Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3234302e302f32322d3332203d3e203531313637.roa
File: 38352e3139302e3234302e302f32322d3332203d3e203531313637.roa (raw, json)
Hash identifier: IweoBQ0WxzgEI7AT0CR9hHSJLPN0IiPZJqjlFwLvtZM=
Subject key identifier: C0:F6:A8:3F:71:71:D9:73:58:B3:E8:79:56:FF:8D:20:41:5F:4B:8D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 15AE265CE6FEA4EFE6F7FAB3EBDC5AE1F05BE2CB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3234302e302f32322d3332203d3e203531313637.roa
Signing time: Tue 09 Apr 2024 07:26:38 +0000
ROA not before: Tue 09 Apr 2024 07:21:38 +0000
ROA not after: Tue 08 Apr 2025 07:26:38 +0000
asID: 51167
IP address blocks: 85.190.240.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:ae:26:5c:e6:fe:a4:ef:e6:f7:fa:b3:eb:dc:5a:e1:f0:5b:e2:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 9 07:21:38 2024 GMT
Not After : Apr 8 07:26:38 2025 GMT
Subject: CN=C0F6A83F7171D97358B3E87956FF8D20415F4B8D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:56:6c:bb:a1:0d:aa:a2:e7:e0:31:9d:83:d5:
06:77:00:24:96:21:0d:b0:0b:16:5d:25:fa:af:9a:
3e:8d:28:67:6e:7a:6f:46:af:3b:9a:14:8b:e7:92:
39:c7:6b:7b:aa:7f:f7:52:80:61:38:5e:a0:81:c2:
75:82:e1:3f:62:79:dd:4b:14:86:f9:cd:36:42:f4:
1f:37:83:d8:ab:23:60:fa:c4:bb:ac:40:c6:a6:53:
c8:d0:f7:9f:9d:91:a2:b6:7e:6d:87:43:80:42:01:
0b:36:c1:ca:b3:3c:d8:75:e9:a7:d0:16:2a:c9:9a:
61:02:66:8e:31:ac:c9:b6:8c:91:ef:8a:25:9f:f0:
9d:a6:a3:9a:90:b2:e3:04:ea:c5:95:3b:bf:39:25:
20:7d:e0:37:cc:14:c4:eb:53:ce:0b:b2:4c:da:8f:
ba:03:30:63:f8:6d:41:c4:4f:c8:fb:52:cb:05:5d:
ba:87:48:42:3d:76:a8:9c:40:dd:f2:6a:3c:34:d5:
d8:d7:3f:2d:93:80:b4:08:e9:6f:38:a8:4d:49:7f:
92:98:53:f7:99:da:2a:bd:b7:65:5f:b8:23:a8:72:
1d:83:e3:d3:22:1b:c8:5e:63:df:3f:b6:de:f5:f0:
23:d4:93:b6:b5:83:4d:ef:8a:2b:9a:72:15:d1:9c:
52:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:F6:A8:3F:71:71:D9:73:58:B3:E8:79:56:FF:8D:20:41:5F:4B:8D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3234302e302f32322d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.240.0/22
Signature Algorithm: sha256WithRSAEncryption
26:8a:08:74:01:a3:95:c2:7b:0c:5a:7a:14:6c:bb:33:4a:c3:
2c:73:15:26:a8:a7:f7:fa:f3:49:5e:d3:a1:f0:cf:71:a0:50:
0a:fd:30:4c:e5:b4:3d:18:d6:5c:30:45:ba:8c:94:8d:64:d1:
d7:f8:45:22:4d:b3:89:77:0d:c6:a1:d8:62:79:2f:dd:7e:de:
74:ad:a2:04:aa:24:4f:b0:34:a0:d5:bf:04:ea:49:5b:85:57:
ed:e2:1c:1b:92:34:a0:6d:e1:f3:62:99:c9:09:61:05:53:b0:
03:7a:a1:f4:67:e1:b9:75:cf:e2:39:67:2f:75:c8:d8:ce:9d:
ee:fb:2a:91:dd:2f:67:24:a2:ab:10:89:ca:5f:a8:66:ea:f9:
84:7e:c5:f2:d0:73:5a:74:04:cf:98:be:82:94:e6:da:7d:b5:
54:be:51:26:bf:b4:77:3a:89:b6:ac:a9:40:18:78:e8:5b:c0:
21:df:a8:e1:6b:96:7a:57:ad:f3:10:27:6b:27:8b:03:fe:13:
95:c1:7f:a3:c1:05:87:82:af:2a:aa:0d:b0:68:b0:16:bc:3b:
5e:93:81:9c:de:9a:15:14:94:99:0a:37:c9:e5:f8:e4:be:bb:
b9:f7:d3:04:ba:e4:df:1f:1b:ec:59:38:23:1b:e7:d5:4e:f3:
9f:b7:98:3b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFa4mXOb+pO/m9/qz69xa4fBb4sswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA0MDkwNzIxMzhaFw0yNTA0MDgwNzI2MzhaMDMxMTAvBgNV
BAMTKEMwRjZBODNGNzE3MUQ5NzM1OEIzRTg3OTU2RkY4RDIwNDE1RjRCOEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1Vmy7oQ2qoufgMZ2D1QZ3ACSW
IQ2wCxZdJfqvmj6NKGduem9GrzuaFIvnkjnHa3uqf/dSgGE4XqCBwnWC4T9ied1L
FIb5zTZC9B83g9irI2D6xLusQMamU8jQ95+dkaK2fm2HQ4BCAQs2wcqzPNh16afQ
FirJmmECZo4xrMm2jJHviiWf8J2mo5qQsuME6sWVO785JSB94DfMFMTrU84Lskza
j7oDMGP4bUHET8j7UssFXbqHSEI9dqicQN3yajw01djXPy2TgLQI6W84qE1Jf5KY
U/eZ2iq9t2VfuCOoch2D49MiG8heY98/tt718CPUk7a1g03viiuachXRnFJ3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUwPaoP3Fx2XNYs+h5Vv+NIEFfS40wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjM0
MzAyZTMwMmYzMjMyMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
Vb7wMA0GCSqGSIb3DQEBCwUAA4IBAQAmigh0AaOVwnsMWnoUbLszSsMscxUmqKf3
+vNJXtOh8M9xoFAK/TBM5bQ9GNZcMEW6jJSNZNHX+EUiTbOJdw3GodhieS/dft50
raIEqiRPsDSg1b8E6klbhVft4hwbkjSgbeHzYpnJCWEFU7ADeqH0Z+G5dc/iOWcv
dcjYzp3u+yqR3S9nJKKrEInKX6hm6vmEfsXy0HNadATPmL6ClObafbVUvlEmv7R3
Oom2rKlAGHjoW8Ah36jha5Z6V63zECdrJ4sD/hOVwX+jwQWHgq8qqg2waLAWvDte
k4Gc3poVFJSZCjfJ5fjkvru599MEuuTfHxvsWTgjG+fVTvOft5g7
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:04 2024 by rpki-client on console-fra.rpki-client.org