Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3233322e302f32312d3332203d3e203430303231.roa
File: 38352e3233392e3233322e302f32312d3332203d3e203430303231.roa (raw, json)
Hash identifier: uncVhlLopymXZgFBWdbaiRJ7UQr55N47TBE5AQwP/JQ=
Subject key identifier: 71:56:E1:B9:BF:E6:07:C1:26:A2:14:54:18:53:44:E3:56:DE:3D:9C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 36DF2231A5E5F47E95111DF6893686F3A93B9C40
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3233322e302f32312d3332203d3e203430303231.roa
Signing time: Mon 27 Jan 2025 09:45:11 +0000
ROA not before: Mon 27 Jan 2025 09:40:11 +0000
ROA not after: Mon 26 Jan 2026 09:45:11 +0000
asID: 40021
IP address blocks: 85.239.232.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:df:22:31:a5:e5:f4:7e:95:11:1d:f6:89:36:86:f3:a9:3b:9c:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:11 2025 GMT
Not After : Jan 26 09:45:11 2026 GMT
Subject: CN=7156E1B9BFE607C126A21454185344E356DE3D9C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:17:e9:a4:70:4a:60:dc:1e:8d:52:5f:c4:81:
b8:42:25:38:c0:72:38:c5:5e:e3:09:a3:a1:f5:d1:
dc:60:b7:77:54:c0:7f:88:07:9f:a8:3a:c7:d0:e2:
c3:4b:b4:fb:33:12:f2:b6:50:44:4f:82:5e:ba:ea:
57:6f:61:6b:43:0c:b0:50:55:4a:48:4a:88:67:5e:
12:78:8a:be:4e:93:63:c7:38:b7:14:dd:76:db:cc:
f9:34:84:f1:e9:d2:f9:ea:01:b5:55:3f:2b:9d:1e:
cf:2f:2a:61:e1:c1:3a:33:c1:b2:16:dd:b6:75:1b:
14:2d:82:81:bf:cb:c1:f6:92:a6:7c:d3:c0:86:7d:
79:72:3f:99:45:bb:85:19:dd:7e:b9:44:7e:78:8a:
25:05:67:c1:fa:a9:0f:4d:73:90:7b:db:27:b6:c7:
28:db:e7:b8:0c:53:39:4e:34:3e:68:9a:8d:60:43:
bb:6d:9e:cb:93:9b:98:24:46:d8:3a:0d:f5:b2:bf:
59:d3:7e:bc:99:f9:74:66:c7:61:eb:ad:b0:e2:f4:
83:af:90:94:ce:4b:57:dd:56:07:74:04:ec:77:c6:
f3:5d:0a:a7:1d:ce:60:33:4e:e4:b0:2f:32:4e:cd:
a5:3d:9b:57:c1:75:b5:de:ea:62:78:95:cc:aa:49:
a6:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:56:E1:B9:BF:E6:07:C1:26:A2:14:54:18:53:44:E3:56:DE:3D:9C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3233322e302f32312d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.232.0/21
Signature Algorithm: sha256WithRSAEncryption
76:b3:94:29:28:dc:ef:51:e6:8f:1f:18:0e:03:8f:49:eb:8a:
de:93:9e:fc:c8:a5:c4:17:cd:4d:62:2e:65:3c:71:eb:db:8a:
e8:4f:01:2d:10:a8:bf:8b:8f:54:6f:51:6f:c5:7a:83:b8:7c:
d9:7c:14:a5:05:f1:e7:c6:b0:39:4c:ad:ee:59:57:94:66:1b:
9b:b6:f6:2c:17:0a:cd:0b:0e:f7:fb:8d:6f:b2:06:91:41:af:
70:03:01:07:dc:f8:49:fe:14:6d:66:02:f0:6d:de:9a:37:4b:
aa:f0:c2:70:57:84:1a:6d:7c:d6:34:58:b8:5b:60:03:b2:1e:
f0:e4:5d:1a:35:64:56:e4:65:98:e9:bd:30:2b:d2:09:b8:98:
50:85:64:23:2b:31:a6:b9:40:7b:16:2b:5d:e6:9d:53:b5:af:
ae:9c:39:fa:6c:63:43:96:69:29:62:18:a2:18:d9:b1:fd:ff:
28:de:73:c8:cc:07:1e:91:b3:70:b6:2b:31:2b:bf:47:39:f0:
dd:13:9d:81:96:62:8a:08:99:b6:4f:62:e8:30:66:1a:f6:b2:
2f:30:7a:85:ac:bd:95:a8:06:3e:6d:17:2c:f7:02:f9:19:cf:
0a:79:1a:a4:0e:f0:e1:da:59:c0:80:27:1d:9b:9c:ba:7d:2c:
2d:68:92:08
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUNt8iMaXl9H6VER32iTaG86k7nEAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTFaFw0yNjAxMjYwOTQ1MTFaMDMxMTAvBgNV
BAMTKDcxNTZFMUI5QkZFNjA3QzEyNkEyMTQ1NDE4NTM0NEUzNTZERTNEOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoF+mkcEpg3B6NUl/EgbhCJTjA
cjjFXuMJo6H10dxgt3dUwH+IB5+oOsfQ4sNLtPszEvK2UERPgl666ldvYWtDDLBQ
VUpISohnXhJ4ir5Ok2PHOLcU3XbbzPk0hPHp0vnqAbVVPyudHs8vKmHhwTozwbIW
3bZ1GxQtgoG/y8H2kqZ808CGfXlyP5lFu4UZ3X65RH54iiUFZ8H6qQ9Nc5B72ye2
xyjb57gMUzlOND5omo1gQ7ttnsuTm5gkRtg6DfWyv1nTfryZ+XRmx2HrrbDi9IOv
kJTOS1fdVgd0BOx3xvNdCqcdzmAzTuSwLzJOzaU9m1fBdbXe6mJ4lcyqSaYNAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUcVbhub/mB8EmohRUGFNE41bePZwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzIzMzM5MmUzMjMz
MzIyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzNDMwMzAzMjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
Ve/oMA0GCSqGSIb3DQEBCwUAA4IBAQB2s5QpKNzvUeaPHxgOA49J64rek578yKXE
F81NYi5lPHHr24roTwEtEKi/i49Ub1FvxXqDuHzZfBSlBfHnxrA5TK3uWVeUZhub
tvYsFwrNCw73+41vsgaRQa9wAwEH3PhJ/hRtZgLwbd6aN0uq8MJwV4QabXzWNFi4
W2ADsh7w5F0aNWRW5GWY6b0wK9IJuJhQhWQjKzGmuUB7Fitd5p1Tta+unDn6bGND
lmkpYhiiGNmx/f8o3nPIzAcekbNwtisxK79HOfDdE52BlmKKCJm2T2LoMGYa9rIv
MHqFrL2VqAY+bRcs9wL5Gc8KeRqkDvDh2lnAgCcdm5y6fSwtaJII
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:27:53 2025 by rpki-client