Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3235342e302f32342d3332203d3e203531313637.roa
File: 38352e3139302e3235342e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: ZP0FwDTSf8GsHI0KQWH6ljXewuBo2exKV0xDarDehvY=
Subject key identifier: 1B:91:3D:AA:D8:21:0E:BF:0C:C2:FD:6B:86:E8:02:B6:FC:E8:7E:A7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 253D64A8D4899D712CE79C89588A42EE359E62BD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3235342e302f32342d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:00 +0000
ROA not before: Mon 26 Feb 2024 08:48:00 +0000
ROA not after: Mon 24 Feb 2025 08:53:00 +0000
asID: 51167
IP address blocks: 85.190.254.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:3d:64:a8:d4:89:9d:71:2c:e7:9c:89:58:8a:42:ee:35:9e:62:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:00 2024 GMT
Not After : Feb 24 08:53:00 2025 GMT
Subject: CN=1B913DAAD8210EBF0CC2FD6B86E802B6FCE87EA7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:16:d3:11:20:9a:e9:d7:aa:1a:f3:eb:6a:ef:
88:06:f2:cf:0a:78:84:a4:bd:6e:20:83:f4:f6:ab:
b9:6c:a9:53:f4:7e:11:90:89:9e:ed:4f:23:74:d6:
e2:09:ba:bf:cc:50:8d:50:c0:42:f9:56:63:67:15:
bc:06:5c:41:70:6b:c0:fc:73:0a:23:3b:b0:fb:cf:
d0:47:e9:d3:b1:45:68:e4:8f:38:1a:4d:18:d4:89:
30:5f:18:25:59:22:5a:83:3c:5e:6c:71:2c:86:1e:
ed:08:58:70:34:a6:3b:ac:75:47:73:d2:b7:68:5f:
a1:93:3f:6f:68:05:8f:74:b1:4b:82:4f:4b:66:cf:
d2:d7:26:03:80:2e:1d:51:69:02:d3:f4:bd:a4:8b:
08:35:42:62:8d:e5:00:a4:0e:07:23:51:11:b8:fc:
e9:f7:43:67:69:03:90:06:d0:02:f6:45:f1:93:1b:
4b:43:52:1b:73:1f:0e:df:15:fc:52:51:c7:6f:13:
41:95:ee:24:90:4a:18:80:2b:88:b7:92:40:82:ba:
ba:3d:d2:ae:6d:52:84:e7:43:65:70:43:c0:6e:a3:
bd:a2:37:8d:bc:08:23:34:71:b3:58:7a:ec:ff:1d:
8f:e7:ee:99:a9:19:bd:6a:64:a5:1b:4b:70:5f:04:
87:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:91:3D:AA:D8:21:0E:BF:0C:C2:FD:6B:86:E8:02:B6:FC:E8:7E:A7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3235342e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.254.0/24
Signature Algorithm: sha256WithRSAEncryption
43:f4:89:5d:e3:6e:be:42:19:e6:21:e0:b1:9a:5b:75:b4:9b:
f2:a7:51:30:9d:6b:f8:6e:ff:0b:47:11:40:84:b9:9f:cb:4f:
5e:91:aa:65:db:a7:30:7d:5b:e5:88:55:8a:47:b3:7e:0b:69:
6a:a4:70:1e:7d:63:c2:56:b2:c9:76:a1:3c:31:f3:f9:9b:a4:
1e:de:7b:97:0f:9c:5b:bc:cc:03:9e:af:1f:4c:75:37:90:c6:
cd:b0:12:92:20:f5:e8:53:fb:16:db:eb:0a:f6:f9:10:99:3f:
6c:ee:97:e4:f2:a9:a2:8b:76:2e:79:f2:37:5a:f6:88:c3:d2:
9c:0c:b1:63:6a:d4:0a:72:e6:08:a1:c9:08:cb:7c:df:d3:ec:
2a:cb:d8:83:69:ee:8b:26:58:2b:93:68:5d:64:08:be:2d:ba:
39:35:b7:a7:1a:7c:50:25:d7:8c:a0:7c:7d:0f:0a:6c:1f:25:
72:41:f2:33:57:7a:2a:03:6e:70:81:71:87:e4:45:c1:bd:28:
fc:c4:62:06:16:1c:c5:e3:a4:14:e9:1e:3c:c6:7b:44:7f:cc:
4c:55:67:05:0e:1f:81:7a:d1:11:c8:97:36:96:e5:5e:14:ac:
b7:97:21:53:ef:cc:35:75:d0:00:52:04:3f:6a:5f:86:4b:74:
3e:06:68:c0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJT1kqNSJnXEs55yJWIpC7jWeYr0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDBaFw0yNTAyMjQwODUzMDBaMDMxMTAvBgNV
BAMTKDFCOTEzREFBRDgyMTBFQkYwQ0MyRkQ2Qjg2RTgwMkI2RkNFODdFQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeFtMRIJrp16oa8+tq74gG8s8K
eISkvW4gg/T2q7lsqVP0fhGQiZ7tTyN01uIJur/MUI1QwEL5VmNnFbwGXEFwa8D8
cwojO7D7z9BH6dOxRWjkjzgaTRjUiTBfGCVZIlqDPF5scSyGHu0IWHA0pjusdUdz
0rdoX6GTP29oBY90sUuCT0tmz9LXJgOALh1RaQLT9L2kiwg1QmKN5QCkDgcjURG4
/On3Q2dpA5AG0AL2RfGTG0tDUhtzHw7fFfxSUcdvE0GV7iSQShiAK4i3kkCCuro9
0q5tUoTnQ2VwQ8Buo72iN428CCM0cbNYeuz/HY/n7pmpGb1qZKUbS3BfBIefAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUG5E9qtghDr8Mwv1rhugCtvzofqcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjM1
MzQyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Vb7+MA0GCSqGSIb3DQEBCwUAA4IBAQBD9Ild426+QhnmIeCxmlt1tJvyp1EwnWv4
bv8LRxFAhLmfy09ekapl26cwfVvliFWKR7N+C2lqpHAefWPCVrLJdqE8MfP5m6Qe
3nuXD5xbvMwDnq8fTHU3kMbNsBKSIPXoU/sW2+sK9vkQmT9s7pfk8qmii3YuefI3
WvaIw9KcDLFjatQKcuYIockIy3zf0+wqy9iDae6LJlgrk2hdZAi+Lbo5NbenGnxQ
JdeMoHx9DwpsHyVyQfIzV3oqA25wgXGH5EXBvSj8xGIGFhzF46QU6R48xntEf8xM
VWcFDh+BetERyJc2luVeFKy3lyFT78w1ddAAUgQ/al+GS3Q+BmjA
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:50 2024 by rpki-client on console-ams.rpki-client.org