Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/38352e3230322e3230342e302f32322d3232203d3e20323033303631.roa
File: 38352e3230322e3230342e302f32322d3232203d3e20323033303631.roa (raw, json)
Hash identifier: D2kCIw4/xPhIHCyHEdjmxjbBgajPb646LwEkKdv/XkU=
Subject key identifier: D7:CC:45:37:58:BB:69:5C:1A:F6:53:4C:EE:50:3A:0B:22:C5:7F:8C
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 559E183F3E14B093F654E4458EEDD2B5881E3CE4
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/38352e3230322e3230342e302f32322d3232203d3e20323033303631.roa
Signing time: Mon 27 Jan 2025 09:44:49 +0000
ROA not before: Mon 27 Jan 2025 09:39:49 +0000
ROA not after: Mon 26 Jan 2026 09:44:49 +0000
asID: 203061
IP address blocks: 85.202.204.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 14:33:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:9e:18:3f:3e:14:b0:93:f6:54:e4:45:8e:ed:d2:b5:88:1e:3c:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:49 2025 GMT
Not After : Jan 26 09:44:49 2026 GMT
Subject: CN=D7CC453758BB695C1AF6534CEE503A0B22C57F8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fa:4f:c6:62:3d:72:65:89:dd:5b:6a:fa:ad:
4f:dc:08:5e:2a:61:3a:db:0b:c2:f2:04:09:69:48:
f8:08:81:7f:2e:8c:23:6f:83:79:10:9e:fe:63:14:
7e:2f:05:d2:06:b0:aa:8e:25:91:42:08:72:84:91:
8b:4e:6a:3c:b2:76:8a:2c:d2:bd:73:8c:70:b9:a3:
0f:cb:9c:24:27:07:8e:e9:f9:f1:a9:93:e6:70:2d:
6a:c4:52:ee:30:7e:26:2a:48:da:5e:3e:d3:af:43:
4f:05:07:d0:ef:69:5e:ad:7e:32:20:9c:af:60:da:
a1:92:0a:43:81:2a:ba:a4:5e:c8:15:31:ff:95:06:
70:e8:76:0c:64:80:f9:48:8f:97:e3:5a:24:23:b7:
84:9d:b7:db:f5:38:d9:81:cd:d2:73:a7:3c:8b:d4:
0b:a3:49:b0:38:3d:e5:45:e6:d8:29:4e:2b:54:c6:
77:6e:6f:90:c1:c9:eb:4b:46:0c:07:3a:2b:8b:d4:
40:64:b7:dc:1e:5e:75:84:45:9c:20:79:65:54:ac:
0c:9c:bb:05:7e:59:62:1e:0d:20:df:50:fd:54:49:
fc:2c:81:2a:a7:59:0e:5c:63:21:ca:44:3e:a9:71:
ed:a0:5e:64:e4:a2:47:58:6f:eb:20:9e:30:55:48:
84:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:CC:45:37:58:BB:69:5C:1A:F6:53:4C:EE:50:3A:0B:22:C5:7F:8C
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/38352e3230322e3230342e302f32322d3232203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.204.0/22
Signature Algorithm: sha256WithRSAEncryption
03:cf:65:9a:92:88:87:f2:c6:3d:e6:25:b0:18:6e:64:9b:71:
14:eb:01:c1:9e:9e:fc:c2:21:59:97:b7:82:6b:c7:74:c7:f5:
8e:12:e6:73:a5:c9:1c:92:4f:a0:85:8c:fa:96:d2:90:52:49:
0b:4c:04:28:6a:e9:f4:29:b1:cc:61:5f:d9:f4:34:06:80:21:
22:63:5c:a5:02:95:b6:61:35:75:15:28:0f:b6:43:3f:58:3c:
81:63:0a:21:7d:2f:11:67:94:d3:19:6b:75:61:39:81:41:88:
0c:30:fa:a9:ef:8b:5f:df:2e:c9:9b:4c:1e:d9:e7:7c:27:39:
36:6d:37:72:3d:eb:c6:b5:f2:c2:28:d2:6e:8c:b5:26:7c:de:
c2:8b:11:de:21:12:a8:0e:d5:dd:93:9a:f0:d1:58:e6:f9:3f:
6b:49:0b:b5:f6:25:d8:e8:55:15:48:e8:b8:c8:60:09:d5:c1:
33:89:7e:58:a5:41:30:51:9c:40:4a:1c:07:e9:f5:65:61:8e:
e0:ef:98:ad:8b:b1:3e:79:6c:9d:eb:a4:62:60:dc:2a:6e:f0:
fc:50:e4:65:1d:bc:ed:1f:b4:71:54:7f:51:1b:96:6f:82:cb:
61:dd:6c:bd:30:51:23:b1:a1:a0:de:68:89:96:e3:cd:44:69:
87:47:5a:a6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVZ4YPz4UsJP2VORFju3StYgePOQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NDlaFw0yNjAxMjYwOTQ0NDlaMDMxMTAvBgNV
BAMTKEQ3Q0M0NTM3NThCQjY5NUMxQUY2NTM0Q0VFNTAzQTBCMjJDNTdGOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/+k/GYj1yZYndW2r6rU/cCF4q
YTrbC8LyBAlpSPgIgX8ujCNvg3kQnv5jFH4vBdIGsKqOJZFCCHKEkYtOajyydoos
0r1zjHC5ow/LnCQnB47p+fGpk+ZwLWrEUu4wfiYqSNpePtOvQ08FB9DvaV6tfjIg
nK9g2qGSCkOBKrqkXsgVMf+VBnDodgxkgPlIj5fjWiQjt4Sdt9v1ONmBzdJzpzyL
1AujSbA4PeVF5tgpTitUxndub5DByetLRgwHOiuL1EBkt9weXnWERZwgeWVUrAyc
uwV+WWIeDSDfUP1USfwsgSqnWQ5cYyHKRD6pce2gXmTkokdYb+sgnjBVSITZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU18xFN1i7aVwa9lNM7lA6CyLFf4wwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzgzNTJlMzIzMDMyMmUzMjMw
MzQyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjMwMzMzMDM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJVyswwDQYJKoZIhvcNAQELBQADggEBAAPPZZqSiIfyxj3mJbAYbmSbcRTrAcGe
nvzCIVmXt4Jrx3TH9Y4S5nOlyRyST6CFjPqW0pBSSQtMBChq6fQpscxhX9n0NAaA
ISJjXKUClbZhNXUVKA+2Qz9YPIFjCiF9LxFnlNMZa3VhOYFBiAww+qnvi1/fLsmb
TB7Z53wnOTZtN3I968a18sIo0m6MtSZ83sKLEd4hEqgO1d2TmvDRWOb5P2tJC7X2
JdjoVRVI6LjIYAnVwTOJflilQTBRnEBKHAfp9WVhjuDvmK2LsT55bJ3rpGJg3Cpu
8PxQ5GUdvO0ftHFUf1Eblm+Cy2HdbL0wUSOxoaDeaImW481EaYdHWqY=
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:47:48 2025 by rpki-client