Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234302e302f32312d3332203d3e203430303231.roa
File: 38352e3233392e3234302e302f32312d3332203d3e203430303231.roa (raw, json)
Hash identifier: Icjxo9DGLh6ITvsBdGEQ0W82t9k8y7VTsxWoti11/zQ=
Subject key identifier: 26:58:24:7E:31:1C:B0:E8:C5:4C:69:6B:A5:C1:2B:26:09:49:E3:46
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3F264C489A0C29577627FBFC4BFDB9DAE21BE544
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234302e302f32312d3332203d3e203430303231.roa
Signing time: Mon 27 Jan 2025 09:45:05 +0000
ROA not before: Mon 27 Jan 2025 09:40:05 +0000
ROA not after: Mon 26 Jan 2026 09:45:05 +0000
asID: 40021
IP address blocks: 85.239.240.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:26:4c:48:9a:0c:29:57:76:27:fb:fc:4b:fd:b9:da:e2:1b:e5:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:05 2025 GMT
Not After : Jan 26 09:45:05 2026 GMT
Subject: CN=2658247E311CB0E8C54C696BA5C12B260949E346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:08:5c:52:d7:11:10:fa:00:23:6e:ce:ec:f7:
94:c5:08:83:3f:0b:fd:fd:a0:40:9b:88:41:50:5d:
f4:13:cd:fe:d1:40:df:18:ab:fd:50:9e:d6:9b:22:
47:cd:4e:2f:f1:5c:d8:1b:63:3e:ef:67:2c:f1:70:
41:bf:4b:dd:dc:41:e9:78:09:da:8d:e5:a1:0f:7b:
fe:20:76:54:5b:10:dd:af:48:5a:86:41:e6:6d:32:
89:3b:9e:84:9f:94:77:90:d6:37:e8:37:7a:54:b9:
65:18:8f:0f:48:e7:c2:7a:9a:7b:1c:c6:7c:f4:72:
43:b8:47:60:61:f6:4d:c5:37:67:70:66:94:01:f7:
79:ef:b8:70:ef:6f:d0:1f:18:4d:9f:e1:6c:66:55:
4d:ea:5b:59:4f:4c:ff:13:5d:66:d5:89:9c:df:70:
d1:a8:9e:da:84:f8:06:0d:af:8c:a7:eb:89:77:4b:
d1:76:8e:e5:19:1c:36:91:5b:52:0e:5e:4a:6e:fa:
ab:cc:22:f7:6b:32:20:5a:d8:fe:7d:41:4e:7b:2d:
8e:2a:16:24:11:45:39:ae:1b:0b:b1:c7:ff:9e:2f:
97:66:41:d4:80:1f:40:11:da:f8:a4:8c:40:fe:b8:
71:81:d5:2a:3f:51:c9:23:64:c1:ec:19:12:71:f2:
61:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:58:24:7E:31:1C:B0:E8:C5:4C:69:6B:A5:C1:2B:26:09:49:E3:46
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234302e302f32312d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.240.0/21
Signature Algorithm: sha256WithRSAEncryption
1f:a2:88:ab:30:c6:99:8c:3d:fe:f1:cc:90:6d:7c:4d:46:f3:
2f:4e:54:7a:57:7a:fc:c2:1f:b5:f9:3f:4e:bd:6a:d1:63:cd:
b9:08:dd:d3:66:a0:c5:76:6e:22:a6:ad:bf:a6:e2:b1:a8:be:
85:74:8d:e0:dd:bb:07:ed:72:de:24:12:25:15:aa:58:59:b1:
b3:01:46:fb:b8:fb:5f:e1:ec:05:7d:fd:42:38:4b:f3:fa:8d:
07:77:1c:e2:fa:a9:05:25:f1:b2:9c:00:ec:99:0e:d1:b7:99:
95:31:a7:51:2c:82:98:ec:7c:96:ea:14:e0:a8:5d:40:a4:cb:
b9:e4:76:b0:74:f4:a9:de:68:61:bf:bc:ba:74:87:4f:62:6d:
a1:4e:61:ce:a2:90:25:9c:0a:12:3d:9c:e4:0f:9e:00:0c:76:
67:96:ba:fd:75:52:e4:71:8d:75:13:7c:b6:81:23:bf:f4:be:
58:d8:0b:8b:74:ad:8c:f0:1d:0a:02:4b:1f:1f:55:31:9f:ea:
3c:a9:96:ee:b8:76:39:b9:4d:76:9b:0f:06:92:47:f4:fd:a4:
2e:4f:34:34:2f:e2:91:a3:9b:23:d5:c8:11:1d:8d:30:0d:ec:
ee:e0:30:0c:e2:f8:fd:8a:2a:a2:e6:73:6a:17:31:14:02:9d:
b3:4c:39:f9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPyZMSJoMKVd2J/v8S/252uIb5UQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDVaFw0yNjAxMjYwOTQ1MDVaMDMxMTAvBgNV
BAMTKDI2NTgyNDdFMzExQ0IwRThDNTRDNjk2QkE1QzEyQjI2MDk0OUUzNDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDICFxS1xEQ+gAjbs7s95TFCIM/
C/39oECbiEFQXfQTzf7RQN8Yq/1QntabIkfNTi/xXNgbYz7vZyzxcEG/S93cQel4
CdqN5aEPe/4gdlRbEN2vSFqGQeZtMok7noSflHeQ1jfoN3pUuWUYjw9I58J6mnsc
xnz0ckO4R2Bh9k3FN2dwZpQB93nvuHDvb9AfGE2f4WxmVU3qW1lPTP8TXWbViZzf
cNGontqE+AYNr4yn64l3S9F2juUZHDaRW1IOXkpu+qvMIvdrMiBa2P59QU57LY4q
FiQRRTmuGwuxx/+eL5dmQdSAH0AR2vikjED+uHGB1So/UckjZMHsGRJx8mHdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUJlgkfjEcsOjFTGlrpcErJglJ40YwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzIzMzM5MmUzMjM0
MzAyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzNDMwMzAzMjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
Ve/wMA0GCSqGSIb3DQEBCwUAA4IBAQAfooirMMaZjD3+8cyQbXxNRvMvTlR6V3r8
wh+1+T9OvWrRY825CN3TZqDFdm4ipq2/puKxqL6FdI3g3bsH7XLeJBIlFapYWbGz
AUb7uPtf4ewFff1COEvz+o0Hdxzi+qkFJfGynADsmQ7Rt5mVMadRLIKY7HyW6hTg
qF1ApMu55HawdPSp3mhhv7y6dIdPYm2hTmHOopAlnAoSPZzkD54ADHZnlrr9dVLk
cY11E3y2gSO/9L5Y2AuLdK2M8B0KAksfH1Uxn+o8qZbuuHY5uU12mw8Gkkf0/aQu
TzQ0L+KRo5sj1cgRHY0wDezu4DAM4vj9iiqi5nNqFzEUAp2zTDn5
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:53:40 2025 by rpki-client