Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139372e302f32342d3234203d3e20343030303430.roa
File: 38352e3233372e3139372e302f32342d3234203d3e20343030303430.roa (raw, json)
Hash identifier: xEtUQVjpsdj7PXepY+0QNAchl0G6lyaGN7IBtw7uC6Q=
Subject key identifier: 82:A2:76:20:EA:71:77:22:BD:21:87:BD:D1:01:36:F5:14:82:BB:10
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 6C7D3C467B0E901634381BD76F93C4A01DD9EB0D
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139372e302f32342d3234203d3e20343030303430.roa
Signing time: Wed 08 Nov 2023 09:24:33 +0000
ROA not before: Wed 08 Nov 2023 09:19:33 +0000
ROA not after: Wed 06 Nov 2024 09:24:33 +0000
asID: 400040
IP address blocks: 85.237.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:7d:3c:46:7b:0e:90:16:34:38:1b:d7:6f:93:c4:a0:1d:d9:eb:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:19:33 2023 GMT
Not After : Nov 6 09:24:33 2024 GMT
Subject: CN=82A27620EA717722BD2187BDD10136F51482BB10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b4:f9:4c:3f:60:c9:18:c2:31:21:7c:dc:7e:
e5:19:f6:8f:54:e9:dc:86:5b:2f:c2:61:da:b2:67:
92:6a:de:8a:fc:84:c7:b7:7a:40:0d:cf:6b:49:0b:
4e:83:25:a8:19:26:c5:17:0a:9a:de:7b:bf:41:3d:
58:d5:bd:63:61:8f:0b:77:bd:f8:9a:68:2b:b6:ee:
a1:ba:80:1d:c7:78:87:e3:b3:a5:6c:e4:ee:53:cb:
06:1a:d1:35:ec:7a:15:a3:d4:ef:3e:20:25:86:5e:
f5:83:9f:4b:b5:86:98:b8:c1:59:72:ea:5e:a4:20:
bb:ae:74:79:c9:13:06:df:7a:20:c9:e7:87:63:e0:
28:13:14:34:b9:77:04:ef:94:88:87:64:90:30:05:
e6:29:b3:09:37:6b:1f:d3:c7:ad:ed:a2:91:82:e0:
e2:fb:1f:1c:84:99:35:08:b8:1a:80:73:ab:8c:28:
0d:9a:1e:89:c0:26:5a:22:38:54:a3:8b:87:b4:4f:
b1:fa:4d:6d:03:4e:c6:64:c1:b4:3f:06:5a:ce:b0:
19:e1:9b:89:e6:a8:0a:d2:ae:bc:e2:e2:7a:73:3d:
96:ab:ff:96:8d:39:28:3e:dd:df:68:68:d6:34:0f:
6f:e5:71:7a:1b:11:1c:4c:a7:3a:09:58:8d:8f:7a:
57:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:A2:76:20:EA:71:77:22:BD:21:87:BD:D1:01:36:F5:14:82:BB:10
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139372e302f32342d3234203d3e20343030303430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.197.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:9f:45:c3:0f:5d:de:58:01:d7:3a:8f:6a:a0:fb:18:9d:df:
ee:9a:47:f9:5a:18:d4:fd:e2:20:68:fc:ed:f0:ca:fd:9e:2c:
48:ea:a6:c0:1b:98:ba:39:56:d9:a4:8c:b4:4c:c5:6e:ab:11:
69:c5:b8:cf:34:d8:8d:00:eb:e9:34:75:d3:d5:b2:9b:5d:97:
d6:12:17:01:8a:e2:a2:7d:2a:3d:68:d8:8a:34:6c:de:66:5e:
04:e0:c4:fb:8e:8b:9c:e2:71:32:3c:4d:14:8f:cf:e1:4e:b1:
29:43:15:60:06:6e:af:02:4b:94:d6:12:b2:8a:4a:32:90:98:
36:bb:0c:7f:05:4a:2a:bc:76:f9:7c:c1:34:94:51:c5:df:59:
3a:e6:40:6b:0a:b4:7a:ae:68:c3:49:b8:02:b2:a1:2c:f3:9e:
6a:f9:58:87:4f:4e:d4:72:2e:19:c7:1a:12:26:a7:25:75:2e:
96:8c:33:d1:2e:ab:d2:be:fc:6c:40:2a:68:55:4e:9a:47:a5:
b1:6d:a6:7f:f2:78:2d:c5:24:b9:f5:be:14:90:fb:dc:64:d8:
33:83:39:cd:1a:4d:8b:81:b3:47:df:2f:31:b2:63:f3:cc:87:
60:56:74:d8:9c:7f:dc:b6:ef:c0:7c:0a:b1:93:41:15:6e:42:
9e:fb:d4:ea
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUbH08RnsOkBY0OBvXb5PEoB3Z6w0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE5MzNaFw0yNDExMDYwOTI0MzNaMDMxMTAvBgNV
BAMTKDgyQTI3NjIwRUE3MTc3MjJCRDIxODdCREQxMDEzNkY1MTQ4MkJCMTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCotPlMP2DJGMIxIXzcfuUZ9o9U
6dyGWy/CYdqyZ5Jq3or8hMe3ekANz2tJC06DJagZJsUXCpree79BPVjVvWNhjwt3
vfiaaCu27qG6gB3HeIfjs6Vs5O5TywYa0TXsehWj1O8+ICWGXvWDn0u1hpi4wVly
6l6kILuudHnJEwbfeiDJ54dj4CgTFDS5dwTvlIiHZJAwBeYpswk3ax/Tx63topGC
4OL7HxyEmTUIuBqAc6uMKA2aHonAJloiOFSji4e0T7H6TW0DTsZkwbQ/BlrOsBnh
m4nmqArSrrzi4npzPZar/5aNOSg+3d9oaNY0D2/lcXobERxMpzoJWI2PeleLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUgqJ2IOpxdyK9IYe90QE29RSCuxAwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMTM5
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzAzMDM0MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7cUwDQYJKoZIhvcNAQELBQADggEBAE2fRcMPXd5YAdc6j2qg+xid3+6aR/la
GNT94iBo/O3wyv2eLEjqpsAbmLo5VtmkjLRMxW6rEWnFuM802I0A6+k0ddPVsptd
l9YSFwGK4qJ9Kj1o2Io0bN5mXgTgxPuOi5zicTI8TRSPz+FOsSlDFWAGbq8CS5TW
ErKKSjKQmDa7DH8FSiq8dvl8wTSUUcXfWTrmQGsKtHquaMNJuAKyoSzznmr5WIdP
TtRyLhnHGhImpyV1LpaMM9Euq9K+/GxAKmhVTppHpbFtpn/yeC3FJLn1vhSQ+9xk
2DODOc0aTYuBs0ffLzGyY/PMh2BWdNicf9y278B8CrGTQRVuQp771Oo=
-----END CERTIFICATE-----
Generated at Mon May 6 00:11:18 2024 by rpki-client on console-fra.rpki-client.org