Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234302e302f32312d3332203d3e203531313637.roa
File: 38352e3233392e3234302e302f32312d3332203d3e203531313637.roa (raw, json)
Hash identifier: 0EVsfYzKNLe7oCoL8T4INgGZdzy5ituLb8wijlayBw4=
Subject key identifier: B9:BE:75:BD:32:2E:29:82:A9:A1:6F:58:BA:3F:BF:C8:71:62:54:E7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 644681493334E40028C17C4C3A8EFE283076657C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234302e302f32312d3332203d3e203531313637.roa
Signing time: Fri 21 Jul 2023 07:19:19 +0000
ROA not before: Fri 21 Jul 2023 07:14:19 +0000
ROA not after: Fri 19 Jul 2024 07:19:19 +0000
asID: 51167
IP address blocks: 85.239.240.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:46:81:49:33:34:e4:00:28:c1:7c:4c:3a:8e:fe:28:30:76:65:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 21 07:14:19 2023 GMT
Not After : Jul 19 07:19:19 2024 GMT
Subject: CN=B9BE75BD322E2982A9A16F58BA3FBFC8716254E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:17:e7:70:18:29:40:96:3a:c9:ef:42:b4:26:
9e:d4:4e:b3:e5:c2:f9:42:4b:b3:4d:fc:55:57:70:
0e:cc:d8:4b:8d:df:2e:78:c4:05:22:1a:50:92:51:
e1:f8:ba:a7:a1:05:85:53:5f:aa:52:1c:8f:de:85:
9c:14:3c:48:1b:48:ed:b4:bb:e1:27:06:0b:ef:4b:
c1:e4:0a:4e:6d:1e:77:d5:22:6b:f7:0a:4f:b3:20:
e0:80:45:97:6e:a0:78:87:70:1b:02:01:89:ab:7f:
75:3e:82:24:3b:13:1f:aa:dd:78:86:62:b0:ff:56:
6a:c7:38:7d:df:de:f8:1e:ae:b6:00:9d:53:d8:a5:
45:c4:63:9b:ed:97:43:51:f5:e6:25:c6:25:ce:72:
cf:45:f2:66:ff:d3:e9:c8:c9:fe:9b:5f:7a:93:f6:
35:e4:92:fc:96:4d:fd:79:0e:83:85:4c:0a:24:31:
98:e7:26:a5:7b:8f:14:a6:5b:3f:48:c5:34:fd:65:
2c:c1:6c:fa:b6:a9:e1:6a:e1:ea:b9:34:f4:e7:c3:
fa:05:60:2f:0e:6a:c3:4c:71:f4:0b:34:66:9d:1d:
a6:bb:1f:b3:ca:8c:8d:c6:b1:8b:82:fe:77:f8:c9:
2e:55:46:14:bb:a6:4e:ee:5a:b0:2e:64:77:0b:c5:
ba:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:BE:75:BD:32:2E:29:82:A9:A1:6F:58:BA:3F:BF:C8:71:62:54:E7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234302e302f32312d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.240.0/21
Signature Algorithm: sha256WithRSAEncryption
08:41:6e:6d:4f:9f:e6:2a:1f:de:fd:44:38:10:1f:6c:21:a8:
c2:33:86:0e:22:c1:f9:15:78:21:33:f9:28:44:95:ff:a1:56:
cf:f9:0c:26:7c:f7:d1:43:c7:62:2d:f0:d2:8e:1a:b4:d1:2e:
c4:51:9a:f6:f6:3a:39:4c:61:0d:36:e7:50:4e:e2:cb:83:eb:
b5:87:50:18:d6:db:b7:b4:35:b4:82:73:97:76:dc:5d:1a:3c:
c7:6b:8a:32:68:11:17:15:d6:c3:07:0e:9c:2d:61:db:8d:95:
54:f3:f2:f2:43:16:6e:9f:22:5f:58:8c:3c:41:d5:63:84:7a:
91:1b:43:17:ae:b1:2c:71:82:fb:66:66:39:1a:80:38:13:ea:
98:77:35:fc:16:f2:0b:15:80:17:24:c3:80:40:d3:d3:b1:90:
46:59:9a:03:9e:26:f4:67:86:1d:86:49:04:b4:18:9a:af:28:
ae:18:b5:d0:cd:ed:79:dd:0c:2e:1c:ca:6c:91:d6:c4:42:80:
ce:65:18:28:22:22:5e:de:ef:2e:76:50:34:c7:a7:19:f0:5d:
82:e6:1f:69:6c:5c:13:c3:4c:31:f2:84:80:9f:bb:10:27:08:
24:f1:9f:96:58:7f:21:26:64:95:79:ea:59:ea:9a:e9:a1:75:
fb:59:e7:aa
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZEaBSTM05AAowXxMOo7+KDB2ZXwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA3MjEwNzE0MTlaFw0yNDA3MTkwNzE5MTlaMDMxMTAvBgNV
BAMTKEI5QkU3NUJEMzIyRTI5ODJBOUExNkY1OEJBM0ZCRkM4NzE2MjU0RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUF+dwGClAljrJ70K0Jp7UTrPl
wvlCS7NN/FVXcA7M2EuN3y54xAUiGlCSUeH4uqehBYVTX6pSHI/ehZwUPEgbSO20
u+EnBgvvS8HkCk5tHnfVImv3Ck+zIOCARZduoHiHcBsCAYmrf3U+giQ7Ex+q3XiG
YrD/VmrHOH3f3vgerrYAnVPYpUXEY5vtl0NR9eYlxiXOcs9F8mb/0+nIyf6bX3qT
9jXkkvyWTf15DoOFTAokMZjnJqV7jxSmWz9IxTT9ZSzBbPq2qeFq4eq5NPTnw/oF
YC8OasNMcfQLNGadHaa7H7PKjI3GsYuC/nf4yS5VRhS7pk7uWrAuZHcLxboZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUub51vTIuKYKpoW9Yuj+/yHFiVOcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzIzMzM5MmUzMjM0
MzAyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
Ve/wMA0GCSqGSIb3DQEBCwUAA4IBAQAIQW5tT5/mKh/e/UQ4EB9sIajCM4YOIsH5
FXghM/koRJX/oVbP+QwmfPfRQ8diLfDSjhq00S7EUZr29jo5TGENNudQTuLLg+u1
h1AY1tu3tDW0gnOXdtxdGjzHa4oyaBEXFdbDBw6cLWHbjZVU8/LyQxZunyJfWIw8
QdVjhHqRG0MXrrEscYL7ZmY5GoA4E+qYdzX8FvILFYAXJMOAQNPTsZBGWZoDnib0
Z4YdhkkEtBiaryiuGLXQze153QwuHMpskdbEQoDOZRgoIiJe3u8udlA0x6cZ8F2C
5h9pbFwTw0wx8oSAn7sQJwgk8Z+WWH8hJmSVeepZ6prpoXX7Weeq
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:46 2024 by rpki-client on console-fra.rpki-client.org