Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230342e302f32342d3234203d3e203631333137.roa
File: 38352e3233372e3230342e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: rHa6AHb7PvZ1+nNZeLuSSkag0oq9wyDfwcVQ7utmkfI=
Subject key identifier: E4:78:B7:25:12:7B:47:F5:00:8E:52:84:A5:0C:BC:0F:40:DE:1F:B5
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 4FC495EF313FF79668049DE898FC53053C7E37ED
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230342e302f32342d3234203d3e203631333137.roa
Signing time: Wed 08 Nov 2023 09:21:48 +0000
ROA not before: Wed 08 Nov 2023 09:16:48 +0000
ROA not after: Wed 06 Nov 2024 09:21:48 +0000
asID: 61317
IP address blocks: 85.237.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:c4:95:ef:31:3f:f7:96:68:04:9d:e8:98:fc:53:05:3c:7e:37:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:16:48 2023 GMT
Not After : Nov 6 09:21:48 2024 GMT
Subject: CN=E478B725127B47F5008E5284A50CBC0F40DE1FB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:fc:03:d1:af:fd:44:69:fc:0f:0b:99:82:a3:
7d:32:43:b8:78:19:4d:af:14:dd:64:49:0f:bf:53:
3d:e0:21:c7:33:07:15:5c:6e:eb:81:67:a7:7c:e4:
f0:47:75:44:6c:48:8c:19:47:0c:5e:cf:3a:25:f2:
8c:0f:e7:13:88:27:77:7b:12:54:cc:28:2f:09:d3:
63:40:ce:dd:ee:62:82:f3:22:d2:10:54:cd:fd:69:
b3:2e:db:9a:eb:19:01:82:2b:28:9b:f2:7d:86:9f:
e0:0d:2a:be:c8:db:39:d2:3e:a3:f5:bd:05:5f:52:
bf:c8:69:ad:48:24:f4:23:ef:1a:1d:e1:44:63:7a:
ae:90:2f:a8:96:60:4d:fe:e9:f0:9e:42:a7:0e:6e:
ef:cc:5c:ca:1c:d9:52:dd:7e:ac:d9:21:69:48:60:
8b:67:7f:fd:a9:25:03:44:c0:ce:f3:d1:e5:c8:e2:
0e:ef:b3:08:c7:e4:6e:45:54:13:17:18:6c:77:2b:
be:05:e6:89:35:3f:4a:b9:58:f7:6f:aa:4c:db:57:
cd:66:3e:cd:65:a1:4b:40:0f:e2:22:e4:c3:8e:43:
ae:23:83:3f:29:19:47:24:ea:c5:07:55:51:15:bf:
23:c3:bc:ea:5e:f9:43:77:8c:ba:80:aa:61:52:c0:
aa:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:78:B7:25:12:7B:47:F5:00:8E:52:84:A5:0C:BC:0F:40:DE:1F:B5
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230342e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.204.0/24
Signature Algorithm: sha256WithRSAEncryption
07:c7:9d:25:23:7b:97:a5:2c:03:27:d4:27:85:ef:e3:25:5a:
47:ed:87:12:d4:32:2d:9e:b1:29:06:8c:50:19:ac:62:5e:2b:
08:de:48:e4:3f:ee:e8:9c:34:9d:b8:60:42:15:a2:3b:b8:ef:
60:11:fb:71:f3:3c:1c:13:72:75:ca:ab:e4:b8:2d:c8:ef:8b:
23:dd:79:d3:fc:35:a9:75:c9:9f:12:59:52:f0:cb:a3:07:38:
e7:f7:5f:83:9a:c7:27:5b:5e:24:55:22:1c:16:2a:84:54:34:
de:34:d1:74:ed:4d:ed:0c:b2:4a:5f:58:e5:1c:97:d9:7c:82:
dd:39:48:44:8b:56:6b:fe:b9:35:1b:16:39:d3:85:7a:f9:5c:
ea:47:5d:86:3e:90:41:56:13:bc:66:60:8a:f4:c9:4b:3f:46:
13:3e:02:a2:be:31:b5:28:2b:6e:70:43:cb:f4:01:07:9d:43:
19:bb:81:42:64:66:8e:c4:0c:f0:6d:1a:df:3f:d4:43:d0:7b:
fa:0b:35:40:8e:9e:52:98:f8:58:eb:ed:0e:af:78:97:06:9f:
f0:2c:a8:d7:08:bb:35:7e:6d:c7:90:b8:d0:84:96:a3:bf:48:
9f:5b:ba:bd:08:a7:f0:dc:21:3a:8f:16:fe:cd:ef:63:d0:86:
89:04:1c:c7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUT8SV7zE/95ZoBJ3omPxTBTx+N+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE2NDhaFw0yNDExMDYwOTIxNDhaMDMxMTAvBgNV
BAMTKEU0NzhCNzI1MTI3QjQ3RjUwMDhFNTI4NEE1MENCQzBGNDBERTFGQjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC/APRr/1EafwPC5mCo30yQ7h4
GU2vFN1kSQ+/Uz3gIcczBxVcbuuBZ6d85PBHdURsSIwZRwxezzol8owP5xOIJ3d7
ElTMKC8J02NAzt3uYoLzItIQVM39abMu25rrGQGCKyib8n2Gn+ANKr7I2znSPqP1
vQVfUr/Iaa1IJPQj7xod4URjeq6QL6iWYE3+6fCeQqcObu/MXMoc2VLdfqzZIWlI
YItnf/2pJQNEwM7z0eXI4g7vswjH5G5FVBMXGGx3K74F5ok1P0q5WPdvqkzbV81m
Ps1loUtAD+Ii5MOOQ64jgz8pGUck6sUHVVEVvyPDvOpe+UN3jLqAqmFSwKpfAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU5Hi3JRJ7R/UAjlKEpQy8D0DeH7UwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3MMA0GCSqGSIb3DQEBCwUAA4IBAQAHx50lI3uXpSwDJ9Qnhe/jJVpH7YcS1DIt
nrEpBoxQGaxiXisI3kjkP+7onDSduGBCFaI7uO9gEftx8zwcE3J1yqvkuC3I74sj
3XnT/DWpdcmfEllS8MujBzjn91+DmscnW14kVSIcFiqEVDTeNNF07U3tDLJKX1jl
HJfZfILdOUhEi1Zr/rk1GxY504V6+VzqR12GPpBBVhO8ZmCK9MlLP0YTPgKivjG1
KCtucEPL9AEHnUMZu4FCZGaOxAzwbRrfP9RD0Hv6CzVAjp5SmPhY6+0Or3iXBp/w
LKjXCLs1fm3HkLjQhJajv0ifW7q9CKfw3CE6jxb+ze9j0IaJBBzH
-----END CERTIFICATE-----
Generated at Sat May 4 11:29:11 2024 by rpki-client on console-ams.rpki-client.org