Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234382e302f32332d3332203d3e203531313637.roa
File: 38352e3233392e3234382e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: jVOE+guNQZVb7VPwGxP1VRNi3wDVkKqvns0Pb1e7wYY=
Subject key identifier: E2:FB:4F:F5:D7:39:36:6E:BD:EA:31:8C:69:04:A2:6E:87:F4:2A:03
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0203FF3CFF2EA219DEFA53283E610474E5F10097
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234382e302f32332d3332203d3e203531313637.roa
Signing time: Fri 21 Jun 2024 08:04:00 +0000
ROA not before: Fri 21 Jun 2024 07:59:00 +0000
ROA not after: Fri 20 Jun 2025 08:04:00 +0000
asID: 51167
IP address blocks: 85.239.248.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:03:ff:3c:ff:2e:a2:19:de:fa:53:28:3e:61:04:74:e5:f1:00:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 21 07:59:00 2024 GMT
Not After : Jun 20 08:04:00 2025 GMT
Subject: CN=E2FB4FF5D739366EBDEA318C6904A26E87F42A03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8e:e6:43:50:b7:da:be:15:48:7d:11:f9:18:
00:9c:06:3d:55:09:89:ab:0f:10:a2:c5:42:4f:8a:
f4:d2:e7:56:53:e7:d8:e8:d3:b7:91:d0:ab:a3:85:
fc:13:f9:d6:f7:98:54:0c:01:cf:38:bf:7a:7e:72:
6d:00:85:ac:c6:25:da:20:8f:f6:f6:97:87:3b:2b:
94:ff:b0:d2:4b:2e:06:e4:9b:20:08:e2:18:fd:e8:
54:db:71:ac:99:d4:97:c9:fe:7a:a9:6e:dc:4a:81:
dd:8c:6b:c3:e2:7c:b8:13:bc:46:8f:ef:0c:f1:56:
31:2a:5b:cc:3e:29:10:2c:20:ae:c1:2a:bb:27:6d:
23:b0:03:20:6e:14:a7:fb:99:72:5e:7a:de:8e:dd:
2e:b4:65:44:43:99:79:40:68:7f:50:55:43:df:46:
5f:81:f8:84:32:d0:df:28:8c:73:9c:5b:8b:4d:00:
35:32:c3:15:10:da:68:8b:40:e0:0e:a7:7e:2f:eb:
8a:60:c7:05:61:bb:4d:c6:61:16:0d:c5:4a:d2:59:
32:81:40:f1:df:79:28:6c:26:02:07:fe:45:c2:cb:
fc:ae:ee:e5:4b:b9:e8:8a:c6:f5:91:6c:ca:ad:9c:
f9:f1:04:46:93:1f:12:ea:72:4a:34:e2:b0:62:8f:
1e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:FB:4F:F5:D7:39:36:6E:BD:EA:31:8C:69:04:A2:6E:87:F4:2A:03
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234382e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.248.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:77:be:a0:32:db:f2:fb:c4:e1:c9:56:af:b3:2a:84:00:50:
d1:79:f6:99:7c:c8:a2:2d:5c:dd:a9:b1:7e:f6:17:f3:61:65:
6b:2d:45:e9:99:ad:2d:e1:f6:32:50:58:4c:1d:ab:92:2c:33:
a0:c5:54:78:b9:4c:f1:58:c4:be:d9:9d:e5:7b:2e:07:aa:6a:
8b:9b:ca:5c:0e:31:74:04:7b:8f:4f:d5:dd:2a:6e:9e:35:79:
3f:62:15:b2:27:3a:0d:18:69:42:b6:bb:20:6e:c5:35:26:54:
0c:77:94:52:3e:6a:27:62:cd:fb:a1:f3:6f:42:1d:2c:a5:18:
d4:28:d1:38:05:73:d3:05:da:82:39:7c:2a:90:bc:19:79:e0:
49:76:b5:24:11:9e:85:ea:18:05:15:d5:1b:38:82:f2:c0:56:
a4:1c:0b:66:0e:71:81:28:21:82:02:3c:f7:9f:a4:c6:8d:05:
2b:2a:44:df:54:a8:4a:c3:df:27:f4:1b:7c:72:fc:a6:0d:0c:
fa:85:55:f1:07:c1:5a:d1:21:4e:12:d7:07:be:f5:c6:f3:7e:
be:d9:dc:7e:f1:5c:f1:77:be:c9:59:b0:d3:be:12:b3:ac:49:
bd:0a:25:b7:a1:56:2f:57:da:d3:2e:d8:98:d9:13:60:33:69:
dc:6e:0a:aa
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUAgP/PP8uohne+lMoPmEEdOXxAJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA2MjEwNzU5MDBaFw0yNTA2MjAwODA0MDBaMDMxMTAvBgNV
BAMTKEUyRkI0RkY1RDczOTM2NkVCREVBMzE4QzY5MDRBMjZFODdGNDJBMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCjuZDULfavhVIfRH5GACcBj1V
CYmrDxCixUJPivTS51ZT59jo07eR0KujhfwT+db3mFQMAc84v3p+cm0AhazGJdog
j/b2l4c7K5T/sNJLLgbkmyAI4hj96FTbcayZ1JfJ/nqpbtxKgd2Ma8PifLgTvEaP
7wzxVjEqW8w+KRAsIK7BKrsnbSOwAyBuFKf7mXJeet6O3S60ZURDmXlAaH9QVUPf
Rl+B+IQy0N8ojHOcW4tNADUywxUQ2miLQOAOp34v64pgxwVhu03GYRYNxUrSWTKB
QPHfeShsJgIH/kXCy/yu7uVLueiKxvWRbMqtnPnxBEaTHxLqcko04rBijx7dAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU4vtP9dc5Nm696jGMaQSibof0KgMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzIzMzM5MmUzMjM0
MzgyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
Ve/4MA0GCSqGSIb3DQEBCwUAA4IBAQBdd76gMtvy+8ThyVavsyqEAFDRefaZfMii
LVzdqbF+9hfzYWVrLUXpma0t4fYyUFhMHauSLDOgxVR4uUzxWMS+2Z3ley4HqmqL
m8pcDjF0BHuPT9XdKm6eNXk/YhWyJzoNGGlCtrsgbsU1JlQMd5RSPmonYs37ofNv
Qh0spRjUKNE4BXPTBdqCOXwqkLwZeeBJdrUkEZ6F6hgFFdUbOILywFakHAtmDnGB
KCGCAjz3n6TGjQUrKkTfVKhKw98n9Bt8cvymDQz6hVXxB8Fa0SFOEtcHvvXG836+
2dx+8Vzxd77JWbDTvhKzrEm9CiW3oVYvV9rTLtiY2RNgM2ncbgqq
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org