Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38302e36352e3230392e302f32342d3234203d3e20323034313730.roa
File: 38302e36352e3230392e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: 1+BX9Sv0GplEmoGeoa17/MpxhlvcPVs+XRR7VcsVp4A=
Subject key identifier: 09:B0:97:84:47:90:20:D2:20:DA:71:F9:38:51:25:7C:67:96:F3:2B
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 476ED8969B2B7D284E73719642AAB834407D4670
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38302e36352e3230392e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 25 Jun 2024 21:47:03 +0000
ROA not before: Tue 25 Jun 2024 21:42:03 +0000
ROA not after: Tue 24 Jun 2025 21:47:03 +0000
asID: 204170
IP address blocks: 80.65.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:6e:d8:96:9b:2b:7d:28:4e:73:71:96:42:aa:b8:34:40:7d:46:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Jun 25 21:42:03 2024 GMT
Not After : Jun 24 21:47:03 2025 GMT
Subject: CN=09B09784479020D220DA71F93851257C6796F32B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7e:61:e0:aa:4a:9a:a0:1a:a7:ff:bd:e6:2e:
76:76:2b:94:6a:91:ad:f8:26:a4:22:da:8b:c6:b5:
3f:a5:e4:f4:fe:09:d0:ce:76:dd:04:21:4b:19:da:
a6:39:52:0c:0a:dd:ba:87:37:73:e9:75:c1:95:7d:
1e:6c:33:37:86:33:f2:9e:dc:07:1e:3c:ba:2e:43:
bd:f1:56:aa:62:57:5f:ba:56:a4:2a:f2:56:a2:e0:
e4:7c:fb:70:87:1e:2d:63:72:92:4a:66:5b:79:e4:
fa:ef:43:3b:07:b4:35:f3:59:36:57:b5:e0:e8:0c:
76:64:3c:8e:b2:74:ec:3f:5c:05:e0:69:9d:b3:e0:
61:21:e7:1b:17:02:3b:87:97:4d:1f:1f:5d:32:24:
30:35:0f:1e:71:de:19:b0:f3:00:09:2c:c8:ad:62:
b6:11:a1:22:10:33:52:f1:63:2c:2f:63:62:43:d3:
24:42:b2:65:f6:43:1a:3e:c6:f2:fd:6a:5b:36:7d:
ad:28:fe:3a:77:f2:f6:79:3c:8c:7a:42:8e:e0:69:
64:bc:23:c4:83:58:b1:80:c5:08:8d:f8:73:b1:03:
90:6b:b8:68:32:c6:2b:80:5d:d2:ed:d4:a2:18:a1:
fb:48:84:e8:ba:dc:19:ff:c0:f6:3b:e4:8f:59:0a:
28:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B0:97:84:47:90:20:D2:20:DA:71:F9:38:51:25:7C:67:96:F3:2B
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38302e36352e3230392e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.65.209.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:5d:d8:06:54:15:3c:eb:34:50:0f:c2:9f:21:18:a1:5f:bf:
17:a7:20:b7:9c:cf:2a:af:c2:00:95:e0:ac:16:55:39:ba:bb:
a9:50:35:14:ab:24:cd:50:d6:3a:cf:60:fe:44:c1:74:cd:03:
62:65:9c:3e:9b:d5:19:2b:8c:68:25:c8:57:21:6f:9d:92:45:
ad:a0:39:0a:cb:53:1d:c7:ba:11:4e:3d:66:89:c7:14:ec:cb:
4e:96:a9:27:83:23:b4:28:24:a1:0b:e1:9b:11:05:7f:6f:de:
81:de:9d:ba:d6:cb:80:e1:7f:d4:76:57:b2:ad:0d:53:54:60:
1c:f2:a0:8e:1e:19:7e:fb:48:c4:b1:2c:ef:d6:99:af:3a:3e:
39:e8:4d:cd:fb:dc:15:12:5b:a1:56:6d:a9:20:77:1a:54:3a:
65:75:53:48:b5:e0:ea:32:05:58:9b:34:68:77:26:37:5c:df:
ab:b3:8b:f0:7a:5c:20:c7:a4:9a:50:58:6a:f1:1c:c6:cc:e6:
68:cd:d9:0c:86:3e:fc:53:47:fc:bf:03:05:cd:2f:6e:75:63:
58:96:b1:11:35:bf:3b:bd:a4:c9:c3:cd:0a:f3:08:ab:a9:81:
6d:34:eb:b3:db:84:03:b4:00:51:d8:9e:28:7f:a8:b4:9b:28:
53:74:50:84
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUR27YlpsrfShOc3GWQqq4NEB9RnAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDA2MjUyMTQyMDNaFw0yNTA2MjQyMTQ3MDNaMDMxMTAvBgNV
BAMTKDA5QjA5Nzg0NDc5MDIwRDIyMERBNzFGOTM4NTEyNTdDNjc5NkYzMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIfmHgqkqaoBqn/73mLnZ2K5Rq
ka34JqQi2ovGtT+l5PT+CdDOdt0EIUsZ2qY5UgwK3bqHN3PpdcGVfR5sMzeGM/Ke
3AcePLouQ73xVqpiV1+6VqQq8lai4OR8+3CHHi1jcpJKZlt55PrvQzsHtDXzWTZX
teDoDHZkPI6ydOw/XAXgaZ2z4GEh5xsXAjuHl00fH10yJDA1Dx5x3hmw8wAJLMit
YrYRoSIQM1LxYywvY2JD0yRCsmX2Qxo+xvL9als2fa0o/jp38vZ5PIx6Qo7gaWS8
I8SDWLGAxQiN+HOxA5BruGgyxiuAXdLt1KIYoftIhOi63Bn/wPY75I9ZCijpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUCbCXhEeQINIg2nH5OFElfGeW8yswHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzgzMDJlMzYzNTJlMzIzMDM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM0MzEzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UEHRMA0GCSqGSIb3DQEBCwUAA4IBAQCgXdgGVBU86zRQD8KfIRihX78XpyC3nM8q
r8IAleCsFlU5urupUDUUqyTNUNY6z2D+RMF0zQNiZZw+m9UZK4xoJchXIW+dkkWt
oDkKy1Mdx7oRTj1miccU7MtOlqkngyO0KCShC+GbEQV/b96B3p261suA4X/Udley
rQ1TVGAc8qCOHhl++0jEsSzv1pmvOj456E3N+9wVEluhVm2pIHcaVDpldVNIteDq
MgVYmzRodyY3XN+rs4vwelwgx6SaUFhq8RzGzOZozdkMhj78U0f8vwMFzS9udWNY
lrERNb87vaTJw80K8wirqYFtNOuz24QDtABR2J4of6i0myhTdFCE
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org