Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3235322e302f32342d3234203d3e20323031333431.roa
File: 38352e3139302e3235322e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: x1QudNJ5HppLePOq6jrCf39OVLbIdUNvxtD3BdX6gfE=
Subject key identifier: 12:A9:EA:4F:C0:F7:31:45:49:9F:94:B6:7B:50:43:A8:F0:B5:C4:F9
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7545225EA2559EAE0E81A38F0C8F1EEBF0B19C6F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3235322e302f32342d3234203d3e20323031333431.roa
Signing time: Mon 26 Feb 2024 08:53:20 +0000
ROA not before: Mon 26 Feb 2024 08:48:20 +0000
ROA not after: Mon 24 Feb 2025 08:53:20 +0000
asID: 201341
IP address blocks: 85.190.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:45:22:5e:a2:55:9e:ae:0e:81:a3:8f:0c:8f:1e:eb:f0:b1:9c:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:20 2024 GMT
Not After : Feb 24 08:53:20 2025 GMT
Subject: CN=12A9EA4FC0F73145499F94B67B5043A8F0B5C4F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1e:82:34:7c:88:63:4b:b0:c1:09:f3:08:c4:
e6:44:45:c0:5f:1c:66:26:94:b5:50:66:7a:10:b2:
59:34:f8:45:e2:d7:e9:61:da:fd:6d:e8:e7:af:62:
aa:91:32:e6:aa:51:e1:f2:9e:ca:be:e7:83:51:25:
09:1a:b4:46:0a:62:ad:84:80:2b:7b:66:96:3b:d8:
28:a0:1f:7c:b2:63:7e:b4:d3:e6:c6:f0:f9:c8:2e:
d6:0d:29:1e:60:65:ff:ef:86:6c:4b:10:24:af:b0:
09:d4:95:79:78:d9:3b:01:2e:84:6d:b7:e1:f8:d8:
7d:db:36:e3:59:57:08:88:6a:96:8c:36:c8:c5:f3:
66:23:6b:21:0e:2a:70:2e:0a:d7:64:f3:ab:ac:86:
a9:51:99:2b:f0:a2:5f:ac:79:41:4f:4a:a9:77:bf:
b6:2c:f7:61:03:73:7d:12:70:e2:2d:4f:04:e2:7f:
72:62:d1:d2:8e:d8:aa:9c:c7:db:ef:c8:4e:9d:da:
c2:dd:b7:78:58:39:c1:00:d1:2b:55:7b:02:64:5e:
16:e0:6c:55:bb:23:c6:ab:ba:6e:20:be:0c:73:01:
c4:02:c9:89:99:70:3f:9c:7a:b5:81:42:d7:08:9b:
35:06:fd:65:10:81:36:11:0c:38:98:1b:b4:70:0d:
b8:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:A9:EA:4F:C0:F7:31:45:49:9F:94:B6:7B:50:43:A8:F0:B5:C4:F9
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3235322e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.252.0/24
Signature Algorithm: sha256WithRSAEncryption
04:af:b4:1d:89:f7:10:bd:e4:49:9a:7e:30:eb:ec:44:9b:06:
09:31:cb:6b:99:16:c3:e1:71:9d:68:f4:26:c0:d3:94:ae:24:
99:e9:31:8c:62:3f:d6:0f:44:64:bf:4f:a5:1a:56:f4:40:91:
72:45:bb:aa:11:fd:a6:99:dd:81:88:7e:09:9b:05:8e:16:06:
12:8b:07:69:42:28:1f:0e:20:12:05:ac:cd:5d:d4:15:c4:5b:
b2:e1:50:a9:33:cc:e5:3d:b6:48:93:83:95:57:93:07:b4:66:
36:8b:3f:ec:13:5b:fe:c7:ac:a3:93:e8:c9:58:e1:ba:3d:de:
23:d8:95:ec:0b:2b:f0:92:55:d7:fd:ba:f8:dd:d6:12:52:50:
1c:88:d3:e3:6e:b8:5b:06:5a:a2:3f:0e:7f:34:43:c0:71:9e:
fc:16:34:e4:0c:f8:73:5c:b1:34:e6:09:54:f8:2a:b9:d9:fa:
dc:55:f8:47:31:cd:0b:53:ad:cb:e8:76:8e:71:b6:dd:b1:ab:
b3:42:ed:71:8b:56:3e:30:b8:41:c2:dd:86:3d:cc:c5:4c:5d:
6e:ac:82:b8:be:4b:32:57:08:44:2d:75:0f:a7:f1:71:6b:c1:
b7:1f:aa:47:7e:cb:0b:70:0d:9c:1e:d7:28:ad:95:9a:c4:18:
87:37:2c:54
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdUUiXqJVnq4OgaOPDI8e6/CxnG8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjBaFw0yNTAyMjQwODUzMjBaMDMxMTAvBgNV
BAMTKDEyQTlFQTRGQzBGNzMxNDU0OTlGOTRCNjdCNTA0M0E4RjBCNUM0RjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCHoI0fIhjS7DBCfMIxOZERcBf
HGYmlLVQZnoQslk0+EXi1+lh2v1t6OevYqqRMuaqUeHynsq+54NRJQkatEYKYq2E
gCt7ZpY72CigH3yyY3600+bG8PnILtYNKR5gZf/vhmxLECSvsAnUlXl42TsBLoRt
t+H42H3bNuNZVwiIapaMNsjF82YjayEOKnAuCtdk86ushqlRmSvwol+seUFPSql3
v7Ys92EDc30ScOItTwTif3Ji0dKO2Kqcx9vvyE6d2sLdt3hYOcEA0StVewJkXhbg
bFW7I8arum4gvgxzAcQCyYmZcD+cerWBQtcImzUG/WUQgTYRDDiYG7RwDbj1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUEqnqT8D3MUVJn5S2e1BDqPC1xPkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjM1
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVvvwwDQYJKoZIhvcNAQELBQADggEBAASvtB2J9xC95EmafjDr7ESbBgkxy2uZ
FsPhcZ1o9CbA05SuJJnpMYxiP9YPRGS/T6UaVvRAkXJFu6oR/aaZ3YGIfgmbBY4W
BhKLB2lCKB8OIBIFrM1d1BXEW7LhUKkzzOU9tkiTg5VXkwe0ZjaLP+wTW/7HrKOT
6MlY4bo93iPYlewLK/CSVdf9uvjd1hJSUByI0+NuuFsGWqI/Dn80Q8BxnvwWNOQM
+HNcsTTmCVT4KrnZ+txV+EcxzQtTrcvodo5xtt2xq7NC7XGLVj4wuEHC3YY9zMVM
XW6sgri+SzJXCEQtdQ+n8XFrwbcfqkd+ywtwDZwe1yitlZrEGIc3LFQ=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:16 2024 by rpki-client on console-fra.rpki-client.org