Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e33312e3233322e302f32312d3231203d3e203437353833.roa
File: 38352e33312e3233322e302f32312d3231203d3e203437353833.roa (raw, json)
Hash identifier: BnhpQOP6MbMfBmz5+LmDY5tlYB0uNrIFJXT5AyhDaco=
Subject key identifier: 46:E9:77:B5:60:9E:1C:71:1B:55:0E:76:DC:F3:0F:84:96:67:32:15
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1D78F0A0DB19AA453A839A0B14F59716C1826309
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e33312e3233322e302f32312d3231203d3e203437353833.roa
Signing time: Tue 08 Aug 2023 08:19:00 +0000
ROA not before: Tue 08 Aug 2023 08:14:00 +0000
ROA not after: Tue 06 Aug 2024 08:19:00 +0000
asID: 47583
IP address blocks: 85.31.232.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:78:f0:a0:db:19:aa:45:3a:83:9a:0b:14:f5:97:16:c1:82:63:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 8 08:14:00 2023 GMT
Not After : Aug 6 08:19:00 2024 GMT
Subject: CN=46E977B5609E1C711B550E76DCF30F8496673215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6f:07:60:4a:0f:a9:63:f5:c9:a7:52:30:1e:
38:e9:80:ab:a2:ae:47:5e:dd:52:e2:80:40:c7:6d:
5f:74:85:f8:1c:85:08:ea:89:cb:b5:13:47:5f:4b:
52:82:1d:93:30:5c:05:d1:99:7b:ed:2a:18:66:b5:
87:97:0f:f1:85:6d:17:ef:b3:41:9a:29:6e:3b:a4:
14:2b:0e:5d:93:e0:8c:8d:28:a1:83:85:5d:a0:be:
6f:72:63:ae:df:a9:e0:50:6d:af:08:ac:09:db:92:
00:61:2e:d3:57:d1:2f:37:45:26:f6:5b:21:51:c1:
16:d1:12:03:3e:6c:24:7a:7f:54:47:af:8b:75:de:
a4:78:93:05:74:52:db:6b:cf:5e:10:a5:f9:e4:a5:
40:5b:30:c0:a2:90:24:aa:11:14:05:94:a6:02:79:
06:dc:23:a7:7b:44:76:9c:ca:8b:53:2c:fc:c9:d6:
28:86:25:39:90:88:db:3b:a9:fa:48:28:29:66:ca:
09:3b:f7:94:aa:cf:b1:dd:5f:7c:68:04:77:05:49:
6d:a4:4e:93:ed:90:a4:b9:92:7e:b8:73:8d:02:88:
ed:b2:f2:dc:c9:16:78:3b:5e:84:c5:c7:41:20:88:
76:75:07:23:46:a4:a5:86:1a:d0:0d:71:64:f6:1c:
d4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:E9:77:B5:60:9E:1C:71:1B:55:0E:76:DC:F3:0F:84:96:67:32:15
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e33312e3233322e302f32312d3231203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.31.232.0/21
Signature Algorithm: sha256WithRSAEncryption
11:0b:f7:13:79:00:8f:0d:3a:18:8d:31:fa:92:59:b5:10:43:
cb:2e:0f:0c:da:d1:6b:30:b8:69:cc:28:30:48:54:70:e5:5b:
b1:52:27:f7:3f:1c:28:6c:8c:f1:6f:de:7f:29:7d:5b:f3:2e:
92:cd:e2:e6:eb:96:5c:6a:f5:06:9d:ee:18:75:a1:65:3f:12:
29:1a:94:4d:40:23:08:04:04:e7:d9:2e:17:9d:6b:41:74:76:
a3:cc:fe:cc:cb:4d:9e:94:23:7f:25:70:4f:c1:64:13:60:9c:
4b:1b:1d:41:43:ef:b2:88:78:bc:93:4f:0f:a5:4f:c8:97:3e:
d5:78:d6:24:8b:09:47:33:b6:c8:80:4f:93:c6:be:f6:98:c0:
50:00:ea:ee:e8:62:82:f4:6b:60:29:2a:65:2a:65:06:05:32:
93:66:44:0d:53:52:4f:37:b2:1b:ab:b7:68:a6:05:5e:3e:e5:
5f:f5:d4:2f:65:b9:8a:6b:74:7f:d9:3a:07:e1:6f:0f:24:a8:
07:67:b2:58:74:13:06:a0:5c:d7:ea:82:c3:c3:50:92:0d:c7:
44:55:d4:ca:fd:32:1d:2d:32:85:24:32:05:be:3d:2c:8d:9b:
8d:0d:5b:c4:85:5d:ac:7b:f8:d9:4a:18:e6:df:14:d3:1b:8c:
39:24:a3:32
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUHXjwoNsZqkU6g5oLFPWXFsGCYwkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA4MDgwODE0MDBaFw0yNDA4MDYwODE5MDBaMDMxMTAvBgNV
BAMTKDQ2RTk3N0I1NjA5RTFDNzExQjU1MEU3NkRDRjMwRjg0OTY2NzMyMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCebwdgSg+pY/XJp1IwHjjpgKui
rkde3VLigEDHbV90hfgchQjqicu1E0dfS1KCHZMwXAXRmXvtKhhmtYeXD/GFbRfv
s0GaKW47pBQrDl2T4IyNKKGDhV2gvm9yY67fqeBQba8IrAnbkgBhLtNX0S83RSb2
WyFRwRbREgM+bCR6f1RHr4t13qR4kwV0Uttrz14QpfnkpUBbMMCikCSqERQFlKYC
eQbcI6d7RHacyotTLPzJ1iiGJTmQiNs7qfpIKClmygk795Sqz7HdX3xoBHcFSW2k
TpPtkKS5kn64c40CiO2y8tzJFng7XoTFx0EgiHZ1ByNGpKWGGtANcWT2HNQFAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQURul3tWCeHHEbVQ523PMPhJZnMhUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzMzMTJlMzIzMzMy
MmUzMDJmMzIzMTJkMzIzMTIwM2QzZTIwMzQzNzM1MzgzMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1Uf
6DANBgkqhkiG9w0BAQsFAAOCAQEAEQv3E3kAjw06GI0x+pJZtRBDyy4PDNrRazC4
acwoMEhUcOVbsVIn9z8cKGyM8W/efyl9W/Muks3i5uuWXGr1Bp3uGHWhZT8SKRqU
TUAjCAQE59kuF51rQXR2o8z+zMtNnpQjfyVwT8FkE2CcSxsdQUPvsoh4vJNPD6VP
yJc+1XjWJIsJRzO2yIBPk8a+9pjAUADq7uhigvRrYCkqZSplBgUyk2ZEDVNSTzey
G6u3aKYFXj7lX/XUL2W5imt0f9k6B+FvDySoB2eyWHQTBqBc1+qCw8NQkg3HRFXU
yv0yHS0yhSQyBb49LI2bjQ1bxIVdrHv42UoY5t8U0xuMOSSjMg==
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:46 2024 by rpki-client on console-fra.rpki-client.org