Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35362e302f32342d3234203d3e20323131333733.roa
File: 38352e3135382e35362e302f32342d3234203d3e20323131333733.roa (raw, json)
Hash identifier: Lka1HZVJ9gozGTfk+9AUjslwjxR4WwrkpTMC4As1PII=
Subject key identifier: 70:62:14:4F:44:86:C1:75:22:2C:70:EC:B9:70:B3:7D:84:63:CB:34
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 59E7538F37B84B29B3B0D6DEF74BA8EFA9B23219
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35362e302f32342d3234203d3e20323131333733.roa
Signing time: Wed 08 Nov 2023 09:23:40 +0000
ROA not before: Wed 08 Nov 2023 09:18:40 +0000
ROA not after: Wed 06 Nov 2024 09:23:40 +0000
asID: 211373
IP address blocks: 85.158.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 May 2024 19:45:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:e7:53:8f:37:b8:4b:29:b3:b0:d6:de:f7:4b:a8:ef:a9:b2:32:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:18:40 2023 GMT
Not After : Nov 6 09:23:40 2024 GMT
Subject: CN=7062144F4486C175222C70ECB970B37D8463CB34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8e:6d:d8:8b:11:ca:6c:ee:49:2a:46:24:94:
a2:09:4e:23:4c:76:1c:01:5d:c4:87:4a:98:45:11:
79:a3:09:4b:e2:49:cd:ee:67:45:85:c0:bb:65:3c:
4d:5d:ee:5a:d6:48:48:88:d4:37:76:0f:83:a3:01:
79:9e:a5:fa:51:16:a7:33:55:36:37:b8:13:ae:8f:
1f:20:c4:b9:86:c9:b2:cc:43:bd:04:92:b8:1e:35:
28:ad:5d:d1:43:95:f8:c3:ef:40:bf:af:0e:d0:a1:
09:44:71:f4:39:7e:00:de:32:86:a5:85:d6:c9:16:
3f:04:80:45:76:03:b1:b2:09:af:31:a8:51:27:71:
f3:aa:01:10:4f:b2:67:d6:42:62:41:24:aa:c9:b6:
d2:7b:6c:19:46:a4:0d:61:74:5c:52:e9:73:03:f5:
f9:2a:74:e7:45:aa:07:7e:f4:de:19:8e:13:fe:81:
bc:bb:7d:ac:60:fd:0a:1c:a0:2c:4f:77:af:40:27:
82:b1:ac:23:5c:7b:b5:38:03:a2:c6:37:02:03:35:
f7:6e:99:22:6f:7e:ef:92:07:9d:f6:ba:c8:e7:f6:
44:2c:c3:d1:43:61:41:91:93:2e:73:6a:6a:76:fd:
04:87:2f:c9:50:6a:ee:88:16:70:51:72:86:c0:b9:
22:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:62:14:4F:44:86:C1:75:22:2C:70:EC:B9:70:B3:7D:84:63:CB:34
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35362e302f32342d3234203d3e20323131333733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.56.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:0f:65:43:09:05:ba:94:46:13:95:2f:ef:60:3b:62:35:b4:
0d:40:12:9a:fd:72:2b:a3:92:e0:dc:2d:bf:f5:8f:df:5a:1c:
e3:2d:7c:71:03:6d:04:a3:65:5b:f2:bc:97:73:8d:f0:ab:61:
13:d1:d6:f9:5d:02:7f:13:37:c3:ca:d8:50:6d:50:08:0a:9f:
22:2d:75:e3:68:a8:aa:1b:32:c9:25:3f:be:f6:71:20:fb:ec:
05:f4:d2:d0:73:ec:02:6e:b1:ab:da:b7:1e:db:ef:c4:51:e0:
83:20:28:7c:81:5e:8d:a9:7a:ec:be:e2:46:24:66:51:fa:dd:
8d:42:b2:90:4c:83:36:e4:1d:5c:62:49:0f:90:75:af:e2:08:
18:6b:51:22:f1:5a:86:1f:2f:34:8a:e1:f7:65:22:67:73:9d:
a7:44:a5:2d:2b:e2:ea:7e:6b:c0:9b:05:6c:16:e8:b9:ae:46:
36:ee:05:ed:86:8e:f4:8e:f0:c0:c2:e2:a4:3d:0a:fd:e5:a2:
25:b0:c2:2a:20:9b:3d:c7:95:fd:00:2f:f9:7e:b1:4d:70:f3:
fd:b7:d3:31:23:15:c1:8d:5a:f6:44:7c:02:f2:9c:97:eb:d9:
44:e9:4a:ec:ce:ff:44:70:b2:53:f1:52:fe:9d:13:d3:34:72:
f6:6f:0a:38
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWedTjze4SymzsNbe90uo76myMhkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE4NDBaFw0yNDExMDYwOTIzNDBaMDMxMTAvBgNV
BAMTKDcwNjIxNDRGNDQ4NkMxNzUyMjJDNzBFQ0I5NzBCMzdEODQ2M0NCMzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQjm3YixHKbO5JKkYklKIJTiNM
dhwBXcSHSphFEXmjCUviSc3uZ0WFwLtlPE1d7lrWSEiI1Dd2D4OjAXmepfpRFqcz
VTY3uBOujx8gxLmGybLMQ70EkrgeNSitXdFDlfjD70C/rw7QoQlEcfQ5fgDeMoal
hdbJFj8EgEV2A7GyCa8xqFEncfOqARBPsmfWQmJBJKrJttJ7bBlGpA1hdFxS6XMD
9fkqdOdFqgd+9N4ZjhP+gby7faxg/QocoCxPd69AJ4KxrCNce7U4A6LGNwIDNfdu
mSJvfu+SB532usjn9kQsw9FDYUGRky5zamp2/QSHL8lQau6IFnBRcobAuSKNAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUcGIUT0SGwXUiLHDsuXCzfYRjyzQwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzEzNTM4MmUzNTM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMxMzMzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VZ44MA0GCSqGSIb3DQEBCwUAA4IBAQB/D2VDCQW6lEYTlS/vYDtiNbQNQBKa/XIr
o5Lg3C2/9Y/fWhzjLXxxA20Eo2Vb8ryXc43wq2ET0db5XQJ/EzfDythQbVAICp8i
LXXjaKiqGzLJJT++9nEg++wF9NLQc+wCbrGr2rce2+/EUeCDICh8gV6NqXrsvuJG
JGZR+t2NQrKQTIM25B1cYkkPkHWv4ggYa1Ei8VqGHy80iuH3ZSJnc52nRKUtK+Lq
fmvAmwVsFui5rkY27gXtho70jvDAwuKkPQr95aIlsMIqIJs9x5X9AC/5frFNcPP9
t9MxIxXBjVr2RHwC8pyX69lE6Urszv9EcLJT8VL+nRPTNHL2bwo4
-----END CERTIFICATE-----
Generated at Tue May 28 03:15:13 2024 by rpki-client on console-ams.rpki-client.org