Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231322e302f32342d3234203d3e20313430363431.roa
File: 3138352e3130302e3231322e302f32342d3234203d3e20313430363431.roa (raw, json)
Hash identifier: 1wKg6ZXYJEJfdzdLBHWbji53L1G7d2eohdkmrGO0vik=
Subject key identifier: D6:43:41:CA:64:08:8E:7E:F9:8B:37:8F:00:93:6B:A8:21:47:D3:FC
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 26565C15F2AE3C1B3038700026EEA292878BF764
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231322e302f32342d3234203d3e20313430363431.roa
Signing time: Wed 08 Nov 2023 09:22:39 +0000
ROA not before: Wed 08 Nov 2023 09:17:39 +0000
ROA not after: Wed 06 Nov 2024 09:22:39 +0000
asID: 140641
IP address blocks: 185.100.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 23:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:56:5c:15:f2:ae:3c:1b:30:38:70:00:26:ee:a2:92:87:8b:f7:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:17:39 2023 GMT
Not After : Nov 6 09:22:39 2024 GMT
Subject: CN=D64341CA64088E7EF98B378F00936BA82147D3FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:30:4d:cb:a9:a2:1d:cc:41:76:c8:37:e1:e5:
7b:c3:7d:cd:a0:36:1f:22:fa:5b:ee:9c:89:3f:00:
d8:47:12:da:b1:b5:63:31:b6:3c:8b:08:b1:17:20:
4f:57:92:20:5c:99:f5:00:39:dc:56:d9:8c:b3:db:
f1:31:8a:f0:0e:46:1c:21:49:94:8f:33:9a:1c:02:
df:27:0a:0c:4c:a9:94:f1:13:85:91:a3:a8:91:1d:
66:81:17:1f:8a:06:ef:02:86:b9:67:09:0e:ef:e8:
59:a6:bc:cc:5e:3c:08:11:cb:80:ac:37:fd:28:3a:
c2:40:a9:cc:84:75:a0:91:ae:17:2a:5b:de:3a:0c:
99:9a:da:fd:85:0b:9d:da:ac:21:0d:ab:3c:04:35:
f4:b6:ae:68:7a:be:70:22:7f:a8:76:be:e5:00:bd:
a3:7d:37:8e:78:37:90:28:29:ad:c4:4c:bf:1a:17:
5b:73:df:a6:bd:e2:65:d7:98:8c:f7:5b:7e:b1:84:
9b:9f:74:b0:5a:98:a0:6f:19:14:13:52:69:6a:30:
b6:7f:7a:96:56:d3:ad:18:d7:ea:dc:4c:0a:f2:25:
22:c2:69:9a:d5:8f:1c:9f:b1:e3:aa:b7:8d:9e:e8:
cf:48:08:87:b3:1a:f6:7e:56:4a:a3:26:59:6d:98:
54:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:43:41:CA:64:08:8E:7E:F9:8B:37:8F:00:93:6B:A8:21:47:D3:FC
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231322e302f32342d3234203d3e20313430363431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.212.0/24
Signature Algorithm: sha256WithRSAEncryption
18:3d:4c:bb:1b:39:b4:23:15:d5:43:2d:2f:d6:fa:d8:dc:f6:
59:53:2b:c0:f4:af:bd:ec:99:d5:aa:30:93:12:af:28:f1:27:
aa:b4:d1:1c:ec:49:80:b7:e3:cb:cd:4d:17:5e:f5:fc:87:f0:
cb:19:56:ac:46:d1:82:dd:19:e0:8f:4c:09:97:26:bf:43:cf:
0b:2f:04:76:a7:e5:c3:a7:34:97:eb:ae:f9:9a:87:2f:cc:19:
2d:91:ce:3d:7c:76:42:12:d5:b2:72:51:46:04:7a:b3:78:0c:
e3:f9:a2:12:76:f3:7d:72:d7:bb:8f:6f:eb:10:ca:e5:8b:d1:
e3:f9:13:78:35:fa:05:27:7f:96:11:15:38:ec:3d:52:71:59:
da:34:84:da:0d:38:be:08:e2:ab:a9:01:fe:4a:44:65:7c:05:
89:d8:75:23:ed:d0:68:29:56:f9:fa:61:96:95:97:7c:39:e6:
c4:4a:12:6f:74:46:9d:ac:f8:80:00:55:8c:94:be:aa:46:b3:
8f:e0:d7:5d:2a:b1:3d:aa:da:43:ce:00:b9:40:c2:6d:cd:9a:
67:70:fa:65:a1:83:38:36:4b:a5:53:69:6e:b7:73:c0:d8:be:
70:de:66:41:f8:a4:13:88:e2:4e:e7:14:21:e1:3f:d0:1d:cd:
08:77:b9:9e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUJlZcFfKuPBswOHAAJu6ikoeL92QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE3MzlaFw0yNDExMDYwOTIyMzlaMDMxMTAvBgNV
BAMTKEQ2NDM0MUNBNjQwODhFN0VGOThCMzc4RjAwOTM2QkE4MjE0N0QzRkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcME3LqaIdzEF2yDfh5XvDfc2g
Nh8i+lvunIk/ANhHEtqxtWMxtjyLCLEXIE9XkiBcmfUAOdxW2Yyz2/ExivAORhwh
SZSPM5ocAt8nCgxMqZTxE4WRo6iRHWaBFx+KBu8ChrlnCQ7v6FmmvMxePAgRy4Cs
N/0oOsJAqcyEdaCRrhcqW946DJma2v2FC53arCENqzwENfS2rmh6vnAif6h2vuUA
vaN9N454N5AoKa3ETL8aF1tz36a94mXXmIz3W36xhJufdLBamKBvGRQTUmlqMLZ/
epZW060Y1+rcTAryJSLCaZrVjxyfseOqt42e6M9ICIezGvZ+VkqjJlltmFTrAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU1kNBymQIjn75izePAJNrqCFH0/wwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzMTMwMzAyZTMy
MzEzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzMDM2MzQzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALlk1DANBgkqhkiG9w0BAQsFAAOCAQEAGD1Muxs5tCMV1UMtL9b62Nz2WVMr
wPSvveyZ1aowkxKvKPEnqrTRHOxJgLfjy81NF171/IfwyxlWrEbRgt0Z4I9MCZcm
v0PPCy8Edqflw6c0l+uu+ZqHL8wZLZHOPXx2QhLVsnJRRgR6s3gM4/miEnbzfXLX
u49v6xDK5YvR4/kTeDX6BSd/lhEVOOw9UnFZ2jSE2g04vgjiq6kB/kpEZXwFidh1
I+3QaClW+fphlpWXfDnmxEoSb3RGnaz4gABVjJS+qkazj+DXXSqxParaQ84AuUDC
bc2aZ3D6ZaGDODZLpVNpbrdzwNi+cN5mQfikE4jiTucUIeE/0B3NCHe5ng==
-----END CERTIFICATE-----
Generated at Sat May 18 04:11:00 2024 by rpki-client on console-ams.rpki-client.org