Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3233302e302f32332d3332203d3e203531313637.roa
File: 38352e3233392e3233302e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: dIoLnAjBjtsIY1rT149OkOFDYJT7u83sZqlx+7+NGLo=
Subject key identifier: B5:C7:A3:C3:73:AB:93:88:F5:A1:8D:91:30:69:B6:04:4C:C2:25:A3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4FC25F14BAE913E34CC16FC9F8C71C71EA38B33B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3233302e302f32332d3332203d3e203531313637.roa
Signing time: Fri 21 Jul 2023 07:20:00 +0000
ROA not before: Fri 21 Jul 2023 07:15:00 +0000
ROA not after: Fri 19 Jul 2024 07:20:00 +0000
asID: 51167
IP address blocks: 85.239.230.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:c2:5f:14:ba:e9:13:e3:4c:c1:6f:c9:f8:c7:1c:71:ea:38:b3:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 21 07:15:00 2023 GMT
Not After : Jul 19 07:20:00 2024 GMT
Subject: CN=B5C7A3C373AB9388F5A18D913069B6044CC225A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:40:b4:7c:69:40:7e:0c:a6:ef:1b:79:f7:bb:
0a:05:a5:7f:57:21:08:0c:28:9a:7e:06:6e:e8:38:
2e:d7:b6:be:de:e4:98:7e:64:8b:07:6a:b6:c0:63:
4b:d6:95:8d:57:a9:d3:6f:6c:7a:44:7d:0f:22:37:
c8:25:b0:1c:53:5f:f6:86:f2:ad:c9:ca:20:bc:f0:
2b:35:c0:ad:50:b7:d4:b7:e5:b1:2e:12:10:16:ab:
56:00:d9:6f:f5:6e:cb:98:c7:7e:1c:41:b3:2d:81:
36:47:a6:dd:47:ce:74:0d:61:02:c1:74:fc:41:09:
f0:08:ef:e7:0e:c0:7b:f0:bd:46:c6:16:b0:4c:17:
bb:86:45:f8:68:40:68:ea:ee:3e:0b:de:22:7a:f9:
4f:a4:aa:12:07:bc:8d:f4:37:4f:ab:9a:9a:8e:dd:
f4:ca:58:34:93:a4:5f:74:6a:79:8d:6a:c5:36:d9:
1c:70:81:3f:1e:c9:2b:8b:74:c5:7e:8b:c1:d0:4d:
08:99:cd:7d:97:8a:95:17:86:70:26:90:10:3f:af:
b7:c5:eb:2f:98:fa:3d:db:29:ab:ed:78:5f:66:f3:
9b:84:d0:6c:19:b1:6c:b1:0b:48:a1:d0:eb:22:71:
27:4a:42:ee:dd:62:17:37:61:0c:b9:3d:e2:23:8a:
f0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:C7:A3:C3:73:AB:93:88:F5:A1:8D:91:30:69:B6:04:4C:C2:25:A3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3233302e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.230.0/23
Signature Algorithm: sha256WithRSAEncryption
36:4f:34:7c:d9:e9:3c:0f:89:81:7d:05:22:0b:a5:07:05:f3:
6b:b7:ae:ad:7b:d2:66:50:0b:c1:13:e9:eb:79:ca:f0:f8:ae:
47:00:0a:5a:de:55:28:b3:5e:18:81:8d:95:ee:7d:0b:94:b9:
3b:c4:2f:0a:26:ba:bf:fb:01:bb:66:c3:c5:5f:99:fe:f0:b8:
ce:a8:65:f9:dc:cd:47:75:a7:c3:79:2e:eb:b4:c9:81:15:45:
97:73:ba:32:25:64:3b:f6:bf:3b:46:48:d2:d5:e1:3c:98:28:
be:e2:19:0c:00:e5:db:4d:12:08:2d:35:02:97:bf:58:a2:0b:
5c:2e:76:e9:84:e6:74:01:0f:2e:14:d7:87:b2:ae:55:58:81:
d3:fc:2d:eb:40:0b:b2:20:ca:81:31:65:94:70:e6:44:3f:95:
d5:bf:d4:b1:7c:d4:a4:b9:a1:d9:75:93:90:a1:db:5c:0f:29:
a1:8c:4d:1b:e9:8c:f5:aa:2a:74:5e:42:3a:90:eb:c3:72:11:
9d:b5:6e:fb:17:8b:77:14:e7:f6:85:d4:9f:73:73:f3:45:22:
94:58:9c:b4:49:28:ea:b6:3c:0f:5d:b2:da:e9:32:f4:d8:4d:
3e:78:b6:09:86:ed:5d:ec:1f:d3:7a:f8:27:73:2b:75:45:d4:
d6:0f:7b:8c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUT8JfFLrpE+NMwW/J+Mccceo4szswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA3MjEwNzE1MDBaFw0yNDA3MTkwNzIwMDBaMDMxMTAvBgNV
BAMTKEI1QzdBM0MzNzNBQjkzODhGNUExOEQ5MTMwNjlCNjA0NENDMjI1QTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEQLR8aUB+DKbvG3n3uwoFpX9X
IQgMKJp+Bm7oOC7Xtr7e5Jh+ZIsHarbAY0vWlY1XqdNvbHpEfQ8iN8glsBxTX/aG
8q3JyiC88Cs1wK1Qt9S35bEuEhAWq1YA2W/1bsuYx34cQbMtgTZHpt1HznQNYQLB
dPxBCfAI7+cOwHvwvUbGFrBMF7uGRfhoQGjq7j4L3iJ6+U+kqhIHvI30N0+rmpqO
3fTKWDSTpF90anmNasU22RxwgT8eySuLdMV+i8HQTQiZzX2XipUXhnAmkBA/r7fF
6y+Y+j3bKavteF9m85uE0GwZsWyxC0ih0OsicSdKQu7dYhc3YQy5PeIjivC5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUtcejw3Ork4j1oY2RMGm2BEzCJaMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzIzMzM5MmUzMjMz
MzAyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
Ve/mMA0GCSqGSIb3DQEBCwUAA4IBAQA2TzR82ek8D4mBfQUiC6UHBfNrt66te9Jm
UAvBE+nrecrw+K5HAApa3lUos14YgY2V7n0LlLk7xC8KJrq/+wG7ZsPFX5n+8LjO
qGX53M1HdafDeS7rtMmBFUWXc7oyJWQ79r87RkjS1eE8mCi+4hkMAOXbTRIILTUC
l79YogtcLnbphOZ0AQ8uFNeHsq5VWIHT/C3rQAuyIMqBMWWUcOZEP5XVv9SxfNSk
uaHZdZOQodtcDymhjE0b6Yz1qip0XkI6kOvDchGdtW77F4t3FOf2hdSfc3PzRSKU
WJy0SSjqtjwPXbLa6TL02E0+eLYJhu1d7B/Tevgncyt1RdTWD3uM
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:50 2024 by rpki-client on console-ams.rpki-client.org