Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3233352e33322e302f32342d3234203d3e203230343733.roa
File: 3138352e3233352e33322e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: gWczhSnkzamwfY0VnZHxooMWObDUoGePT84XigHGh+s=
Subject key identifier: DC:50:16:5A:03:3C:12:F5:5B:37:0B:10:B8:BE:54:6D:FE:3A:5C:F7
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 5DB4ABFF886F30B5191B335719EC7D9B9EF7B837
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3233352e33322e302f32342d3234203d3e203230343733.roa
Signing time: Wed 09 Oct 2024 09:43:24 +0000
ROA not before: Wed 09 Oct 2024 09:38:24 +0000
ROA not after: Wed 08 Oct 2025 09:43:24 +0000
asID: 20473
IP address blocks: 185.235.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:b4:ab:ff:88:6f:30:b5:19:1b:33:57:19:ec:7d:9b:9e:f7:b8:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:24 2024 GMT
Not After : Oct 8 09:43:24 2025 GMT
Subject: CN=DC50165A033C12F55B370B10B8BE546DFE3A5CF7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:92:aa:53:b2:2e:0e:c2:24:58:8c:7f:7e:c8:
3e:dd:8a:02:ff:8c:17:15:20:d0:3b:ed:c1:fd:d3:
1d:c2:79:92:f6:c2:cb:5f:f4:67:bd:f9:55:cc:8d:
a9:75:47:95:84:22:b4:f7:60:a8:47:4a:ec:6c:f3:
cc:47:5e:ed:34:09:c5:2b:45:85:43:cc:c2:c7:6c:
87:b9:4f:98:06:3f:87:fe:26:61:09:28:70:6a:8d:
9a:1c:99:df:1c:96:09:08:c4:3a:ba:35:95:7e:c2:
84:15:93:13:22:b1:de:3c:9d:dc:cd:44:fd:c9:c2:
dc:98:f8:69:23:69:d3:24:74:f0:9f:75:1a:72:ed:
8f:92:67:90:ca:f0:bc:1c:82:25:ed:07:40:a2:1f:
20:8d:2f:20:05:1e:eb:07:d1:b6:f6:f5:67:a1:8b:
fa:74:32:d5:01:77:16:a5:51:d2:84:c5:98:91:c2:
41:4a:a2:d2:12:7c:88:5a:a0:fa:b6:52:6c:c6:58:
07:54:25:43:ee:74:11:59:4e:ac:6b:a7:b8:34:72:
65:ce:16:4f:49:41:c9:fa:47:11:64:61:48:6f:01:
ba:2d:ee:c9:96:a3:95:c5:d9:6b:ee:05:07:cf:53:
fe:82:09:32:c5:f6:fb:66:aa:1f:7d:b8:8e:9d:84:
6c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:50:16:5A:03:3C:12:F5:5B:37:0B:10:B8:BE:54:6D:FE:3A:5C:F7
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3233352e33322e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.32.0/24
Signature Algorithm: sha256WithRSAEncryption
57:ff:21:b1:ac:56:6b:26:61:1b:39:30:2e:f6:cc:dc:13:6c:
6b:76:8b:7d:63:2c:1f:1e:cb:ce:86:fa:a3:8f:36:b2:6f:62:
25:c4:3d:2e:49:0c:18:69:ba:d0:7b:d4:f3:6f:e7:56:91:d1:
f1:41:1b:1e:c3:85:fa:93:8e:da:b4:85:e8:61:28:29:16:2a:
16:76:a2:44:e0:16:2f:fa:78:c2:3d:5f:04:de:49:23:50:8a:
ff:a3:de:df:4b:c2:11:08:7e:6f:6d:07:9f:be:68:3e:60:a7:
bd:1b:92:9d:04:1c:60:e4:1b:91:34:2d:07:9c:66:f3:a5:19:
03:2a:f0:93:b6:3a:34:6d:05:17:29:42:57:ff:8f:5c:35:ae:
b0:6b:11:0a:53:3d:7c:00:45:f5:2a:63:0b:dc:f3:33:2b:09:
9d:28:9b:bd:36:ee:f0:03:0b:cd:05:c9:b7:f5:97:f3:60:52:
8f:c3:69:00:cf:f2:a0:cf:09:27:1e:dd:e5:12:82:d3:8d:96:
b5:65:95:ae:8b:00:32:3a:81:ca:d8:5a:33:c2:29:d8:39:73:
a8:1e:42:42:17:73:f7:1b:5b:7d:2c:db:26:73:e6:b1:ad:4d:
f7:e0:c9:a3:08:39:ba:fd:7c:ef:87:ee:9f:eb:12:b6:93:7e:
5b:b3:d0:d1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXbSr/4hvMLUZGzNXGex9m573uDcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjRaFw0yNTEwMDgwOTQzMjRaMDMxMTAvBgNV
BAMTKERDNTAxNjVBMDMzQzEyRjU1QjM3MEIxMEI4QkU1NDZERkUzQTVDRjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCskqpTsi4OwiRYjH9+yD7digL/
jBcVINA77cH90x3CeZL2wstf9Ge9+VXMjal1R5WEIrT3YKhHSuxs88xHXu00CcUr
RYVDzMLHbIe5T5gGP4f+JmEJKHBqjZocmd8clgkIxDq6NZV+woQVkxMisd48ndzN
RP3JwtyY+GkjadMkdPCfdRpy7Y+SZ5DK8LwcgiXtB0CiHyCNLyAFHusH0bb29Weh
i/p0MtUBdxalUdKExZiRwkFKotISfIhaoPq2UmzGWAdUJUPudBFZTqxrp7g0cmXO
Fk9JQcn6RxFkYUhvAbot7smWo5XF2WvuBQfPU/6CCTLF9vtmqh99uI6dhGxZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU3FAWWgM8EvVbNwsQuL5Ubf46XPcwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzMjMzMzUyZTMz
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uesgMA0GCSqGSIb3DQEBCwUAA4IBAQBX/yGxrFZrJmEbOTAu9szcE2xrdot9Yywf
HsvOhvqjjzayb2IlxD0uSQwYabrQe9Tzb+dWkdHxQRsew4X6k47atIXoYSgpFioW
dqJE4BYv+njCPV8E3kkjUIr/o97fS8IRCH5vbQefvmg+YKe9G5KdBBxg5BuRNC0H
nGbzpRkDKvCTtjo0bQUXKUJX/49cNa6waxEKUz18AEX1KmML3PMzKwmdKJu9Nu7w
AwvNBcm39ZfzYFKPw2kAz/KgzwknHt3lEoLTjZa1ZZWuiwAyOoHK2FozwinYOXOo
HkJCF3P3G1t9LNsmc+axrU334MmjCDm6/Xzvh+6f6xK2k35bs9DR
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:30:59 2025 by rpki-client