:0f:9c:37:0a:f5:e0:
03:c9:d6:cc:f6:2a:92:6d:22:3e:03:ad:1d:80:30:
3c:26:ba:39:11:82:5f:6c:b4:b3:c6:3e:5e:c3:e1:
b1:39:af:ae:35:d4:26:0e:b6:99:fc:1b:3e:9b:6b:
14:4a:1f:89:00:b4:d3:23:5c:59:6b:4b:16:91:93:
ca:d9:54:cd:8f:14:d5:79:be:17:72:1a:92:d7:53:
0c:ee:70:af:c2:55:f6:20:45:fb:86:d0:3b:2c:16:
46:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:AF:96:CA:8A:A3:F7:1D:F8:0E:0A:BB:AA:16:88:90:6C:AB:CD:1A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233392e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.239.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:b5:e8:a2:2b:a5:82:bf:3c:ae:e8:de:54:bb:42:d6:bf:c7:
ef:e3:49:cb:4d:e4:dc:a9:a0:1a:97:09:90:6f:7d:14:95:cf:
df:a6:15:24:81:2e:23:5c:dd:38:f3:b8:bd:b1:3b:63:5d:65:
e0:74:d8:7b:91:4f:b0:b3:1e:30:11:a7:74:61:ae:1a:b9:87:
00:4b:4b:4a:31:a8:89:31:41:8f:c6:04:5d:0a:5d:f9:78:dc:
71:3c:4c:2e:ea:4f:9f:bd:5d:cc:68:12:e3:fd:53:2c:56:2b:
5f:fe:a7:2a:e2:6f:59:aa:ae:6b:7b:49:a9:67:82:37:d0:f4:
f1:cd:51:d2:8a:4f:ba:c2:49:c6:3a:19:cc:c4:f9:8f:4f:ad:
29:3b:50:6b:9a:89:33:1d:ca:38:a6:3d:2b:e8:45:c7:63:a8:
e6:cd:67:71:11:ad:e3:a8:b1:eb:67:e6:7d:7e:47:3b:c9:a5:
a3:4e:ca:3f:7a:89:cb:50:7a:81:c1:44:74:47:2e:a1:06:ce:
68:69:11:70:30:72:bb:23:6f:78:03:a5:8e:7c:a2:0d:f1:c8:
c7:bc:5a:32:87:ed:ec:fd:56:39:61:a8:2b:49:fa:d6:25:e5:
24:cf:78:44:fa:15:33:31:54:ed:4e:7c:b1:6b:7f:d3:5c:c7:
5e:06:14:d7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVCe9MTvvGulpJOYwBnCQijwnbEIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDExMDYxMzAwMzBaFw0yNTExMDUxMzA1MzBaMDMxMTAvBgNV
BAMTKDNEQUY5NkNBOEFBM0Y3MURGODBFMEFCQkFBMTY4ODkwNkNBQkNEMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2B0M2PNG+AS7mNdBGWbAoKaxf
tN0+wc9E1I5PGjXCMuhNPs++c+stbFplVEl0/Gx38jUuNqR7VlcERNj4CX1VZCnq
gMKb1FwP1hsNxJgbMJMqt3XBrqD9kUa5XGT3tWnnpdlAKLU/EnQMFeJtPiyANpSi
cr8Q88JFqPgPak9lyNUDcFipM83jTXEwSs1xfDS1ZMThMP4lye5NodXS2g+cNwr1
4APJ1sz2KpJtIj4DrR2AMDwmujkRgl9stLPGPl7D4bE5r6411CYOtpn8Gz6baxRK
H4kAtNMjXFlrSxaRk8rZVM2PFNV5vhdyGpLXUwzucK/CVfYgRfuG0DssFkaZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPa+Wyoqj9x34Dgq7qhaIkGyrzRowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjMz
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVvu8wDQYJKoZIhvcNAQELBQADggEBABy16KIrpYK/PK7o3lS7Qta/x+/jSctN
5NypoBqXCZBvfRSVz9+mFSSBLiNc3TjzuL2xO2NdZeB02HuRT7CzHjARp3Rhrhq5
hwBLS0oxqIkxQY/GBF0KXfl43HE8TC7qT5+9XcxoEuP9UyxWK1/+pyrib1mqrmt7
SalngjfQ9PHNUdKKT7rCScY6GczE+Y9PrSk7UGuaiTMdyjimPSvoRcdjqObNZ3ER
reOosetn5n1+RzvJpaNOyj96ictQeoHBRHRHLqEGzmhpEXAwcrsjb3gDpY58og3x
yMe8WjKH7ez9VjlhqCtJ+tYl5STPeET6FTMxVO1OfLFrf9Ncx14GFNc=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:59 2024 by rpki-client on console-fra.rpki-client.org