Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35372e302f32342d3234203d3e203239383032.roa
File: 38352e3135382e35372e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: azyuNJ8E08RKtj+9orRQc5m+RQAM1kND1x1pR99o+/c=
Subject key identifier: 07:26:DA:BD:AD:1D:3B:BB:E9:83:58:1B:E4:E4:BD:EB:C4:3B:5A:60
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 7F8CFAE64B468B88155B5510F76C41071E02E1F7
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35372e302f32342d3234203d3e203239383032.roa
Signing time: Fri 11 Oct 2024 16:43:25 +0000
ROA not before: Fri 11 Oct 2024 16:38:25 +0000
ROA not after: Fri 10 Oct 2025 16:43:25 +0000
asID: 29802
IP address blocks: 85.158.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:8c:fa:e6:4b:46:8b:88:15:5b:55:10:f7:6c:41:07:1e:02:e1:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 11 16:38:25 2024 GMT
Not After : Oct 10 16:43:25 2025 GMT
Subject: CN=0726DABDAD1D3BBBE983581BE4E4BDEBC43B5A60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8b:41:f0:4c:f2:00:cc:56:aa:8f:e0:7a:ce:
7e:19:f4:a4:3a:20:22:7e:2a:cb:58:1b:5f:97:c8:
ac:e5:7f:26:67:14:0e:18:47:39:a6:06:f1:00:db:
87:42:54:f5:62:9a:7b:d5:41:c6:2f:58:46:88:4a:
85:a0:5a:ce:84:ad:53:49:fe:cc:3a:3f:31:f2:d8:
aa:18:91:5e:24:06:3f:ea:01:22:90:3c:39:cf:a6:
ae:6f:85:f3:a3:9f:9f:56:76:de:0e:15:7f:8b:78:
5c:bd:80:f9:92:d8:bc:32:de:36:a3:dd:54:69:d8:
ce:0f:bf:16:53:5e:f5:f4:b7:20:28:9d:2a:a3:10:
0e:45:b5:8f:ba:1c:d1:50:df:f1:64:33:84:df:17:
57:fc:1b:69:30:72:a0:cc:93:23:d0:98:e2:9b:42:
ec:55:69:12:75:f0:a6:d2:50:98:b2:dd:e2:fe:25:
49:a4:21:8c:3b:fd:1f:42:b7:7a:69:06:66:3b:99:
c6:2e:20:7f:fe:67:78:57:5c:59:a8:52:d8:b9:4b:
ae:82:2c:4d:56:89:0b:9e:13:4b:58:fd:32:d5:1d:
3c:13:70:1a:32:3a:c0:b0:4a:9f:5f:ef:85:4f:6f:
98:84:4a:70:df:7d:29:71:92:70:f6:a8:fc:e5:d6:
f9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:26:DA:BD:AD:1D:3B:BB:E9:83:58:1B:E4:E4:BD:EB:C4:3B:5A:60
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35372e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.57.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:38:4e:94:e8:7b:f1:0b:47:5d:64:af:7e:7b:c0:86:88:0c:
43:44:11:64:da:bb:8a:dd:2f:54:2b:eb:fa:6b:10:df:05:09:
f5:b9:fd:53:bb:a4:61:d5:83:1e:25:bf:01:1d:28:e9:3c:15:
74:54:43:68:62:4b:d9:ea:2b:b9:38:1b:18:a0:52:f0:c8:83:
23:e9:92:f2:e0:23:39:27:53:01:3e:ec:5a:30:79:dc:39:40:
3b:35:1e:70:54:4d:83:e5:1b:25:53:df:18:f1:84:f8:57:89:
3b:b8:b7:22:14:79:80:0d:b1:7c:62:b1:6c:52:3b:cc:a4:9b:
42:41:c9:41:61:d5:16:f1:b4:0a:2a:4c:27:3f:10:b0:86:e3:
56:de:ec:46:c6:d3:a6:51:2f:d7:78:00:35:bb:8d:59:98:f2:
51:a1:67:20:c5:4d:4f:40:2a:0c:5a:97:4b:bd:3d:9b:ad:87:
ab:c8:9f:15:e7:14:76:f4:c4:6f:a0:ad:23:8f:1e:45:c9:b0:
50:46:58:12:a4:c6:bc:a0:45:cd:6a:cb:89:94:d5:56:a9:69:
67:35:fb:d1:c2:9a:22:40:a3:ce:08:a7:0f:46:02:92:ca:e6:
7b:82:6c:bf:fa:97:a6:1f:89:d6:1f:d0:51:ce:a8:d9:a8:df:
95:67:f8:fc
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUf4z65ktGi4gVW1UQ92xBBx4C4fcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMTExNjM4MjVaFw0yNTEwMTAxNjQzMjVaMDMxMTAvBgNV
BAMTKDA3MjZEQUJEQUQxRDNCQkJFOTgzNTgxQkU0RTRCREVCQzQzQjVBNjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5i0HwTPIAzFaqj+B6zn4Z9KQ6
ICJ+KstYG1+XyKzlfyZnFA4YRzmmBvEA24dCVPVimnvVQcYvWEaISoWgWs6ErVNJ
/sw6PzHy2KoYkV4kBj/qASKQPDnPpq5vhfOjn59Wdt4OFX+LeFy9gPmS2Lwy3jaj
3VRp2M4PvxZTXvX0tyAonSqjEA5FtY+6HNFQ3/FkM4TfF1f8G2kwcqDMkyPQmOKb
QuxVaRJ18KbSUJiy3eL+JUmkIYw7/R9Ct3ppBmY7mcYuIH/+Z3hXXFmoUti5S66C
LE1WiQueE0tY/TLVHTwTcBoyOsCwSp9f74VPb5iESnDffSlxknD2qPzl1vlzAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUBybava0dO7vpg1gb5OS968Q7WmAwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzEzNTM4MmUzNTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFWe
OTANBgkqhkiG9w0BAQsFAAOCAQEAOzhOlOh78QtHXWSvfnvAhogMQ0QRZNq7it0v
VCvr+msQ3wUJ9bn9U7ukYdWDHiW/AR0o6TwVdFRDaGJL2eoruTgbGKBS8MiDI+mS
8uAjOSdTAT7sWjB53DlAOzUecFRNg+UbJVPfGPGE+FeJO7i3IhR5gA2xfGKxbFI7
zKSbQkHJQWHVFvG0CipMJz8QsIbjVt7sRsbTplEv13gANbuNWZjyUaFnIMVNT0Aq
DFqXS709m62Hq8ifFecUdvTEb6CtI48eRcmwUEZYEqTGvKBFzWrLiZTVVqlpZzX7
0cKaIkCjzginD0YCksrme4Jsv/qXph+J1h/QUc6o2ajflWf4/A==
-----END CERTIFICATE-----
Generated at Sun Nov 24 14:06:23 2024 by rpki-client on console-ams.rpki-client.org