Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231362e302f32342d3234203d3e203239383032.roa
File: 38352e3233372e3231362e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: JZSYb008hcu2TMAlQBLjDxiqFdyn7CN9XtWcWpFcMao=
Subject key identifier: 8D:5C:39:27:95:C5:63:7A:1B:88:AB:20:08:13:EE:BC:32:B9:65:01
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 774FDCAB398158EC0DD514EBACD07529CEF3C2DA
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231362e302f32342d3234203d3e203239383032.roa
Signing time: Wed 28 Feb 2024 18:03:15 +0000
ROA not before: Wed 28 Feb 2024 17:58:15 +0000
ROA not after: Wed 26 Feb 2025 18:03:15 +0000
asID: 29802
IP address blocks: 85.237.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 19:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:4f:dc:ab:39:81:58:ec:0d:d5:14:eb:ac:d0:75:29:ce:f3:c2:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Feb 28 17:58:15 2024 GMT
Not After : Feb 26 18:03:15 2025 GMT
Subject: CN=8D5C392795C5637A1B88AB200813EEBC32B96501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:41:36:3f:6b:be:cf:6f:ef:2b:ca:28:2d:41:
d6:1e:09:05:9c:7a:1d:4d:ab:96:08:41:71:56:df:
54:82:d0:8e:fb:19:c2:17:fb:b4:90:54:59:42:62:
14:f4:30:3c:63:51:20:b6:04:ab:e2:d1:e8:51:64:
b2:21:d5:8a:6c:4e:91:49:51:fa:2c:93:cf:fa:21:
d2:b6:34:49:42:74:b3:cd:33:13:0b:6d:af:a5:d0:
98:af:03:57:78:ea:6f:c8:61:a6:87:b9:cf:ef:69:
af:0a:4f:be:3f:35:e0:7c:bd:72:35:dc:b6:1f:97:
ac:51:3b:95:82:d3:2e:44:32:8e:8f:fc:18:44:39:
1c:02:c0:d5:1f:4b:5c:97:62:7f:ca:3d:52:24:d6:
76:bf:1e:27:97:6d:2b:0d:c9:56:5f:19:fd:12:e4:
78:a3:b6:8c:0c:6a:4a:e7:0c:8d:dd:2e:3c:f3:2e:
f3:3e:13:a9:2d:f2:24:ad:35:ab:69:e3:67:ea:47:
de:f9:43:c1:2b:9f:81:70:71:f5:52:2b:89:96:27:
8a:07:a3:86:c9:b6:9f:ad:ff:8a:2b:2f:2a:c9:19:
07:00:69:82:49:e3:45:69:bf:0e:57:a9:f2:03:9f:
53:0f:6f:15:13:bd:cd:60:66:a9:30:88:0a:f9:9f:
31:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:5C:39:27:95:C5:63:7A:1B:88:AB:20:08:13:EE:BC:32:B9:65:01
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231362e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.216.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:cc:88:76:e7:30:cd:07:99:91:5d:10:0d:be:09:a0:ae:06:
55:87:24:61:cb:f2:e9:af:df:6c:09:f2:8b:17:8b:f4:5e:c6:
98:7c:0d:8f:39:a0:1d:1a:9b:fa:dd:b9:d1:7e:d2:8e:67:22:
af:75:32:73:e1:03:c1:c9:58:09:3e:f0:a8:6e:3e:7d:06:c9:
1b:07:eb:d1:4b:7e:8e:8b:0a:ad:f5:4b:b1:db:55:cc:89:de:
e3:5c:66:7b:18:e4:aa:a6:aa:0e:41:91:ad:11:5e:94:9a:38:
e9:ed:3c:ec:92:4e:91:89:21:ac:e5:e0:a0:4f:71:4a:e1:34:
34:26:44:54:6f:41:fb:25:b5:38:a8:79:fb:4e:47:e0:66:89:
10:86:ef:5a:00:f8:6a:92:68:04:4e:8f:4a:48:23:13:98:58:
13:b0:7b:1b:de:b2:7f:f5:1c:d8:d4:e8:0f:43:eb:38:7b:d0:
7b:9d:49:4c:c5:e5:ea:24:e5:8b:19:48:48:3e:a8:cb:fa:93:
a6:92:8b:6c:a2:fc:dc:02:76:07:f0:8d:69:71:40:c7:84:05:
e1:f4:0e:31:66:f9:de:66:b2:f0:77:f3:23:11:a7:05:1b:d5:
fb:a1:29:12:4b:31:a1:91:44:fa:ae:59:9c:35:8c:09:7d:a9:
32:7f:86:f3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUd0/cqzmBWOwN1RTrrNB1Kc7zwtowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDAyMjgxNzU4MTVaFw0yNTAyMjYxODAzMTVaMDMxMTAvBgNV
BAMTKDhENUMzOTI3OTVDNTYzN0ExQjg4QUIyMDA4MTNFRUJDMzJCOTY1MDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPQTY/a77Pb+8ryigtQdYeCQWc
eh1Nq5YIQXFW31SC0I77GcIX+7SQVFlCYhT0MDxjUSC2BKvi0ehRZLIh1YpsTpFJ
Ufosk8/6IdK2NElCdLPNMxMLba+l0JivA1d46m/IYaaHuc/vaa8KT74/NeB8vXI1
3LYfl6xRO5WC0y5EMo6P/BhEORwCwNUfS1yXYn/KPVIk1na/HieXbSsNyVZfGf0S
5HijtowMakrnDI3dLjzzLvM+E6kt8iStNatp42fqR975Q8Ern4FwcfVSK4mWJ4oH
o4bJtp+t/4orLyrJGQcAaYJJ40Vpvw5XqfIDn1MPbxUTvc1gZqkwiAr5nzHDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUjVw5J5XFY3obiKsgCBPuvDK5ZQEwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzgzMDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3YMA0GCSqGSIb3DQEBCwUAA4IBAQCNzIh25zDNB5mRXRANvgmgrgZVhyRhy/Lp
r99sCfKLF4v0XsaYfA2POaAdGpv63bnRftKOZyKvdTJz4QPByVgJPvCobj59Bskb
B+vRS36Oiwqt9Uux21XMid7jXGZ7GOSqpqoOQZGtEV6Umjjp7Tzskk6RiSGs5eCg
T3FK4TQ0JkRUb0H7JbU4qHn7TkfgZokQhu9aAPhqkmgETo9KSCMTmFgTsHsb3rJ/
9RzY1OgPQ+s4e9B7nUlMxeXqJOWLGUhIPqjL+pOmkotsovzcAnYH8I1pcUDHhAXh
9A4xZvneZrLwd/MjEacFG9X7oSkSSzGhkUT6rlmcNYwJfakyf4bz
-----END CERTIFICATE-----
Generated at Tue Apr 30 01:22:44 2024 by rpki-client on console-fra.rpki-client.org