Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234302e302f32312d3332203d3e203531313637.roa
File: 38352e3233392e3234302e302f32312d3332203d3e203531313637.roa (raw, json)
Hash identifier: V+lzMq3pXJUQVBcT8hPSBgDKowU2aIBH3GbT61QEfAQ=
Subject key identifier: 6B:E4:E9:D5:33:AA:D5:47:9B:EB:FC:38:DC:D3:A5:FD:E8:FE:25:BC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 165EFBFBB8CE84C1606F036D74E2315608A065F6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234302e302f32312d3332203d3e203531313637.roa
Signing time: Fri 21 Jun 2024 08:04:00 +0000
ROA not before: Fri 21 Jun 2024 07:59:00 +0000
ROA not after: Fri 20 Jun 2025 08:04:00 +0000
asID: 51167
IP address blocks: 85.239.240.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:5e:fb:fb:b8:ce:84:c1:60:6f:03:6d:74:e2:31:56:08:a0:65:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 21 07:59:00 2024 GMT
Not After : Jun 20 08:04:00 2025 GMT
Subject: CN=6BE4E9D533AAD5479BEBFC38DCD3A5FDE8FE25BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:96:d2:48:68:9b:6d:af:14:d7:75:44:5e:d5:
74:ad:14:f2:10:71:d0:bb:c3:8e:2f:6b:9e:35:e7:
c1:a1:24:97:c9:af:87:41:aa:1d:bb:e1:c3:08:fd:
dd:09:43:7c:7f:7c:56:f3:99:08:b3:97:83:8b:c0:
63:27:d7:90:58:39:f4:22:7c:0f:68:c0:bf:0c:5e:
33:03:40:e0:d7:ef:5b:e3:e5:c5:38:c1:e9:10:2b:
05:5d:8e:ad:bf:f4:ca:0c:a7:be:12:fb:26:27:ff:
19:1d:83:6e:cb:ef:b0:24:75:d0:f4:26:57:5f:e6:
b2:53:28:e4:40:d3:fa:3f:89:bc:a7:9a:50:ff:7d:
6f:2a:b8:13:fe:72:6a:65:4d:39:fb:c5:11:c3:75:
97:b2:6b:7c:95:8f:38:57:d7:c7:fa:95:4d:06:55:
3f:be:65:89:1c:e6:17:a1:3e:26:f5:a6:fe:41:38:
54:e8:c8:df:ab:a3:ec:38:d2:47:4b:f8:28:d3:f4:
99:99:12:67:f1:dc:59:dd:06:2a:0c:9e:45:02:a9:
16:a3:94:1f:57:ee:be:e9:a2:66:7d:85:93:98:00:
b5:9f:b0:56:bd:ae:8c:12:a4:02:d6:20:ed:d8:be:
e3:2d:73:92:b4:a8:5d:1c:c2:33:cc:98:d5:32:5a:
14:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E4:E9:D5:33:AA:D5:47:9B:EB:FC:38:DC:D3:A5:FD:E8:FE:25:BC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234302e302f32312d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.240.0/21
Signature Algorithm: sha256WithRSAEncryption
17:74:d1:ec:f9:f1:4d:f2:e3:f5:a1:82:f0:14:17:d4:c3:5d:
ff:b3:c0:76:a0:06:1b:0e:62:4c:d9:85:c9:63:46:12:b6:fe:
fe:16:7a:21:d8:af:b4:90:09:e1:7a:e3:d5:19:33:bd:51:bf:
38:7b:5c:12:b0:7d:24:73:0b:96:37:fa:fe:c7:33:e6:02:a3:
12:85:93:2d:12:df:53:10:7c:f2:8d:08:da:e4:ad:84:05:b4:
3e:a5:7b:d0:a5:ad:14:dd:df:f8:5e:f1:1c:bf:29:9d:cd:a9:
85:2c:0f:f5:00:32:99:67:01:3e:39:46:a2:a6:c7:0c:c4:b1:
95:bd:c3:79:1e:d4:ff:18:6e:e3:00:63:47:50:a0:2f:ac:0c:
05:71:b7:91:ad:e8:00:9b:47:98:40:40:12:15:a6:44:cf:8a:
81:76:e2:b4:87:8a:cc:61:09:bf:ba:a0:4a:ff:f8:44:d5:21:
ff:f6:a7:9f:c4:32:56:c1:ef:5d:0c:7e:5b:06:38:4e:60:56:
2e:9b:b9:9f:ca:a2:48:ec:4a:c3:2c:6f:f2:d2:e5:ef:97:a2:
cc:a8:5d:68:e9:ea:7e:ea:d9:8a:d1:d2:8a:d5:7a:ea:95:9c:
a8:47:79:0d:01:c0:b5:48:c6:71:76:38:45:5a:a9:47:d2:7b:
73:53:ba:78
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFl77+7jOhMFgbwNtdOIxVgigZfYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA2MjEwNzU5MDBaFw0yNTA2MjAwODA0MDBaMDMxMTAvBgNV
BAMTKDZCRTRFOUQ1MzNBQUQ1NDc5QkVCRkMzOERDRDNBNUZERThGRTI1QkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVltJIaJttrxTXdURe1XStFPIQ
cdC7w44va54158GhJJfJr4dBqh274cMI/d0JQ3x/fFbzmQizl4OLwGMn15BYOfQi
fA9owL8MXjMDQODX71vj5cU4wekQKwVdjq2/9MoMp74S+yYn/xkdg27L77AkddD0
Jldf5rJTKORA0/o/ibynmlD/fW8quBP+cmplTTn7xRHDdZeya3yVjzhX18f6lU0G
VT++ZYkc5hehPib1pv5BOFToyN+ro+w40kdL+CjT9JmZEmfx3FndBioMnkUCqRaj
lB9X7r7pomZ9hZOYALWfsFa9rowSpALWIO3YvuMtc5K0qF0cwjPMmNUyWhQ1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUa+Tp1TOq1Ueb6/w43NOl/ej+JbwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzIzMzM5MmUzMjM0
MzAyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
Ve/wMA0GCSqGSIb3DQEBCwUAA4IBAQAXdNHs+fFN8uP1oYLwFBfUw13/s8B2oAYb
DmJM2YXJY0YStv7+Fnoh2K+0kAnheuPVGTO9Ub84e1wSsH0kcwuWN/r+xzPmAqMS
hZMtEt9TEHzyjQja5K2EBbQ+pXvQpa0U3d/4XvEcvymdzamFLA/1ADKZZwE+OUai
pscMxLGVvcN5HtT/GG7jAGNHUKAvrAwFcbeRregAm0eYQEASFaZEz4qBduK0h4rM
YQm/uqBK//hE1SH/9qefxDJWwe9dDH5bBjhOYFYum7mfyqJI7ErDLG/y0uXvl6LM
qF1o6ep+6tmK0dKK1XrqlZyoR3kNAcC1SMZxdjhFWqlH0ntzU7p4
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:16 2024 by rpki-client on console-ams.rpki-client.org