Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139342e302f32342d3234203d3e20323036303932.roa
File: 38352e3233372e3139342e302f32342d3234203d3e20323036303932.roa (raw, json)
Hash identifier: /Fo4s6JvV81MKtNr6dE2swQZE3ba3NqrSn4mrUl5HWs=
Subject key identifier: C6:F1:99:A9:A2:AA:52:34:E1:55:15:63:1F:38:10:6B:AA:1E:94:CC
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 07EC51C3CFF205BEEB39A45F41773948355724AC
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139342e302f32342d3234203d3e20323036303932.roa
Signing time: Wed 09 Oct 2024 09:43:25 +0000
ROA not before: Wed 09 Oct 2024 09:38:25 +0000
ROA not after: Wed 08 Oct 2025 09:43:25 +0000
asID: 206092
IP address blocks: 85.237.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:ec:51:c3:cf:f2:05:be:eb:39:a4:5f:41:77:39:48:35:57:24:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:25 2024 GMT
Not After : Oct 8 09:43:25 2025 GMT
Subject: CN=C6F199A9A2AA5234E15515631F38106BAA1E94CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:01:18:22:96:ec:8c:cb:51:13:63:85:99:5b:
db:af:83:57:55:97:e3:12:26:74:82:9e:d7:d2:a6:
b0:6a:00:e6:df:eb:2e:ce:d3:0b:3f:4c:f2:e7:34:
34:1f:71:64:b6:8f:cb:57:95:d9:e4:03:68:da:59:
9b:50:49:57:d0:34:8b:f9:87:af:35:90:cc:7d:be:
bf:d9:7a:b3:ae:97:42:0a:85:84:ba:e6:81:cc:57:
42:49:c0:23:49:80:d8:a0:ef:d6:6f:3c:fc:5b:5a:
a0:8a:c0:f0:f2:76:2e:d8:81:fb:fd:98:13:21:a6:
79:78:3f:7c:dd:40:dd:32:b7:fe:d2:33:13:17:e7:
5c:0c:a7:4c:59:7f:13:94:80:9c:5a:bf:d1:a8:7f:
e7:b7:07:4d:4a:4f:79:00:ac:9f:0d:86:59:81:65:
fc:bb:3e:1e:93:8f:0e:6a:d6:03:a2:78:11:38:af:
0e:03:b0:8f:e4:60:c7:5a:7b:11:b8:e9:04:e6:af:
f3:63:74:1a:94:04:aa:43:5b:00:de:9f:90:49:e5:
2a:27:65:84:44:ac:55:43:fa:13:8f:84:bc:be:64:
3a:7f:25:73:f6:5b:94:e0:0e:c9:04:9f:71:d7:d3:
57:b1:af:66:b9:a8:f5:7c:aa:0f:9c:39:20:1e:9d:
f2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:F1:99:A9:A2:AA:52:34:E1:55:15:63:1F:38:10:6B:AA:1E:94:CC
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139342e302f32342d3234203d3e20323036303932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.194.0/24
Signature Algorithm: sha256WithRSAEncryption
70:a8:fe:06:bb:e1:da:ac:e4:3b:f1:2b:8c:46:21:be:10:16:
ff:65:fa:62:2c:91:1b:bf:14:e1:c5:cb:27:d9:6d:c1:44:db:
92:f8:5e:6d:3e:d9:38:9f:e2:c7:cd:d4:32:12:43:57:d2:f7:
f5:5f:66:b5:e0:79:6f:fa:77:29:c0:c5:27:cc:89:6a:4b:f7:
ff:9b:6f:1a:f9:6c:9b:8b:09:4c:23:66:db:dc:62:22:9c:37:
90:44:8f:51:3a:91:dc:67:f3:98:d9:ff:2c:41:24:cf:17:35:
04:3f:8c:e2:f1:f7:6c:18:02:f0:22:04:a2:4a:60:5d:83:d0:
fb:9f:3f:66:76:23:eb:94:93:5f:0c:0f:ef:0a:db:b1:4b:3c:
4f:2b:4c:36:7b:ee:02:ff:bb:d9:21:7c:52:e7:27:9d:55:a9:
19:b9:a9:d2:4b:58:cb:d3:b4:1d:f7:a0:f8:0e:e4:db:32:95:
ac:4b:36:69:2e:e3:5e:a5:cf:d8:86:0c:f5:b3:ad:5e:f3:38:
8c:c8:48:f9:d9:4a:28:03:0b:9b:5e:c2:16:b8:14:6e:b4:a4:
c4:1f:a4:a7:7e:2c:1b:74:20:b9:60:ea:25:8e:84:e8:5e:3b:
08:92:8d:08:42:f6:ec:29:bf:07:75:7b:71:bc:f2:2b:e9:4c:
c8:e1:3a:a6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUB+xRw8/yBb7rOaRfQXc5SDVXJKwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjVaFw0yNTEwMDgwOTQzMjVaMDMxMTAvBgNV
BAMTKEM2RjE5OUE5QTJBQTUyMzRFMTU1MTU2MzFGMzgxMDZCQUExRTk0Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdARgiluyMy1ETY4WZW9uvg1dV
l+MSJnSCntfSprBqAObf6y7O0ws/TPLnNDQfcWS2j8tXldnkA2jaWZtQSVfQNIv5
h681kMx9vr/ZerOul0IKhYS65oHMV0JJwCNJgNig79ZvPPxbWqCKwPDydi7Ygfv9
mBMhpnl4P3zdQN0yt/7SMxMX51wMp0xZfxOUgJxav9Gof+e3B01KT3kArJ8NhlmB
Zfy7Ph6Tjw5q1gOieBE4rw4DsI/kYMdaexG46QTmr/NjdBqUBKpDWwDen5BJ5Son
ZYRErFVD+hOPhLy+ZDp/JXP2W5TgDskEn3HX01exr2a5qPV8qg+cOSAenfIhAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUxvGZqaKqUjThVRVjHzgQa6oelMwwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMTM5
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzMDM5MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7cIwDQYJKoZIhvcNAQELBQADggEBAHCo/ga74dqs5DvxK4xGIb4QFv9l+mIs
kRu/FOHFyyfZbcFE25L4Xm0+2Tif4sfN1DISQ1fS9/VfZrXgeW/6dynAxSfMiWpL
9/+bbxr5bJuLCUwjZtvcYiKcN5BEj1E6kdxn85jZ/yxBJM8XNQQ/jOLx92wYAvAi
BKJKYF2D0PufP2Z2I+uUk18MD+8K27FLPE8rTDZ77gL/u9khfFLnJ51VqRm5qdJL
WMvTtB33oPgO5NsylaxLNmku416lz9iGDPWzrV7zOIzISPnZSigDC5tewha4FG60
pMQfpKd+LBt0ILlg6iWOhOheOwiSjQhC9uwpvwd1e3G88ivpTMjhOqY=
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:50 2024 by rpki-client on console-fra.rpki-client.org