Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35372e302f32342d3234203d3e203230343733.roa
File: 38352e3135382e35372e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: EAjDVdc/nT8BVL/Pvvs2Mp5QPktCT2i5QHkNg1kn2zg=
Subject key identifier: 16:72:6F:F6:BE:C2:8A:C5:A7:D4:DC:D4:10:E2:9D:ED:BF:A3:B9:22
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 1FEDB35C604D76589D709E81A0123356606B3C4A
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35372e302f32342d3234203d3e203230343733.roa
Signing time: Mon 06 May 2024 16:53:50 +0000
ROA not before: Mon 06 May 2024 16:48:50 +0000
ROA not after: Mon 05 May 2025 16:53:50 +0000
asID: 20473
IP address blocks: 85.158.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:ed:b3:5c:60:4d:76:58:9d:70:9e:81:a0:12:33:56:60:6b:3c:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: May 6 16:48:50 2024 GMT
Not After : May 5 16:53:50 2025 GMT
Subject: CN=16726FF6BEC28AC5A7D4DCD410E29DEDBFA3B922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:83:dc:97:99:b7:72:1f:fd:64:eb:19:e2:35:
d5:3f:12:12:9d:ec:3f:c1:c3:4a:f1:f9:6d:ee:62:
1f:3a:7b:6f:dc:0b:23:60:7a:a5:6b:35:9f:41:a1:
b4:70:64:53:86:ab:1f:ff:7f:65:27:79:2c:ec:45:
b2:d6:8a:ac:b0:16:53:77:42:1c:dc:da:66:a4:6a:
4b:8e:cf:48:62:7a:25:8f:44:d5:27:22:5d:7f:87:
33:c0:49:a9:b1:1d:d5:49:02:0a:dd:b8:0c:96:17:
d8:39:52:e1:ba:c3:31:ac:8a:3d:b0:b1:e7:1e:4a:
f9:4e:ae:82:06:da:5b:58:8d:f0:31:c9:ce:34:36:
96:95:d7:10:36:c1:f6:e2:6f:32:60:d8:12:99:e3:
ee:1e:62:db:76:aa:49:b8:e6:a7:7c:db:d1:b5:95:
88:1b:80:6e:4a:54:cd:6c:00:4f:7c:23:cb:76:16:
fb:25:df:39:37:d9:71:fb:6d:d0:89:ae:55:e4:20:
23:ac:20:46:04:31:0d:b7:24:36:b1:7e:85:cf:49:
bf:b5:82:c6:59:44:16:b9:8d:94:14:a0:d7:e0:65:
f8:09:fe:e3:d7:e2:91:a8:ae:ff:15:6a:4d:5d:5a:
7c:39:fb:a5:d2:4c:70:3e:9a:3f:dc:53:24:c0:b9:
4f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:72:6F:F6:BE:C2:8A:C5:A7:D4:DC:D4:10:E2:9D:ED:BF:A3:B9:22
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35372e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.57.0/24
Signature Algorithm: sha256WithRSAEncryption
33:f3:65:77:be:d8:b9:47:fa:3b:88:38:df:1e:f9:ad:71:8c:
e3:00:c7:d1:ce:63:30:37:ac:86:9b:3f:7c:d2:d2:95:fb:87:
85:53:20:df:fb:aa:74:03:0f:7a:ff:b0:d9:5c:5c:a4:84:ad:
90:94:fa:43:23:86:8e:e7:4a:a9:62:6d:a9:22:2d:63:36:85:
fe:2d:2b:81:b2:05:e6:36:89:65:1a:81:7a:0e:60:de:89:a5:
4f:de:b9:b7:79:00:09:1a:e2:a8:43:9d:88:92:e4:2c:8e:99:
2a:e6:71:be:74:78:bb:0a:72:1e:f0:b2:92:43:08:15:fb:d1:
cf:2d:3d:0d:b8:53:f6:fb:3d:23:80:64:cb:7a:d6:49:05:36:
ac:09:95:e1:67:c4:61:65:50:ee:98:1f:55:62:30:0b:f6:53:
45:ab:2d:b5:2f:5f:80:99:0e:d5:7b:06:cf:01:74:7f:27:4c:
c4:60:77:30:00:e5:8a:74:19:3f:07:8b:8a:48:6f:bd:4f:d5:
39:0c:11:92:6e:70:8e:d1:6e:16:3f:d2:d5:10:5c:91:b5:85:
de:5d:df:d6:0c:9f:be:c5:65:81:48:bf:46:87:9d:c9:58:2f:
c8:ed:77:8b:16:fe:8b:89:d9:23:58:35:03:86:9e:ba:af:90:
65:96:46:41
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUH+2zXGBNdlidcJ6BoBIzVmBrPEowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDA1MDYxNjQ4NTBaFw0yNTA1MDUxNjUzNTBaMDMxMTAvBgNV
BAMTKDE2NzI2RkY2QkVDMjhBQzVBN0Q0RENENDEwRTI5REVEQkZBM0I5MjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvg9yXmbdyH/1k6xniNdU/EhKd
7D/Bw0rx+W3uYh86e2/cCyNgeqVrNZ9BobRwZFOGqx//f2UneSzsRbLWiqywFlN3
Qhzc2makakuOz0hieiWPRNUnIl1/hzPASamxHdVJAgrduAyWF9g5UuG6wzGsij2w
seceSvlOroIG2ltYjfAxyc40NpaV1xA2wfbibzJg2BKZ4+4eYtt2qkm45qd829G1
lYgbgG5KVM1sAE98I8t2Fvsl3zk32XH7bdCJrlXkICOsIEYEMQ23JDaxfoXPSb+1
gsZZRBa5jZQUoNfgZfgJ/uPX4pGorv8Vak1dWnw5+6XSTHA+mj/cUyTAuU/pAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUFnJv9r7CisWn1NzUEOKd7b+juSIwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzEzNTM4MmUzNTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM0MzczMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFWe
OTANBgkqhkiG9w0BAQsFAAOCAQEAM/Nld77YuUf6O4g43x75rXGM4wDH0c5jMDes
hps/fNLSlfuHhVMg3/uqdAMPev+w2VxcpIStkJT6QyOGjudKqWJtqSItYzaF/i0r
gbIF5jaJZRqBeg5g3omlT965t3kACRriqEOdiJLkLI6ZKuZxvnR4uwpyHvCykkMI
FfvRzy09DbhT9vs9I4Bky3rWSQU2rAmV4WfEYWVQ7pgfVWIwC/ZTRasttS9fgJkO
1XsGzwF0fydMxGB3MADlinQZPweLikhvvU/VOQwRkm5wjtFuFj/S1RBckbWF3l3f
1gyfvsVlgUi/RoedyVgvyO13ixb+i4nZI1g1A4aeuq+QZZZGQQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org