Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3233302e302f32332d3332203d3e203531313637.roa
File: 38352e3233392e3233302e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: m3uz+C5JDB8dnvO2wo7YQ+QD2BDwP7da86uK7lMnG8M=
Subject key identifier: 65:7D:3F:E9:AF:FE:B6:CE:08:9E:B6:3B:12:AB:F4:A5:0D:A5:AE:8D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 53A5B43AD2E67D4C2CFF0751E789E4C6D702CB90
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3233302e302f32332d3332203d3e203531313637.roa
Signing time: Fri 21 Jun 2024 08:04:00 +0000
ROA not before: Fri 21 Jun 2024 07:59:00 +0000
ROA not after: Fri 20 Jun 2025 08:04:00 +0000
asID: 51167
IP address blocks: 85.239.230.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:a5:b4:3a:d2:e6:7d:4c:2c:ff:07:51:e7:89:e4:c6:d7:02:cb:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 21 07:59:00 2024 GMT
Not After : Jun 20 08:04:00 2025 GMT
Subject: CN=657D3FE9AFFEB6CE089EB63B12ABF4A50DA5AE8D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c2:50:1e:72:b2:98:bb:e3:1b:88:ea:35:b8:
7a:43:a6:e5:d7:a5:7e:30:64:95:62:fa:07:fc:2d:
93:16:fa:2a:d0:a6:de:99:97:7a:e4:98:e7:67:1b:
e2:fd:3b:72:24:bd:60:90:39:d3:31:09:33:00:aa:
dc:cb:4d:02:01:c8:5e:96:3a:dd:48:c5:22:2e:20:
9c:68:22:15:1d:fa:f8:a6:a2:4a:30:ea:1e:3b:85:
9c:40:e7:41:10:13:2e:26:0a:79:cd:57:40:f4:aa:
54:42:3e:f6:26:5d:09:ff:7c:34:95:9d:cd:81:85:
0b:3b:2f:c7:b2:21:3a:2d:5f:3e:1b:d7:ec:38:5c:
41:d5:2b:dd:00:a4:52:35:b7:d7:0e:51:22:2a:9d:
fb:5d:e1:1d:05:70:ea:8d:87:61:cc:23:2b:27:05:
12:4c:4b:b3:c1:2b:dc:51:33:90:aa:17:a1:2b:24:
21:2a:14:81:98:cd:7c:cb:88:9d:44:c7:a4:69:df:
30:e7:f0:7c:7b:51:c4:7d:fe:d9:1a:4c:18:07:5f:
06:54:e8:e2:cf:8a:ea:91:24:b1:94:39:ff:0e:d3:
92:a6:3b:ba:0b:91:40:98:c0:31:44:ba:20:54:5f:
ef:a9:b6:12:c7:47:20:f5:ac:e7:ae:46:e1:c5:ea:
21:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:7D:3F:E9:AF:FE:B6:CE:08:9E:B6:3B:12:AB:F4:A5:0D:A5:AE:8D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3233302e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.230.0/23
Signature Algorithm: sha256WithRSAEncryption
54:a1:15:35:4f:1a:cb:52:ad:f8:1a:bb:93:89:a1:cb:d6:40:
19:38:78:83:c6:df:a7:b5:2c:c8:9a:b9:3f:c4:2c:df:8d:91:
d9:22:8a:43:d0:36:c3:be:24:08:65:d9:90:9e:70:53:90:e9:
26:26:5a:bf:87:5f:3d:1d:0e:3e:19:25:51:ef:23:af:f8:e5:
32:a2:52:5e:b3:91:9f:f2:04:4c:be:c6:76:63:de:56:d4:02:
2f:83:05:f3:88:dd:a7:35:41:2f:aa:ca:27:74:43:bb:b7:f1:
9d:4b:ac:a9:09:27:83:3e:32:18:d1:be:f9:5b:5a:d5:d7:97:
ea:05:42:8d:20:28:50:35:71:28:37:a3:68:05:c9:8a:b1:65:
5c:5e:9d:dd:b1:92:0c:29:36:e5:5c:cf:b0:3f:50:98:70:a9:
2b:66:32:0b:1d:b1:af:4a:29:a7:09:f2:fc:2b:91:4d:8a:7d:
a2:6a:30:4f:a9:0f:1e:4c:3a:2e:cf:2f:89:91:29:7d:d5:03:
55:90:f9:2e:77:f9:54:83:fa:10:00:d5:c5:d0:f5:0b:8c:e3:
e0:70:e9:9c:9c:8f:be:8f:64:79:5e:a4:5b:ed:22:14:dd:cb:
a9:05:b5:63:4f:11:e0:19:c8:3b:f6:66:11:aa:a9:96:54:3c:
8e:bc:68:c7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUU6W0OtLmfUws/wdR54nkxtcCy5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA2MjEwNzU5MDBaFw0yNTA2MjAwODA0MDBaMDMxMTAvBgNV
BAMTKDY1N0QzRkU5QUZGRUI2Q0UwODlFQjYzQjEyQUJGNEE1MERBNUFFOEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVwlAecrKYu+MbiOo1uHpDpuXX
pX4wZJVi+gf8LZMW+irQpt6Zl3rkmOdnG+L9O3IkvWCQOdMxCTMAqtzLTQIByF6W
Ot1IxSIuIJxoIhUd+vimokow6h47hZxA50EQEy4mCnnNV0D0qlRCPvYmXQn/fDSV
nc2BhQs7L8eyITotXz4b1+w4XEHVK90ApFI1t9cOUSIqnftd4R0FcOqNh2HMIysn
BRJMS7PBK9xRM5CqF6ErJCEqFIGYzXzLiJ1Ex6Rp3zDn8Hx7UcR9/tkaTBgHXwZU
6OLPiuqRJLGUOf8O05KmO7oLkUCYwDFEuiBUX++pthLHRyD1rOeuRuHF6iENAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUZX0/6a/+ts4InrY7Eqv0pQ2lro0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzIzMzM5MmUzMjMz
MzAyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
Ve/mMA0GCSqGSIb3DQEBCwUAA4IBAQBUoRU1TxrLUq34GruTiaHL1kAZOHiDxt+n
tSzImrk/xCzfjZHZIopD0DbDviQIZdmQnnBTkOkmJlq/h189HQ4+GSVR7yOv+OUy
olJes5Gf8gRMvsZ2Y95W1AIvgwXziN2nNUEvqsondEO7t/GdS6ypCSeDPjIY0b75
W1rV15fqBUKNIChQNXEoN6NoBcmKsWVcXp3dsZIMKTblXM+wP1CYcKkrZjILHbGv
SimnCfL8K5FNin2iajBPqQ8eTDouzy+JkSl91QNVkPkud/lUg/oQANXF0PULjOPg
cOmcnI++j2R5XqRb7SIU3cupBbVjTxHgGcg79mYRqqmWVDyOvGjH
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:16 2024 by rpki-client on console-ams.rpki-client.org