Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3235322e302f32342d3234203d3e20323031333431.roa
File: 38352e3139302e3235322e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: AXTlr6sjclQoXir/234OYUop2a7ZGDqL9oqQwZ6KV38=
Subject key identifier: E1:43:1E:40:8D:B3:AD:85:01:A5:E3:09:DC:8F:C9:DB:98:DA:6E:5B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1B40AF30D88BA67049BF7480BF99624C6F5C6D60
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3235322e302f32342d3234203d3e20323031333431.roa
Signing time: Mon 27 Jan 2025 09:45:17 +0000
ROA not before: Mon 27 Jan 2025 09:40:17 +0000
ROA not after: Mon 26 Jan 2026 09:45:17 +0000
asID: 201341
IP address blocks: 85.190.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:40:af:30:d8:8b:a6:70:49:bf:74:80:bf:99:62:4c:6f:5c:6d:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:17 2025 GMT
Not After : Jan 26 09:45:17 2026 GMT
Subject: CN=E1431E408DB3AD8501A5E309DC8FC9DB98DA6E5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:79:48:9d:b4:4f:94:e3:df:3c:d2:ab:6c:02:
68:bd:9b:16:73:8a:e0:fc:e0:43:cc:29:4c:85:df:
b1:8f:b0:e8:fe:f9:ec:39:01:bd:36:b6:3d:09:b6:
81:e9:4e:ce:c4:1c:39:1e:86:10:e5:11:71:9e:72:
3e:e3:a4:56:91:d5:dd:31:64:7f:c5:1e:8e:bc:a6:
3e:88:d6:4d:75:34:51:81:f1:83:19:90:45:9b:da:
68:61:f3:ac:02:4b:07:c1:29:31:da:6c:57:14:04:
51:19:c0:d1:6c:02:b5:28:19:2b:ce:e5:3b:72:bf:
3a:07:92:b6:86:00:f7:9a:d9:fa:e7:7a:51:31:d6:
f2:17:95:0f:c6:a5:13:19:ef:cb:d9:68:2b:b9:8b:
1f:a5:17:64:67:6d:01:7e:20:f5:cf:5f:c3:26:3b:
0b:cf:a9:27:17:a6:a9:22:8a:df:14:42:7e:7e:4b:
f1:07:b2:6c:24:6c:92:ce:06:48:aa:30:78:6e:a6:
27:3a:1f:28:91:60:b0:eb:96:f2:79:26:78:ce:59:
34:a0:27:a8:d1:e5:62:fc:5b:16:86:02:16:69:db:
f0:cd:9a:25:3f:42:e3:5d:1d:ad:38:c5:c3:00:fd:
c6:e3:08:3d:e9:c9:7a:af:58:ce:a9:ad:9b:18:39:
ab:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:43:1E:40:8D:B3:AD:85:01:A5:E3:09:DC:8F:C9:DB:98:DA:6E:5B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3235322e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.252.0/24
Signature Algorithm: sha256WithRSAEncryption
94:fb:6b:63:d1:eb:74:2d:a1:aa:bc:fd:ef:18:de:d7:aa:60:
46:c8:69:d0:f9:e3:ac:7e:66:a5:2a:f7:9c:f9:b2:ee:52:5b:
26:ee:7f:1f:34:3d:38:9b:13:1b:38:fc:a9:9d:58:c3:d6:aa:
7b:87:80:d3:5e:ff:c3:24:ca:33:ff:62:86:34:ab:9a:43:72:
9a:d3:a7:13:94:28:7b:60:8c:8c:e8:80:60:a0:56:f9:24:e7:
0c:2b:65:e2:53:db:b2:cf:cb:cd:f8:0b:33:3b:3c:c0:22:2d:
08:14:ab:d0:84:9d:b8:b3:35:63:aa:b0:41:d3:03:d4:cc:bf:
8a:d1:ce:ac:52:ca:86:af:53:b0:49:31:99:99:e4:49:1d:44:
5b:1d:73:95:48:a3:6b:7d:1c:af:3d:e9:2d:8b:4c:e6:30:41:
32:5b:4c:94:3e:ce:2c:06:ce:c5:88:a0:c8:f1:62:90:ff:a4:
8d:0b:4c:4c:6a:2a:d1:47:8f:ca:26:41:79:04:a4:5f:35:d7:
26:e7:da:b6:66:b3:6e:99:82:02:b0:09:42:71:c8:7a:b2:60:
a5:64:bd:e5:5c:bc:7b:a2:3b:06:8a:ee:47:46:38:59:9a:f3:
79:70:9d:81:3c:db:d0:fc:d9:e6:6a:80:61:e4:1c:a6:81:4b:
47:6f:88:cf
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUG0CvMNiLpnBJv3SAv5liTG9cbWAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTdaFw0yNjAxMjYwOTQ1MTdaMDMxMTAvBgNV
BAMTKEUxNDMxRTQwOERCM0FEODUwMUE1RTMwOURDOEZDOURCOThEQTZFNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIeUidtE+U49880qtsAmi9mxZz
iuD84EPMKUyF37GPsOj++ew5Ab02tj0JtoHpTs7EHDkehhDlEXGecj7jpFaR1d0x
ZH/FHo68pj6I1k11NFGB8YMZkEWb2mhh86wCSwfBKTHabFcUBFEZwNFsArUoGSvO
5TtyvzoHkraGAPea2frnelEx1vIXlQ/GpRMZ78vZaCu5ix+lF2RnbQF+IPXPX8Mm
OwvPqScXpqkiit8UQn5+S/EHsmwkbJLOBkiqMHhupic6HyiRYLDrlvJ5JnjOWTSg
J6jR5WL8WxaGAhZp2/DNmiU/QuNdHa04xcMA/cbjCD3pyXqvWM6prZsYOavTAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU4UMeQI2zrYUBpeMJ3I/J25jablswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjM1
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVvvwwDQYJKoZIhvcNAQELBQADggEBAJT7a2PR63Qtoaq8/e8Y3teqYEbIadD5
46x+ZqUq95z5su5SWybufx80PTibExs4/KmdWMPWqnuHgNNe/8MkyjP/YoY0q5pD
cprTpxOUKHtgjIzogGCgVvkk5wwrZeJT27LPy834CzM7PMAiLQgUq9CEnbizNWOq
sEHTA9TMv4rRzqxSyoavU7BJMZmZ5EkdRFsdc5VIo2t9HK896S2LTOYwQTJbTJQ+
ziwGzsWIoMjxYpD/pI0LTExqKtFHj8omQXkEpF811ybn2rZms26ZggKwCUJxyHqy
YKVkveVcvHuiOwaK7kdGOFma83lwnYE829D82eZqgGHkHKaBS0dviM8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:16:47 2025 by rpki-client