Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3234372e302f32342d3234203d3e20313336373837.roa
File: 38352e3139302e3234372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: IbaKrGND+xf6OtBdn+IOtA+YhUYgp62RW/3rwkGNfZ0=
Subject key identifier: 89:DE:DA:ED:55:F1:5F:F4:0B:23:D9:DB:72:1D:0B:06:DC:15:10:26
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 19F9C0610B393DC5A0C079A03155EA4C869CA925
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3234372e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:48:59 +0000
ROA not before: Sun 26 Nov 2023 19:43:59 +0000
ROA not after: Sun 24 Nov 2024 19:48:59 +0000
asID: 136787
IP address blocks: 85.190.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:f9:c0:61:0b:39:3d:c5:a0:c0:79:a0:31:55:ea:4c:86:9c:a9:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:43:59 2023 GMT
Not After : Nov 24 19:48:59 2024 GMT
Subject: CN=89DEDAED55F15FF40B23D9DB721D0B06DC151026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2d:89:4b:20:89:98:9f:f5:c9:53:5a:90:95:
7c:c3:17:e2:c8:df:da:dd:87:e1:fa:e7:1d:5c:d1:
d2:5f:a6:21:a4:bf:f9:05:e4:c4:61:ef:ca:e2:26:
0b:ea:25:f4:2f:94:e0:38:fe:42:72:bf:a8:a4:07:
a7:20:06:7c:32:f2:1d:84:35:80:90:fb:db:14:52:
9c:51:bc:9c:ba:dd:58:8d:c3:4b:e2:a4:46:83:66:
b2:32:7e:20:df:f9:6d:7f:af:37:45:89:07:d7:b9:
69:10:24:9c:70:53:9e:b1:b0:9d:0a:87:93:07:09:
07:ad:6d:e1:d4:a9:56:06:14:09:0e:6e:da:69:34:
d1:cc:fb:c0:1c:f0:e3:b2:74:5e:66:0c:e6:35:63:
2a:4e:fa:04:d2:9d:16:8c:b7:91:17:c3:f5:63:c2:
4c:1d:a2:4f:5c:16:f3:0d:09:00:a4:1a:5a:24:91:
9b:f2:16:46:b0:cf:8b:0e:7b:a8:fd:13:7b:b8:4c:
36:6f:e4:c8:94:3b:ff:96:73:d4:5c:c9:a3:2f:ab:
85:b4:18:c0:0c:bc:02:53:79:95:78:c4:60:b6:90:
7e:c8:9a:f3:b7:27:f2:5c:f5:2e:dd:da:be:c8:52:
a6:93:09:ef:d3:3e:7e:46:00:e4:74:0f:0c:02:a2:
02:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:DE:DA:ED:55:F1:5F:F4:0B:23:D9:DB:72:1D:0B:06:DC:15:10:26
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3234372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.247.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:8a:70:27:15:cb:8d:da:98:2e:57:63:bf:fb:11:d3:8c:dc:
3a:f6:27:c9:e8:6b:b6:c4:ad:45:8f:8c:1e:81:16:24:4f:e9:
16:f4:76:cb:37:e3:1b:15:37:a9:90:05:0a:35:19:0b:76:e2:
26:ae:e9:c2:5e:ce:49:74:c3:01:77:f6:e0:25:0d:32:c7:14:
23:9d:20:8e:7f:00:6e:27:db:a3:d8:92:fd:5f:a3:9e:59:60:
f2:d8:e6:c4:5f:28:82:b9:8e:3f:37:fa:d6:bc:02:3e:53:78:
08:4e:f9:62:46:af:e5:ee:d9:27:5a:1f:b2:e2:d1:64:9e:21:
60:34:37:e1:92:99:6b:d5:ef:45:ce:1a:88:0a:7f:b3:75:ee:
98:10:cc:9c:00:d9:b0:e1:ed:8d:34:f9:bf:a2:95:df:1f:30:
87:b9:db:ba:cf:a0:ba:53:34:fe:eb:6d:05:99:67:31:a2:97:
65:9c:6e:17:17:7d:22:46:d6:f4:a3:72:89:bf:99:42:b7:5a:
ff:34:dd:f0:f0:84:1f:91:3b:9a:3e:02:5d:0d:40:f7:fd:85:
92:79:0e:8e:6c:78:1f:e5:58:93:bd:41:fa:23:4c:1e:3d:13:
d9:94:fc:c9:6c:db:bb:61:ed:70:b0:d3:40:b1:51:df:60:fc:
1a:42:5a:b8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGfnAYQs5PcWgwHmgMVXqTIacqSUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQzNTlaFw0yNDExMjQxOTQ4NTlaMDMxMTAvBgNV
BAMTKDg5REVEQUVENTVGMTVGRjQwQjIzRDlEQjcyMUQwQjA2REMxNTEwMjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDALYlLIImYn/XJU1qQlXzDF+LI
39rdh+H65x1c0dJfpiGkv/kF5MRh78riJgvqJfQvlOA4/kJyv6ikB6cgBnwy8h2E
NYCQ+9sUUpxRvJy63ViNw0vipEaDZrIyfiDf+W1/rzdFiQfXuWkQJJxwU56xsJ0K
h5MHCQetbeHUqVYGFAkObtppNNHM+8Ac8OOydF5mDOY1YypO+gTSnRaMt5EXw/Vj
wkwdok9cFvMNCQCkGlokkZvyFkawz4sOe6j9E3u4TDZv5MiUO/+Wc9RcyaMvq4W0
GMAMvAJTeZV4xGC2kH7ImvO3J/Jc9S7d2r7IUqaTCe/TPn5GAOR0DwwCogIXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUid7a7VXxX/QLI9nbch0LBtwVECYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjM0
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVvvcwDQYJKoZIhvcNAQELBQADggEBADuKcCcVy43amC5XY7/7EdOM3Dr2J8no
a7bErUWPjB6BFiRP6Rb0dss34xsVN6mQBQo1GQt24iau6cJezkl0wwF39uAlDTLH
FCOdII5/AG4n26PYkv1fo55ZYPLY5sRfKIK5jj83+ta8Aj5TeAhO+WJGr+Xu2Sda
H7Li0WSeIWA0N+GSmWvV70XOGogKf7N17pgQzJwA2bDh7Y00+b+ild8fMIe527rP
oLpTNP7rbQWZZzGil2WcbhcXfSJG1vSjcom/mUK3Wv803fDwhB+RO5o+Al0NQPf9
hZJ5Do5seB/lWJO9QfojTB49E9mU/Mls27th7XCw00CxUd9g/BpCWrg=
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:26 2024 by rpki-client on console-fra.rpki-client.org