Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139362e302f32342d3234203d3e203631333137.roa
File: 38352e3233372e3139362e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: IoiM+u1Z7BGRVVayOzDCf+ziHM8Ada4BUN+QtghuZ5w=
Subject key identifier: BE:9D:BC:6D:30:A9:9F:06:D1:12:63:55:D3:DE:9C:0D:6D:9C:71:E2
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 44F427EBB0B1961A3A281F7003A47E1FFD400618
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139362e302f32342d3234203d3e203631333137.roa
Signing time: Wed 08 Nov 2023 09:21:46 +0000
ROA not before: Wed 08 Nov 2023 09:16:46 +0000
ROA not after: Wed 06 Nov 2024 09:21:46 +0000
asID: 61317
IP address blocks: 85.237.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:f4:27:eb:b0:b1:96:1a:3a:28:1f:70:03:a4:7e:1f:fd:40:06:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:16:46 2023 GMT
Not After : Nov 6 09:21:46 2024 GMT
Subject: CN=BE9DBC6D30A99F06D1126355D3DE9C0D6D9C71E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b7:c8:d7:11:2a:ad:a5:7f:08:fd:99:1c:60:
e9:98:9d:be:c6:91:f7:43:34:14:19:e2:2e:de:e5:
ff:d5:43:f4:e6:22:e6:1e:4e:34:b0:9e:d5:76:46:
b8:f1:7e:10:8d:85:cd:36:33:3e:02:16:91:29:37:
a5:5c:32:b5:fa:75:61:7b:7f:ef:b1:6b:0b:b2:60:
03:f1:c5:0a:b1:8b:a8:9c:4e:53:80:39:20:cc:97:
e8:b8:59:7a:c8:8c:74:e9:87:7d:da:91:94:d2:a6:
82:9e:cb:cb:18:92:a8:c9:15:4c:82:bf:a0:87:1e:
ec:fb:0d:cc:ac:f0:8f:30:e3:95:24:36:90:dd:73:
bb:ab:69:ae:93:5f:26:0d:9d:fe:69:70:ec:c8:77:
cc:d0:e6:37:00:85:1e:b0:2f:c2:34:a8:c3:78:8e:
a8:a7:ce:de:2c:85:7f:5b:4d:51:e7:53:50:6b:82:
d0:25:03:73:4c:6d:c1:40:64:05:f6:2b:4f:f3:0a:
6d:3e:5a:77:93:d9:0e:b5:7c:bd:5d:ca:5c:f1:38:
29:58:d3:15:30:3c:a5:c9:51:06:3d:7f:72:4a:74:
f0:2c:ba:5d:de:e9:20:4b:21:71:b6:ad:21:8c:a8:
4a:01:aa:07:8a:6d:73:9e:a7:3b:7a:0b:0d:7f:aa:
02:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:9D:BC:6D:30:A9:9F:06:D1:12:63:55:D3:DE:9C:0D:6D:9C:71:E2
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139362e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.196.0/24
Signature Algorithm: sha256WithRSAEncryption
27:79:42:9b:1c:b5:65:27:62:c3:81:0b:2f:cf:a6:1d:6c:f5:
7c:3b:cf:3e:52:f7:f7:2d:e7:67:51:e2:58:92:2e:1a:35:b0:
86:b1:99:0a:48:7b:32:e8:9c:01:72:49:72:6c:05:4b:3a:38:
70:c1:8f:c0:46:04:47:f6:70:8c:9d:98:b0:f9:d6:14:35:96:
7e:c8:56:22:55:a4:5a:cc:50:79:92:a1:92:a1:75:51:5e:15:
f5:82:cf:ce:3b:ef:0a:93:35:50:ba:aa:6d:95:c5:dc:f1:c3:
e2:29:ed:0f:73:13:ac:ae:4c:26:a3:6e:34:30:11:3d:4f:06:
58:5a:67:ef:d4:6f:8c:ea:a3:13:f4:5e:8c:26:33:3b:31:b5:
39:dc:ef:c0:8e:c2:e7:8f:c0:08:0d:8a:2b:8d:1d:9b:fb:bc:
0b:68:94:d4:18:ac:8a:01:7d:62:81:c0:65:6f:f3:a6:c9:b6:
1e:ab:c8:cf:26:6d:31:82:37:b0:b3:7a:59:99:eb:61:df:a2:
7f:24:28:26:2c:a1:bb:1d:78:a5:98:f7:78:72:ea:be:e1:90:
49:60:76:bd:6f:32:9f:69:3e:43:43:44:90:85:c1:95:db:42:
87:68:65:24:a7:0b:b4:58:21:bc:9a:26:84:b0:e9:b9:1f:8c:
a4:e5:d6:25
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURPQn67Cxlho6KB9wA6R+H/1ABhgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE2NDZaFw0yNDExMDYwOTIxNDZaMDMxMTAvBgNV
BAMTKEJFOURCQzZEMzBBOTlGMDZEMTEyNjM1NUQzREU5QzBENkQ5QzcxRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKt8jXESqtpX8I/ZkcYOmYnb7G
kfdDNBQZ4i7e5f/VQ/TmIuYeTjSwntV2RrjxfhCNhc02Mz4CFpEpN6VcMrX6dWF7
f++xawuyYAPxxQqxi6icTlOAOSDMl+i4WXrIjHTph33akZTSpoKey8sYkqjJFUyC
v6CHHuz7Dcys8I8w45UkNpDdc7uraa6TXyYNnf5pcOzId8zQ5jcAhR6wL8I0qMN4
jqinzt4shX9bTVHnU1BrgtAlA3NMbcFAZAX2K0/zCm0+WneT2Q61fL1dylzxOClY
0xUwPKXJUQY9f3JKdPAsul3e6SBLIXG2rSGMqEoBqgeKbXOepzt6Cw1/qgIZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUvp28bTCpnwbREmNV096cDW2cceIwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMTM5
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3EMA0GCSqGSIb3DQEBCwUAA4IBAQAneUKbHLVlJ2LDgQsvz6YdbPV8O88+Uvf3
LednUeJYki4aNbCGsZkKSHsy6JwBcklybAVLOjhwwY/ARgRH9nCMnZiw+dYUNZZ+
yFYiVaRazFB5kqGSoXVRXhX1gs/OO+8KkzVQuqptlcXc8cPiKe0PcxOsrkwmo240
MBE9TwZYWmfv1G+M6qMT9F6MJjM7MbU53O/AjsLnj8AIDYorjR2b+7wLaJTUGKyK
AX1igcBlb/OmybYeq8jPJm0xgjews3pZmeth36J/JCgmLKG7HXilmPd4cuq+4ZBJ
YHa9bzKfaT5DQ0SQhcGV20KHaGUkpwu0WCG8miaEsOm5H4yk5dYl
-----END CERTIFICATE-----
Generated at Sat May 4 11:36:52 2024 by rpki-client on console-fra.rpki-client.org