Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3234372e302f32342d3234203d3e20313336373837.roa
File: 38352e3139302e3234372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: TsGDl4ymzEhfhFrldp4f7BcuRtmDJaBbtWxJGwA5L8M=
Subject key identifier: 57:9A:B4:E8:2F:45:A8:17:2A:64:FD:B4:84:4A:EE:65:25:1E:27:50
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 34DB3E2613468C93DBD2F55E9F4F084BDE10A1C6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3234372e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:19 +0000
ROA not before: Sun 27 Oct 2024 20:00:19 +0000
ROA not after: Sun 26 Oct 2025 20:05:19 +0000
asID: 136787
IP address blocks: 85.190.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:db:3e:26:13:46:8c:93:db:d2:f5:5e:9f:4f:08:4b:de:10:a1:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:19 2024 GMT
Not After : Oct 26 20:05:19 2025 GMT
Subject: CN=579AB4E82F45A8172A64FDB4844AEE65251E2750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bf:16:83:dd:94:62:08:81:44:78:f5:b1:cc:
a1:77:44:f2:9b:89:c8:b1:7f:14:88:fe:62:c4:52:
75:e6:35:fd:6f:d6:84:d8:d6:e2:20:f4:cc:8d:a4:
5f:ba:af:89:73:c4:5e:f4:51:24:c8:f4:c7:2b:72:
93:d6:3c:11:61:39:ce:65:2c:c4:8c:64:31:5e:ea:
2e:05:0c:e2:45:2d:fa:86:06:00:80:73:39:6f:48:
05:a0:28:f6:13:ad:73:d8:3b:7e:2c:72:d1:77:e2:
1d:63:33:9c:ea:7a:bc:fc:27:78:5b:28:f1:0a:3e:
bc:d8:f7:97:c2:13:9a:7e:8a:4d:f1:4e:e5:37:28:
98:19:99:de:44:cb:ba:74:49:43:20:fd:81:c6:4a:
88:3e:aa:23:8d:89:23:8d:82:82:06:00:8c:0a:b9:
fc:6c:f2:39:73:7a:9a:17:a3:a9:42:8d:f5:e4:b1:
42:71:26:3f:1c:1c:98:54:f0:c7:42:07:bd:c9:81:
75:27:e2:9f:4b:20:d7:5d:3c:c0:e7:30:74:d7:bd:
44:d6:fd:2f:96:5f:10:52:35:93:dd:97:f7:15:18:
0f:f5:02:1f:07:a9:23:3e:a9:ac:17:61:c6:5e:b4:
0e:0e:dd:ef:c8:95:53:ed:7b:59:3c:24:e7:d4:c8:
96:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:9A:B4:E8:2F:45:A8:17:2A:64:FD:B4:84:4A:EE:65:25:1E:27:50
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3234372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.247.0/24
Signature Algorithm: sha256WithRSAEncryption
58:b5:66:bc:45:70:1a:d8:26:08:21:b4:dd:4a:42:b4:b4:75:
43:6e:ed:47:0e:b1:aa:11:f0:8a:9d:91:86:46:d1:2f:f6:b7:
aa:49:df:6a:33:91:90:b6:ab:9e:5d:a2:18:e3:2b:ff:cb:1b:
a3:3b:27:b7:7d:6b:0f:cd:01:54:1e:a7:db:0e:b0:00:25:af:
7b:74:34:6b:78:f8:c5:39:64:c4:11:97:19:e9:fb:e0:7d:19:
d3:ca:60:54:83:7d:81:ba:fd:f1:48:11:cb:38:a0:2e:c7:62:
32:81:08:37:e6:10:d2:db:82:8b:62:65:57:97:d4:36:77:8d:
ca:2a:55:9f:13:59:f0:1f:c9:f4:ef:87:15:9a:10:05:a0:33:
c2:8d:fa:cd:c9:c2:b9:41:ef:60:4c:23:dc:4e:f1:c4:85:fb:
1d:5d:65:36:8f:e3:e2:4c:92:dd:ba:d1:87:c9:a4:f0:48:f6:
de:6b:1c:f8:af:09:c8:df:08:7f:c0:16:97:84:df:36:d1:1e:
75:13:e0:7c:e3:d7:3d:6f:95:4a:74:1c:de:ef:75:05:3f:39:
9e:95:49:13:ed:79:ef:fb:9e:d4:9e:f0:5c:8d:12:ad:70:9c:
58:55:21:41:5a:88:7b:3c:b8:85:ee:d7:91:c6:46:43:dd:ad:
9a:a6:99:56
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNNs+JhNGjJPb0vVen08IS94QocYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMTlaFw0yNTEwMjYyMDA1MTlaMDMxMTAvBgNV
BAMTKDU3OUFCNEU4MkY0NUE4MTcyQTY0RkRCNDg0NEFFRTY1MjUxRTI3NTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8vxaD3ZRiCIFEePWxzKF3RPKb
icixfxSI/mLEUnXmNf1v1oTY1uIg9MyNpF+6r4lzxF70USTI9McrcpPWPBFhOc5l
LMSMZDFe6i4FDOJFLfqGBgCAczlvSAWgKPYTrXPYO34sctF34h1jM5zqerz8J3hb
KPEKPrzY95fCE5p+ik3xTuU3KJgZmd5Ey7p0SUMg/YHGSog+qiONiSONgoIGAIwK
ufxs8jlzepoXo6lCjfXksUJxJj8cHJhU8MdCB73JgXUn4p9LINddPMDnMHTXvUTW
/S+WXxBSNZPdl/cVGA/1Ah8HqSM+qawXYcZetA4O3e/IlVPte1k8JOfUyJYrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUV5q06C9FqBcqZP20hEruZSUeJ1AwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjM0
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVvvcwDQYJKoZIhvcNAQELBQADggEBAFi1ZrxFcBrYJgghtN1KQrS0dUNu7UcO
saoR8IqdkYZG0S/2t6pJ32ozkZC2q55dohjjK//LG6M7J7d9aw/NAVQep9sOsAAl
r3t0NGt4+MU5ZMQRlxnp++B9GdPKYFSDfYG6/fFIEcs4oC7HYjKBCDfmENLbgoti
ZVeX1DZ3jcoqVZ8TWfAfyfTvhxWaEAWgM8KN+s3JwrlB72BMI9xO8cSF+x1dZTaP
4+JMkt260YfJpPBI9t5rHPivCcjfCH/AFpeE3zbRHnUT4Hzj1z1vlUp0HN7vdQU/
OZ6VSRPtee/7ntSe8FyNEq1wnFhVIUFaiHs8uIXu15HGRkPdrZqmmVY=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:16 2024 by rpki-client on console-ams.rpki-client.org