Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e36322e302f32342d3234203d3e203631333137.roa
File: 38352e3135382e36322e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: iHQ1TTnLnkGyIfnpyLyAZheWOOj1pDcDOE1RxMX3Wew=
Subject key identifier: 16:BF:71:69:7C:69:A4:A4:F7:E8:EC:D3:8A:16:0E:28:71:90:49:73
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 0C6233C4B19B57F8AB443B503C969799921E67DE
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e36322e302f32342d3234203d3e203631333137.roa
Signing time: Wed 08 Nov 2023 09:21:38 +0000
ROA not before: Wed 08 Nov 2023 09:16:38 +0000
ROA not after: Wed 06 Nov 2024 09:21:38 +0000
asID: 61317
IP address blocks: 85.158.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:62:33:c4:b1:9b:57:f8:ab:44:3b:50:3c:96:97:99:92:1e:67:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:16:38 2023 GMT
Not After : Nov 6 09:21:38 2024 GMT
Subject: CN=16BF71697C69A4A4F7E8ECD38A160E2871904973
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:bd:7a:e4:f7:75:49:c0:e7:d0:47:ed:47:8f:
64:86:02:83:dd:b3:fd:1c:20:fb:39:14:49:51:55:
a1:53:8b:8e:22:b1:7c:c9:3b:a2:aa:95:63:e1:57:
43:a9:07:a9:02:e9:1c:58:53:20:53:cd:8c:af:b7:
48:20:e0:0a:0e:25:b0:e7:57:f7:b9:9a:ce:a1:28:
d8:dd:08:18:31:e2:06:6c:19:e2:a7:2a:85:e9:fa:
8a:3c:df:b8:c6:0e:24:f3:b3:ad:b6:20:18:07:ea:
7e:e2:4f:84:62:0b:c7:ca:43:27:b2:bb:ce:48:f9:
ae:21:42:66:35:3b:34:69:4e:f1:c6:c6:be:b0:77:
47:bc:66:3d:05:be:03:f9:4d:42:55:7a:1d:0d:00:
05:13:9e:8e:f1:13:a6:a0:33:ae:3d:0e:03:e2:df:
1f:6d:cf:10:d0:f5:db:e4:4e:65:41:f5:f2:8d:40:
7a:2f:57:8c:71:67:26:18:92:2f:6d:71:56:b7:19:
cb:b8:3b:b4:91:9c:a1:3d:c5:2e:ce:36:99:dd:f6:
c9:1e:8c:ba:e3:8e:6a:df:e7:7c:54:f5:b5:04:ef:
6d:04:a8:59:02:8f:fc:d5:02:d6:13:35:f0:59:25:
06:26:ca:bc:cf:0a:5c:34:6e:21:ee:62:79:1f:7a:
9b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:BF:71:69:7C:69:A4:A4:F7:E8:EC:D3:8A:16:0E:28:71:90:49:73
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e36322e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.62.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:33:97:65:b9:46:67:bb:95:b6:39:b5:04:34:5b:29:85:23:
8e:df:0d:89:f0:39:92:09:4d:a6:7c:dc:57:be:e3:85:e9:ac:
84:71:7d:3a:87:4e:53:e1:3d:2b:53:06:92:20:ec:46:6a:19:
2d:f5:8d:46:c6:65:52:92:0d:75:e3:5f:4a:92:fa:41:7f:b7:
d3:f9:6f:78:d6:04:72:2d:78:cf:b9:dc:2a:e0:63:c8:2b:54:
e1:6c:87:42:10:3a:a2:01:f4:c5:ac:69:98:7b:ba:e2:3f:5b:
93:9b:b0:62:9e:b9:14:de:de:7c:05:ab:ac:16:02:60:48:2d:
f2:04:0e:22:ef:66:32:05:1b:d4:1b:8e:73:b4:89:95:db:77:
12:1c:30:dd:d8:c0:70:89:43:42:4d:a2:b6:0d:bf:6d:0e:76:
f4:cc:b5:f8:11:bf:57:62:96:89:39:d9:80:9c:62:5a:99:83:
6f:82:59:44:41:14:b2:9e:6d:0f:fb:b7:81:c2:df:7f:f1:8d:
a0:da:f2:b1:e5:ba:d3:50:7e:20:84:ba:d6:b2:68:16:36:74:
4e:77:02:8c:64:2a:3e:d9:e6:1d:cf:50:e6:35:7c:0e:c2:a0:
0c:63:ac:0c:3a:97:3b:99:df:87:56:95:5a:44:f0:ec:01:93:
e2:9f:6d:61
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUDGIzxLGbV/irRDtQPJaXmZIeZ94wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE2MzhaFw0yNDExMDYwOTIxMzhaMDMxMTAvBgNV
BAMTKDE2QkY3MTY5N0M2OUE0QTRGN0U4RUNEMzhBMTYwRTI4NzE5MDQ5NzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrvXrk93VJwOfQR+1Hj2SGAoPd
s/0cIPs5FElRVaFTi44isXzJO6KqlWPhV0OpB6kC6RxYUyBTzYyvt0gg4AoOJbDn
V/e5ms6hKNjdCBgx4gZsGeKnKoXp+oo837jGDiTzs622IBgH6n7iT4RiC8fKQyey
u85I+a4hQmY1OzRpTvHGxr6wd0e8Zj0FvgP5TUJVeh0NAAUTno7xE6agM649DgPi
3x9tzxDQ9dvkTmVB9fKNQHovV4xxZyYYki9tcVa3Gcu4O7SRnKE9xS7ONpnd9ske
jLrjjmrf53xU9bUE720EqFkCj/zVAtYTNfBZJQYmyrzPClw0biHuYnkfeptVAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUFr9xaXxppKT36OzTihYOKHGQSXMwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzEzNTM4MmUzNjMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTMzMzEzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFWe
PjANBgkqhkiG9w0BAQsFAAOCAQEATDOXZblGZ7uVtjm1BDRbKYUjjt8NifA5kglN
pnzcV77jhemshHF9OodOU+E9K1MGkiDsRmoZLfWNRsZlUpINdeNfSpL6QX+30/lv
eNYEci14z7ncKuBjyCtU4WyHQhA6ogH0xaxpmHu64j9bk5uwYp65FN7efAWrrBYC
YEgt8gQOIu9mMgUb1BuOc7SJldt3Ehww3djAcIlDQk2itg2/bQ529My1+BG/V2KW
iTnZgJxiWpmDb4JZREEUsp5tD/u3gcLff/GNoNryseW601B+IIS61rJoFjZ0TncC
jGQqPtnmHc9Q5jV8DsKgDGOsDDqXO5nfh1aVWkTw7AGT4p9tYQ==
-----END CERTIFICATE-----
Generated at Sat May 4 11:29:11 2024 by rpki-client on console-ams.rpki-client.org