Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234382e302f32332d3332203d3e203531313637.roa
File: 38352e3233392e3234382e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: TEz6CqWYHwJNeURcibyZZmdqrl6ZB+VLzM57+SUcW90=
Subject key identifier: 77:97:EE:B7:DD:C6:30:F7:96:6D:F3:FE:75:B5:89:DB:3E:80:7A:41
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1499CF79ECBC06EF2DA415C1D5982F231341DEFE
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234382e302f32332d3332203d3e203531313637.roa
Signing time: Fri 21 Jul 2023 07:20:06 +0000
ROA not before: Fri 21 Jul 2023 07:15:06 +0000
ROA not after: Fri 19 Jul 2024 07:20:06 +0000
asID: 51167
IP address blocks: 85.239.248.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:99:cf:79:ec:bc:06:ef:2d:a4:15:c1:d5:98:2f:23:13:41:de:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 21 07:15:06 2023 GMT
Not After : Jul 19 07:20:06 2024 GMT
Subject: CN=7797EEB7DDC630F7966DF3FE75B589DB3E807A41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c5:da:d6:33:01:a4:5f:7e:e8:19:51:66:e3:
20:fa:a1:09:d5:2e:f3:aa:29:d3:33:83:4a:fa:b7:
11:47:d5:64:3a:b8:33:c6:8f:01:69:f5:69:bc:7f:
ce:3e:12:c1:cd:c4:6e:c9:4b:99:46:28:52:ef:1a:
55:22:c9:ae:a0:5b:96:d6:84:7a:bf:e1:c6:85:8f:
29:63:fb:4e:1d:1e:6e:fe:ea:90:92:33:75:3e:af:
90:3d:dd:cb:a8:28:c7:f1:89:9b:a7:98:8a:68:01:
d7:13:bb:02:55:d9:41:bf:dd:2c:f8:bf:e8:65:59:
83:bf:80:d4:c4:94:dc:43:f7:aa:2a:cf:1b:b2:14:
66:d2:9a:0d:38:6a:18:5d:3e:10:f2:be:e2:d4:de:
36:73:a2:c6:ad:69:90:d5:a9:2a:49:5f:84:5d:79:
b3:50:dd:8c:0a:f8:2a:67:69:6c:c6:69:1c:d9:9b:
e4:71:f4:54:83:c1:b6:ae:ba:26:ce:f8:82:f5:f4:
e5:2d:6d:87:34:d6:3b:2c:51:dc:29:85:fe:05:cd:
b6:50:be:bc:4a:cf:95:87:cf:1e:a2:db:eb:41:ea:
20:17:51:3f:9c:a2:bd:d4:c4:8a:71:f4:98:91:bd:
6e:c6:ca:07:9d:00:25:28:f1:75:dd:33:80:e6:34:
f3:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:97:EE:B7:DD:C6:30:F7:96:6D:F3:FE:75:B5:89:DB:3E:80:7A:41
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234382e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.248.0/23
Signature Algorithm: sha256WithRSAEncryption
35:e5:51:3a:07:44:75:58:8f:c2:01:66:6d:57:f9:06:0b:dc:
62:6b:07:10:1c:31:39:ec:1e:40:85:4b:33:d6:d6:47:cb:b0:
aa:4a:51:ac:c7:c1:d1:8c:38:3a:46:15:f2:e0:d1:ee:7e:35:
4b:1f:93:cf:99:41:d3:38:2b:65:be:7f:f7:5a:82:0d:e4:da:
fc:68:28:a2:41:a9:69:dc:ff:0a:c3:11:31:10:b4:2c:77:01:
16:83:81:d6:b7:ff:ff:04:01:0f:f4:ae:21:61:4f:48:5e:ec:
18:e2:62:30:e6:57:2c:8c:b6:2a:6c:bc:64:e9:55:0f:b5:aa:
fa:8f:97:3e:7c:e7:a2:45:3a:22:43:6e:19:15:04:98:65:88:
01:1b:cf:c4:0a:5b:3e:36:13:c5:7c:b7:07:19:bb:5f:e0:2c:
03:47:e0:2a:29:69:bf:51:b1:48:3b:ce:c8:fc:1e:96:6a:2d:
ee:b4:cd:5b:c6:c3:aa:b3:ad:9a:62:a3:e9:7c:c9:98:1b:93:
26:60:ee:aa:66:4b:f7:cd:b9:bb:77:ea:b5:db:91:4d:b4:b2:
39:7f:22:6d:89:af:ca:eb:c7:4c:45:09:ce:e8:e3:90:1a:21:
aa:fd:3f:8e:d9:a4:41:61:c2:d3:09:56:5c:4b:7b:a5:0a:42:
ec:b1:6c:69
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFJnPeey8Bu8tpBXB1ZgvIxNB3v4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA3MjEwNzE1MDZaFw0yNDA3MTkwNzIwMDZaMDMxMTAvBgNV
BAMTKDc3OTdFRUI3RERDNjMwRjc5NjZERjNGRTc1QjU4OURCM0U4MDdBNDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbxdrWMwGkX37oGVFm4yD6oQnV
LvOqKdMzg0r6txFH1WQ6uDPGjwFp9Wm8f84+EsHNxG7JS5lGKFLvGlUiya6gW5bW
hHq/4caFjylj+04dHm7+6pCSM3U+r5A93cuoKMfxiZunmIpoAdcTuwJV2UG/3Sz4
v+hlWYO/gNTElNxD96oqzxuyFGbSmg04ahhdPhDyvuLU3jZzosataZDVqSpJX4Rd
ebNQ3YwK+CpnaWzGaRzZm+Rx9FSDwbauuibO+IL19OUtbYc01jssUdwphf4FzbZQ
vrxKz5WHzx6i2+tB6iAXUT+cor3UxIpx9JiRvW7GygedACUo8XXdM4DmNPOHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUd5fut93GMPeWbfP+dbWJ2z6AekEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzIzMzM5MmUzMjM0
MzgyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
Ve/4MA0GCSqGSIb3DQEBCwUAA4IBAQA15VE6B0R1WI/CAWZtV/kGC9xiawcQHDE5
7B5AhUsz1tZHy7CqSlGsx8HRjDg6RhXy4NHufjVLH5PPmUHTOCtlvn/3WoIN5Nr8
aCiiQalp3P8KwxExELQsdwEWg4HWt///BAEP9K4hYU9IXuwY4mIw5lcsjLYqbLxk
6VUPtar6j5c+fOeiRToiQ24ZFQSYZYgBG8/ECls+NhPFfLcHGbtf4CwDR+AqKWm/
UbFIO87I/B6Wai3utM1bxsOqs62aYqPpfMmYG5MmYO6qZkv3zbm7d+q125FNtLI5
fyJtia/K68dMRQnO6OOQGiGq/T+O2aRBYcLTCVZcS3ulCkLssWxp
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:46 2024 by rpki-client on console-fra.rpki-client.org