Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3233352e33322e302f32342d3234203d3e203230343733.roa
File: 3138352e3233352e33322e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: 4F3OPufr9xXsW6x49JxB8y0io3oRDkEUygyCZBJfnv0=
Subject key identifier: B0:9D:A7:92:15:D5:0E:B3:BB:B2:18:FE:2D:F6:8B:BB:E3:8C:E0:1F
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 726BA1CCEDDA25473228DBA841F4524CBB490760
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3233352e33322e302f32342d3234203d3e203230343733.roa
Signing time: Wed 08 Nov 2023 09:21:12 +0000
ROA not before: Wed 08 Nov 2023 09:16:12 +0000
ROA not after: Wed 06 Nov 2024 09:21:12 +0000
asID: 20473
IP address blocks: 185.235.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:6b:a1:cc:ed:da:25:47:32:28:db:a8:41:f4:52:4c:bb:49:07:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:16:12 2023 GMT
Not After : Nov 6 09:21:12 2024 GMT
Subject: CN=B09DA79215D50EB3BBB218FE2DF68BBBE38CE01F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:67:4c:cc:da:b1:f7:88:3a:b0:ed:d0:2e:2e:
62:6d:b2:65:51:09:54:11:bb:c3:2f:45:83:a6:93:
26:bb:20:44:a6:60:38:0e:04:63:5e:38:be:22:65:
f9:a2:12:bd:c5:dc:07:eb:cb:bd:0b:9f:27:e8:e3:
b5:b5:d4:d4:69:d1:66:44:be:c1:7c:3b:a4:0d:21:
b3:b9:16:fa:ba:f7:8b:61:39:f5:d1:56:e7:bc:3e:
1a:0f:ac:60:22:a5:07:c4:81:87:42:93:81:14:27:
0e:1d:6d:e0:a5:24:12:e4:c3:fa:67:19:a8:b7:11:
76:1b:26:db:59:68:3f:02:33:72:66:88:09:25:26:
5d:c3:83:3b:e6:f1:97:3b:c7:03:d5:96:9b:a5:fa:
c2:18:fa:7c:d6:c8:20:1d:81:a2:2c:0f:4a:e6:c4:
b0:ee:f6:20:e5:bf:a3:01:c9:c2:1b:10:58:ae:99:
de:7a:ff:0c:af:8a:13:7f:af:c5:4d:8c:af:af:78:
19:29:9d:97:5f:6f:e0:e2:0a:7b:ba:cd:72:11:fe:
f7:ef:74:8b:1e:6e:e4:04:66:2b:71:25:85:20:38:
8b:ba:11:f0:b2:04:aa:4e:ba:c8:05:8b:cf:83:f3:
40:6d:f4:ae:9a:6a:3f:59:f6:a8:89:a6:b3:5b:f7:
54:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:9D:A7:92:15:D5:0E:B3:BB:B2:18:FE:2D:F6:8B:BB:E3:8C:E0:1F
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3233352e33322e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.32.0/24
Signature Algorithm: sha256WithRSAEncryption
21:fb:14:2b:55:57:4c:1c:5a:ca:07:65:0f:55:e4:28:98:64:
b3:6d:43:4e:7f:c1:0a:6d:8b:33:d8:d7:59:ca:33:60:14:2a:
f2:71:3b:52:25:59:fb:c2:8c:16:e5:be:c3:fe:4c:8e:b0:7e:
04:de:05:58:38:ea:28:2e:5f:ee:a9:e2:58:17:0f:a4:0c:ba:
44:93:37:4a:44:33:60:bb:6e:77:b4:24:f4:78:e2:19:f7:d3:
a4:1f:6e:ad:aa:c2:23:b6:00:24:ba:7a:a3:bb:27:46:3e:89:
a5:a9:84:52:b1:9a:c9:d2:c4:a9:df:f3:41:2a:6e:4e:07:77:
37:6c:44:9b:1a:20:86:56:69:3f:68:8b:6c:cc:f8:5b:b5:c2:
5e:2d:67:fd:68:1b:2b:9a:ca:22:14:a7:45:d8:82:ee:f1:4b:
24:fe:04:af:a9:d6:4a:a8:d1:1f:d8:53:12:03:c9:cf:b2:66:
82:b0:3a:7e:a3:59:48:3a:ff:13:16:9f:16:0d:20:68:8c:0e:
ec:6d:ac:6d:0e:4d:99:d2:88:78:7e:45:51:2c:18:e9:26:e2:
84:72:0a:fe:76:c3:fc:a9:c1:cc:68:ac:bf:61:7a:b9:c5:6a:
62:0c:ca:68:cc:87:bf:4d:03:f3:26:6f:b8:b9:bc:fd:fb:f1:
d9:e8:ab:1f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUcmuhzO3aJUcyKNuoQfRSTLtJB2AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE2MTJaFw0yNDExMDYwOTIxMTJaMDMxMTAvBgNV
BAMTKEIwOURBNzkyMTVENTBFQjNCQkIyMThGRTJERjY4QkJCRTM4Q0UwMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z0zM2rH3iDqw7dAuLmJtsmVR
CVQRu8MvRYOmkya7IESmYDgOBGNeOL4iZfmiEr3F3Afry70Lnyfo47W11NRp0WZE
vsF8O6QNIbO5Fvq694thOfXRVue8PhoPrGAipQfEgYdCk4EUJw4dbeClJBLkw/pn
Gai3EXYbJttZaD8CM3JmiAklJl3Dgzvm8Zc7xwPVlpul+sIY+nzWyCAdgaIsD0rm
xLDu9iDlv6MBycIbEFiumd56/wyvihN/r8VNjK+veBkpnZdfb+DiCnu6zXIR/vfv
dIsebuQEZitxJYUgOIu6EfCyBKpOusgFi8+D80Bt9K6aaj9Z9qiJprNb91QfAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUsJ2nkhXVDrO7shj+LfaLu+OM4B8wHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzMjMzMzUyZTMz
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uesgMA0GCSqGSIb3DQEBCwUAA4IBAQAh+xQrVVdMHFrKB2UPVeQomGSzbUNOf8EK
bYsz2NdZyjNgFCrycTtSJVn7wowW5b7D/kyOsH4E3gVYOOooLl/uqeJYFw+kDLpE
kzdKRDNgu253tCT0eOIZ99OkH26tqsIjtgAkunqjuydGPomlqYRSsZrJ0sSp3/NB
Km5OB3c3bESbGiCGVmk/aItszPhbtcJeLWf9aBsrmsoiFKdF2ILu8Usk/gSvqdZK
qNEf2FMSA8nPsmaCsDp+o1lIOv8TFp8WDSBojA7sbaxtDk2Z0oh4fkVRLBjpJuKE
cgr+dsP8qcHMaKy/YXq5xWpiDMpozIe/TQPzJm+4ubz9+/HZ6Ksf
-----END CERTIFICATE-----
Generated at Mon May 6 19:36:46 2024 by rpki-client on console-fra.rpki-client.org