Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139352e302f32342d3234203d3e20323030303838.roa
File: 38352e3233372e3139352e302f32342d3234203d3e20323030303838.roa (raw, json)
Hash identifier: +s6ffsweax3sPp9WmuUYUeNkwwfAc0LCwcSXGQFvuhs=
Subject key identifier: 8F:08:2A:68:4A:F8:CF:3E:2B:49:5C:88:C8:51:4C:09:A4:6E:0C:F1
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 2E7D881E756401A5BAA1644A8F491CFECC6198EB
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139352e302f32342d3234203d3e20323030303838.roa
Signing time: Wed 08 Nov 2023 09:23:00 +0000
ROA not before: Wed 08 Nov 2023 09:18:00 +0000
ROA not after: Wed 06 Nov 2024 09:23:00 +0000
asID: 200088
IP address blocks: 85.237.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:7d:88:1e:75:64:01:a5:ba:a1:64:4a:8f:49:1c:fe:cc:61:98:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:18:00 2023 GMT
Not After : Nov 6 09:23:00 2024 GMT
Subject: CN=8F082A684AF8CF3E2B495C88C8514C09A46E0CF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:15:99:6b:3b:fb:d2:1f:9b:f0:7a:05:1b:83:
27:81:46:f0:e0:af:8d:d8:a5:95:0a:20:67:48:43:
1f:26:48:55:7b:b8:27:65:ab:fd:31:24:6e:af:4f:
b5:4b:09:7e:80:33:23:f3:ef:6b:d3:53:10:17:05:
a9:f3:63:57:74:34:e3:cc:f6:25:f4:c4:71:57:e6:
2d:6b:08:79:fa:82:58:72:3e:be:3d:a2:eb:c3:a4:
d3:08:41:5b:40:54:30:c6:49:de:93:80:b7:56:36:
d3:44:8e:62:21:2a:fb:07:36:6f:64:52:a0:08:2d:
a8:83:26:2f:e2:7a:7d:be:89:e5:f3:35:91:42:39:
45:96:90:3b:c4:37:e4:ca:58:0e:e9:79:52:5c:d0:
69:1e:ff:c0:0e:7f:0c:a8:a1:27:61:49:c2:ca:e5:
0f:8a:e0:e2:05:99:1f:d5:9f:02:47:69:c8:02:38:
22:f5:c4:65:6b:d5:78:e7:0f:8f:28:a1:5a:24:b3:
f9:45:0e:5b:51:ba:fc:c7:e8:7e:4f:e1:87:68:3c:
22:f5:09:7c:c4:27:59:26:f3:3a:68:aa:84:ee:a9:
54:8a:ae:25:38:70:ed:a9:97:cc:7c:e7:9b:1b:61:
0a:98:cc:1a:d3:af:b5:14:00:ff:7b:84:7c:64:16:
d3:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:08:2A:68:4A:F8:CF:3E:2B:49:5C:88:C8:51:4C:09:A4:6E:0C:F1
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139352e302f32342d3234203d3e20323030303838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.195.0/24
Signature Algorithm: sha256WithRSAEncryption
47:b5:58:ef:42:70:87:b9:b7:87:6a:b6:d8:fe:00:38:38:98:
d4:dc:aa:19:2f:b4:4a:c4:c1:42:cc:b4:78:b7:a1:ae:0b:d3:
85:26:cd:c5:4e:60:40:4d:98:f5:7b:4f:5f:56:05:8c:7d:48:
70:b0:25:19:78:06:8a:c9:2e:58:d0:67:b3:32:ac:07:eb:4d:
09:d9:09:0d:fa:3b:4e:ba:cf:cd:fb:54:d9:4a:03:23:d0:62:
58:8a:7d:53:eb:3e:97:e4:f2:d8:65:31:51:16:6b:93:71:7d:
ba:4d:0b:91:6a:85:bc:f1:bb:ca:41:47:78:5b:61:38:0e:90:
bf:55:f0:68:1b:03:1d:6d:1d:6b:89:8f:67:a6:89:4e:7f:27:
2d:a3:86:23:8d:c7:ec:71:35:3f:d6:85:a2:70:4a:be:62:4f:
be:f3:79:0a:5c:f3:7f:48:f6:05:dd:13:aa:7e:83:2e:b4:2a:
55:80:21:a7:c6:8d:66:b0:e4:36:b9:50:a0:88:9e:d0:97:dd:
4c:c0:c8:df:64:2b:cd:d7:b7:d9:20:c9:ed:2d:bd:f7:d4:04:
df:f0:fc:a8:17:bc:67:d6:29:34:db:61:c6:82:92:b8:9d:c4:
f2:d8:c1:1a:31:ba:9c:94:34:0a:dd:65:a4:5f:58:b8:ee:f9:
0f:87:e8:22
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULn2IHnVkAaW6oWRKj0kc/sxhmOswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE4MDBaFw0yNDExMDYwOTIzMDBaMDMxMTAvBgNV
BAMTKDhGMDgyQTY4NEFGOENGM0UyQjQ5NUM4OEM4NTE0QzA5QTQ2RTBDRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSFZlrO/vSH5vwegUbgyeBRvDg
r43YpZUKIGdIQx8mSFV7uCdlq/0xJG6vT7VLCX6AMyPz72vTUxAXBanzY1d0NOPM
9iX0xHFX5i1rCHn6glhyPr49ouvDpNMIQVtAVDDGSd6TgLdWNtNEjmIhKvsHNm9k
UqAILaiDJi/ien2+ieXzNZFCOUWWkDvEN+TKWA7peVJc0Gke/8AOfwyooSdhScLK
5Q+K4OIFmR/VnwJHacgCOCL1xGVr1XjnD48ooVoks/lFDltRuvzH6H5P4YdoPCL1
CXzEJ1km8zpoqoTuqVSKriU4cO2pl8x855sbYQqYzBrTr7UUAP97hHxkFtPfAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUjwgqaEr4zz4rSVyIyFFMCaRuDPEwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMTM5
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzAzMDM4Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7cMwDQYJKoZIhvcNAQELBQADggEBAEe1WO9CcIe5t4dqttj+ADg4mNTcqhkv
tErEwULMtHi3oa4L04UmzcVOYEBNmPV7T19WBYx9SHCwJRl4BorJLljQZ7MyrAfr
TQnZCQ36O066z837VNlKAyPQYliKfVPrPpfk8thlMVEWa5NxfbpNC5Fqhbzxu8pB
R3hbYTgOkL9V8GgbAx1tHWuJj2emiU5/Jy2jhiONx+xxNT/WhaJwSr5iT77zeQpc
839I9gXdE6p+gy60KlWAIafGjWaw5Da5UKCIntCX3UzAyN9kK83Xt9kgye0tvffU
BN/w/KgXvGfWKTTbYcaCkridxPLYwRoxupyUNArdZaRfWLju+Q+H6CI=
-----END CERTIFICATE-----
Generated at Fri May 31 21:33:36 2024 by rpki-client on console-fra.rpki-client.org