Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139352e302f32342d3234203d3e20323030303838.roa
File: 38352e3233372e3139352e302f32342d3234203d3e20323030303838.roa (raw, json)
Hash identifier: q2JllYW9H2D/1oMWCkcjHTpWVn1QclKJ++aoTiw0d7M=
Subject key identifier: FE:90:5A:21:CF:05:9A:32:78:0B:93:EC:CE:22:53:5E:F6:0C:B1:89
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 506EC9F11A297BA47D164E179B557C692A3FF7BF
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139352e302f32342d3234203d3e20323030303838.roa
Signing time: Wed 09 Oct 2024 09:43:24 +0000
ROA not before: Wed 09 Oct 2024 09:38:24 +0000
ROA not after: Wed 08 Oct 2025 09:43:24 +0000
asID: 200088
IP address blocks: 85.237.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:6e:c9:f1:1a:29:7b:a4:7d:16:4e:17:9b:55:7c:69:2a:3f:f7:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:24 2024 GMT
Not After : Oct 8 09:43:24 2025 GMT
Subject: CN=FE905A21CF059A32780B93ECCE22535EF60CB189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6c:9c:1a:be:eb:02:ac:99:8f:83:21:8b:11:
83:cd:08:aa:1d:53:99:54:cb:b0:84:7c:d1:2b:a6:
ea:ed:4d:88:79:73:4a:23:08:19:de:71:97:6f:32:
23:a2:33:a6:58:b3:8a:be:a9:bd:d0:30:26:ad:ab:
8c:ca:25:ad:a8:73:9b:09:d7:0f:6c:98:fb:5e:a1:
1f:66:82:50:f3:6a:cf:72:25:30:39:dc:98:49:3d:
c9:51:df:72:74:25:7e:58:98:4e:73:ca:b3:cc:3c:
9f:39:49:dd:b6:e2:1d:41:e1:18:87:84:50:77:63:
f6:09:50:c0:6c:3e:94:e2:a8:02:fb:9e:d0:61:9b:
2a:c9:fd:99:82:69:72:17:45:0f:74:63:2b:b6:ae:
7d:c6:18:fc:28:b7:30:e1:53:55:32:4f:a2:7c:08:
08:7a:65:62:b8:4f:17:2b:d0:d1:73:26:80:75:42:
cc:e9:56:ff:13:b2:43:f2:e3:64:1e:58:73:14:33:
31:26:9b:f0:f7:13:e3:a4:a0:c2:85:0c:90:09:1d:
3c:19:f3:4a:29:4c:f0:85:95:e0:66:75:c0:43:b2:
a7:b5:b8:d6:d6:ca:d0:0c:29:d5:25:29:9f:92:60:
34:48:50:90:3f:6a:7e:8c:96:4e:40:65:bb:ec:f7:
5d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:90:5A:21:CF:05:9A:32:78:0B:93:EC:CE:22:53:5E:F6:0C:B1:89
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139352e302f32342d3234203d3e20323030303838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.195.0/24
Signature Algorithm: sha256WithRSAEncryption
19:94:cf:95:8b:a5:22:c0:5d:56:a8:99:16:41:31:96:de:46:
21:94:08:cf:61:85:0a:bc:04:a8:e2:1b:cc:c9:b1:21:0d:e0:
36:59:3c:ea:b4:eb:dc:85:42:44:34:a0:ca:2b:4f:8b:70:1a:
96:ca:7a:eb:44:f7:92:1d:93:e7:f3:74:a4:23:c9:d4:86:89:
a1:9e:70:05:ae:a6:4a:f5:c1:d0:c1:81:cb:00:5c:c9:32:80:
8c:fd:98:75:45:bc:d7:de:67:8d:cd:da:93:53:a2:17:ef:fb:
db:bf:32:2a:2e:49:42:8c:b8:e2:88:ff:d1:81:7d:1d:bf:59:
e3:3b:79:dd:6b:07:64:1b:9a:4f:8b:5d:67:44:38:70:ff:b2:
27:6a:b5:21:ba:6f:7e:c4:02:24:7f:9d:5b:ec:0d:5d:34:ac:
94:02:39:59:85:6f:d1:1d:23:3a:5e:f1:20:28:11:c3:d6:0d:
5d:2f:19:b9:e0:09:ae:e9:a7:9b:6d:04:49:0a:64:6a:2a:ad:
ca:aa:c8:02:6d:e9:49:40:e3:5d:ba:ed:7a:ba:4a:85:72:ab:
68:ba:d1:ee:9d:e7:06:56:6d:36:a9:80:0c:e2:67:ba:d9:a0:
59:f8:57:0a:3e:ae:83:c3:f5:66:6f:37:d8:5e:f7:bf:33:18:
5c:bc:6d:3a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUG7J8Rope6R9Fk4Xm1V8aSo/978wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjRaFw0yNTEwMDgwOTQzMjRaMDMxMTAvBgNV
BAMTKEZFOTA1QTIxQ0YwNTlBMzI3ODBCOTNFQ0NFMjI1MzVFRjYwQ0IxODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDbJwavusCrJmPgyGLEYPNCKod
U5lUy7CEfNErpurtTYh5c0ojCBnecZdvMiOiM6ZYs4q+qb3QMCatq4zKJa2oc5sJ
1w9smPteoR9mglDzas9yJTA53JhJPclR33J0JX5YmE5zyrPMPJ85Sd224h1B4RiH
hFB3Y/YJUMBsPpTiqAL7ntBhmyrJ/ZmCaXIXRQ90Yyu2rn3GGPwotzDhU1UyT6J8
CAh6ZWK4Txcr0NFzJoB1QszpVv8TskPy42QeWHMUMzEmm/D3E+OkoMKFDJAJHTwZ
80opTPCFleBmdcBDsqe1uNbWytAMKdUlKZ+SYDRIUJA/an6Mlk5AZbvs913NAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU/pBaIc8FmjJ4C5PsziJTXvYMsYkwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMTM5
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzAzMDM4Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7cMwDQYJKoZIhvcNAQELBQADggEBABmUz5WLpSLAXVaomRZBMZbeRiGUCM9h
hQq8BKjiG8zJsSEN4DZZPOq069yFQkQ0oMorT4twGpbKeutE95Idk+fzdKQjydSG
iaGecAWupkr1wdDBgcsAXMkygIz9mHVFvNfeZ43N2pNTohfv+9u/MiouSUKMuOKI
/9GBfR2/WeM7ed1rB2Qbmk+LXWdEOHD/sidqtSG6b37EAiR/nVvsDV00rJQCOVmF
b9EdIzpe8SAoEcPWDV0vGbngCa7pp5ttBEkKZGoqrcqqyAJt6UlA41267Xq6SoVy
q2i60e6d5wZWbTapgAziZ7rZoFn4Vwo+roPD9WZvN9he978zGFy8bTo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 07:03:44 2024 by rpki-client on console-fra.rpki-client.org