Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e36332e302f32342d3234203d3e203631333137.roa
File: 38352e3135382e36332e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: 52bxaGDylkMgYvGUIanfgBoKxTGQ3Z65kxmZt3kTcIM=
Subject key identifier: EA:AD:CD:7B:F3:5D:CB:2D:3C:37:95:89:10:2C:EA:41:35:D4:39:D7
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 01C6ED3886CFE84989322BD98DA160FCF1D4B80A
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e36332e302f32342d3234203d3e203631333137.roa
Signing time: Wed 08 Nov 2023 09:21:44 +0000
ROA not before: Wed 08 Nov 2023 09:16:44 +0000
ROA not after: Wed 06 Nov 2024 09:21:44 +0000
asID: 61317
IP address blocks: 85.158.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:c6:ed:38:86:cf:e8:49:89:32:2b:d9:8d:a1:60:fc:f1:d4:b8:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:16:44 2023 GMT
Not After : Nov 6 09:21:44 2024 GMT
Subject: CN=EAADCD7BF35DCB2D3C379589102CEA4135D439D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:16:b0:7c:c4:c2:01:94:19:e2:51:f6:bf:70:
21:2f:23:c7:26:ac:c0:c4:f6:22:e0:82:b3:ab:2f:
20:5c:f5:54:ed:bb:a3:b8:2f:93:77:57:fd:1b:06:
77:e0:4c:ff:d3:de:bc:81:16:cb:f5:04:eb:1a:35:
30:50:a8:24:a3:bb:e8:e9:a9:17:9d:d5:57:eb:29:
60:a1:38:2e:9c:a6:d4:19:ba:30:e9:cc:82:2f:dc:
f4:0d:e1:b3:b7:d8:95:1a:15:93:dd:c5:6a:48:c1:
4c:fd:e5:4b:e4:49:40:14:24:14:bf:64:be:33:6b:
f8:c4:45:39:be:09:9f:66:70:85:b7:7a:d8:b7:81:
8a:b5:3f:32:a7:6d:72:aa:6c:eb:a5:a5:82:c6:e7:
5b:48:59:74:b6:06:f0:d8:96:1b:83:1f:1e:97:34:
14:b1:cd:95:cb:2d:e8:8c:cb:2f:10:ff:6d:4e:7b:
3f:36:c1:64:83:6b:53:98:bf:1e:a0:07:c7:b4:f6:
cb:fe:08:5f:12:9f:86:e0:f8:66:7a:e3:cf:dd:c2:
30:18:a6:a4:51:f0:37:62:ff:c1:e8:a3:33:a2:2c:
6a:3b:05:36:a8:f9:36:4d:44:41:dd:98:32:84:76:
b0:12:fb:8a:7a:cc:1c:66:dd:ca:93:c8:93:4a:0b:
5d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:AD:CD:7B:F3:5D:CB:2D:3C:37:95:89:10:2C:EA:41:35:D4:39:D7
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e36332e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.63.0/24
Signature Algorithm: sha256WithRSAEncryption
96:78:40:c0:d3:b1:a8:cb:aa:f4:4a:7f:7d:ff:a3:86:2f:f2:
69:eb:18:2c:cb:3c:18:08:f6:ac:16:e8:fc:70:5b:b0:6b:f7:
fa:bd:3d:d2:5d:ae:9e:9d:2a:1c:d6:af:35:4c:dc:38:5f:4f:
42:19:0a:12:29:28:95:b6:0a:65:d7:52:4f:55:8d:78:a0:6a:
55:b8:95:1e:a8:3d:a2:6b:cd:0e:4b:52:2c:43:80:65:04:d2:
0c:51:46:ee:69:c3:58:6e:af:1f:fe:65:47:2a:4f:08:31:49:
e4:7b:e2:b7:68:11:d3:35:46:00:2a:18:7e:a4:1c:64:2f:0d:
dd:47:4e:ac:c9:e9:5d:20:13:86:82:e3:34:94:b9:d8:3a:ea:
ac:bd:80:0b:b7:0d:88:9b:ef:fe:06:50:a1:ac:8b:87:da:5d:
7b:11:81:86:14:f5:e3:d8:c0:a7:29:97:04:4e:5c:99:5b:20:
dc:af:1d:8b:7e:0c:96:34:f8:94:ad:bb:57:58:30:57:d2:0f:
c2:bd:aa:9d:81:10:67:26:df:25:09:94:90:41:81:79:17:15:
42:d2:cf:96:5b:40:21:dc:c4:5e:6c:67:81:a8:1b:b1:c6:d8:
e0:be:e9:2c:a1:f0:44:c3:3b:81:14:54:97:cc:4f:3f:df:62:
ba:f9:b2:6d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUAcbtOIbP6EmJMivZjaFg/PHUuAowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE2NDRaFw0yNDExMDYwOTIxNDRaMDMxMTAvBgNV
BAMTKEVBQURDRDdCRjM1RENCMkQzQzM3OTU4OTEwMkNFQTQxMzVENDM5RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVFrB8xMIBlBniUfa/cCEvI8cm
rMDE9iLggrOrLyBc9VTtu6O4L5N3V/0bBnfgTP/T3ryBFsv1BOsaNTBQqCSju+jp
qRed1VfrKWChOC6cptQZujDpzIIv3PQN4bO32JUaFZPdxWpIwUz95UvkSUAUJBS/
ZL4za/jERTm+CZ9mcIW3eti3gYq1PzKnbXKqbOulpYLG51tIWXS2BvDYlhuDHx6X
NBSxzZXLLeiMyy8Q/21Oez82wWSDa1OYvx6gB8e09sv+CF8Sn4bg+GZ648/dwjAY
pqRR8Ddi/8HoozOiLGo7BTao+TZNREHdmDKEdrAS+4p6zBxm3cqTyJNKC13NAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU6q3Ne/Ndyy08N5WJECzqQTXUOdcwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzEzNTM4MmUzNjMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTMzMzEzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFWe
PzANBgkqhkiG9w0BAQsFAAOCAQEAlnhAwNOxqMuq9Ep/ff+jhi/yaesYLMs8GAj2
rBbo/HBbsGv3+r090l2unp0qHNavNUzcOF9PQhkKEikolbYKZddST1WNeKBqVbiV
Hqg9omvNDktSLEOAZQTSDFFG7mnDWG6vH/5lRypPCDFJ5Hvit2gR0zVGACoYfqQc
ZC8N3UdOrMnpXSAThoLjNJS52DrqrL2AC7cNiJvv/gZQoayLh9pdexGBhhT149jA
pymXBE5cmVsg3K8di34MljT4lK27V1gwV9IPwr2qnYEQZybfJQmUkEGBeRcVQtLP
lltAIdzEXmxngagbscbY4L7pLKHwRMM7gRRUl8xPP99iuvmybQ==
-----END CERTIFICATE-----
Generated at Sat May 4 11:29:11 2024 by rpki-client on console-ams.rpki-client.org