Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/38352e3230322e3230342e302f32322d3232203d3e20323033303631.roa
File: 38352e3230322e3230342e302f32322d3232203d3e20323033303631.roa (raw, json)
Hash identifier: UMOyBI2ZAOsMunAtajaAURTBZx75vufmQ/Jv6r8HDJw=
Subject key identifier: 4A:26:7D:9A:AB:78:B2:B4:55:12:EF:97:1F:42:5E:BF:A9:A0:FF:A7
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 2C5B4A2EAC9A77B548A138324374AD3FA83DCF54
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/38352e3230322e3230342e302f32322d3232203d3e20323033303631.roa
Signing time: Mon 26 Feb 2024 08:52:42 +0000
ROA not before: Mon 26 Feb 2024 08:47:42 +0000
ROA not after: Mon 24 Feb 2025 08:52:42 +0000
asID: 203061
IP address blocks: 85.202.204.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:5b:4a:2e:ac:9a:77:b5:48:a1:38:32:43:74:ad:3f:a8:3d:cf:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 26 08:47:42 2024 GMT
Not After : Feb 24 08:52:42 2025 GMT
Subject: CN=4A267D9AAB78B2B45512EF971F425EBFA9A0FFA7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0d:a8:c8:0d:59:94:68:2a:9e:dd:15:25:32:
15:9f:35:d2:b2:b4:21:bd:1d:9e:aa:d8:39:18:d1:
d0:cb:69:ac:9f:fe:13:09:73:c2:ee:71:9c:f8:35:
12:9b:51:33:95:4e:2d:81:da:b3:74:12:cf:cb:00:
dd:0e:2e:71:26:63:47:22:32:26:69:79:c6:6c:0f:
07:75:c7:e4:31:89:23:85:9f:a3:eb:88:99:16:62:
87:6a:fb:50:11:74:e5:24:b8:35:ca:b8:b3:f2:18:
2e:98:47:6f:c7:29:e1:c8:18:4c:dd:54:6a:67:f5:
15:fd:70:a9:a8:ae:dc:a8:79:6c:00:3a:e4:07:23:
fe:a4:b5:92:29:47:c8:71:a5:e5:46:13:69:57:7e:
70:8a:c5:cc:d7:36:94:14:47:8d:01:b0:7c:74:79:
d7:14:68:f2:d1:39:6c:6c:00:e9:f0:ec:07:3c:73:
a2:f9:2e:5a:c1:ea:ac:8b:29:31:2b:ca:3c:ca:64:
55:82:25:a6:32:83:94:29:0e:60:a8:a8:c7:8a:40:
f0:18:c7:49:6f:08:0d:e5:5b:9e:fb:b9:b2:e2:e3:
a1:b8:e3:be:0f:e4:8f:f8:8f:6b:3f:74:bb:59:e1:
79:65:a7:eb:4a:56:df:fe:55:96:2c:1a:41:8a:40:
ed:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:26:7D:9A:AB:78:B2:B4:55:12:EF:97:1F:42:5E:BF:A9:A0:FF:A7
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/38352e3230322e3230342e302f32322d3232203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.204.0/22
Signature Algorithm: sha256WithRSAEncryption
89:f6:19:f4:da:70:da:2e:53:17:6e:79:f3:6f:c2:7c:89:e4:
bd:81:41:9b:86:30:56:8c:0d:0d:b6:f0:dc:16:34:79:ca:6e:
37:e5:26:52:3b:ba:ee:9b:09:b6:62:d2:44:24:d6:47:35:41:
24:05:3f:30:0f:5d:f2:69:1b:a9:ad:62:38:d1:41:cd:ca:7a:
57:2d:2a:6e:7c:c0:bf:9c:a0:70:3d:7c:a0:81:48:cf:51:c4:
9e:d4:03:d0:b5:a5:95:7d:06:96:27:9b:75:46:e1:7b:87:2f:
bc:45:1a:71:ce:bd:8a:57:48:86:6b:7a:d4:9f:66:a0:cd:c5:
a9:01:88:d6:cd:bb:e7:45:76:6a:fd:dc:9c:79:8f:31:7b:d6:
ae:82:2c:e7:27:23:87:8f:68:cf:f0:a6:db:51:8e:49:bd:07:
7a:22:7b:46:b5:ef:bc:bb:52:1b:38:57:75:88:d2:23:45:14:
e5:2f:cc:09:7e:45:47:b3:14:81:07:f9:ab:40:a8:8c:cd:4e:
ad:a4:b5:0e:a7:1a:6b:4b:fe:fa:1d:27:82:b4:27:c4:73:73:
75:c3:42:aa:83:0d:ac:ae:10:9b:70:99:4e:4d:b4:91:be:7c:
4b:d0:c0:6a:aa:7d:53:cb:79:50:b0:0e:f0:ce:9a:1d:6d:59:
ef:a8:70:38
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULFtKLqyad7VIoTgyQ3StP6g9z1QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDAyMjYwODQ3NDJaFw0yNTAyMjQwODUyNDJaMDMxMTAvBgNV
BAMTKDRBMjY3RDlBQUI3OEIyQjQ1NTEyRUY5NzFGNDI1RUJGQTlBMEZGQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKDajIDVmUaCqe3RUlMhWfNdKy
tCG9HZ6q2DkY0dDLaayf/hMJc8LucZz4NRKbUTOVTi2B2rN0Es/LAN0OLnEmY0ci
MiZpecZsDwd1x+QxiSOFn6PriJkWYodq+1ARdOUkuDXKuLPyGC6YR2/HKeHIGEzd
VGpn9RX9cKmortyoeWwAOuQHI/6ktZIpR8hxpeVGE2lXfnCKxczXNpQUR40BsHx0
edcUaPLROWxsAOnw7Ac8c6L5LlrB6qyLKTEryjzKZFWCJaYyg5QpDmCoqMeKQPAY
x0lvCA3lW577ubLi46G4474P5I/4j2s/dLtZ4Xllp+tKVt/+VZYsGkGKQO0TAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUSiZ9mqt4srRVEu+XH0Jev6mg/6cwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzgzNTJlMzIzMDMyMmUzMjMw
MzQyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjMwMzMzMDM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJVyswwDQYJKoZIhvcNAQELBQADggEBAIn2GfTacNouUxduefNvwnyJ5L2BQZuG
MFaMDQ228NwWNHnKbjflJlI7uu6bCbZi0kQk1kc1QSQFPzAPXfJpG6mtYjjRQc3K
elctKm58wL+coHA9fKCBSM9RxJ7UA9C1pZV9BpYnm3VG4XuHL7xFGnHOvYpXSIZr
etSfZqDNxakBiNbNu+dFdmr93Jx5jzF71q6CLOcnI4ePaM/wpttRjkm9B3oie0a1
77y7Uhs4V3WI0iNFFOUvzAl+RUezFIEH+atAqIzNTq2ktQ6nGmtL/vodJ4K0J8Rz
c3XDQqqDDayuEJtwmU5NtJG+fEvQwGqqfVPLeVCwDvDOmh1tWe+ocDg=
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:45 2024 by rpki-client on console-ams.rpki-client.org