Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139372e302f32342d3234203d3e20343030303430.roa
File: 38352e3233372e3139372e302f32342d3234203d3e20343030303430.roa (raw, json)
Hash identifier: SN7jxAzlJTjbABRWy6156p1i2av62R6Uz8WccE7csbA=
Subject key identifier: E3:D6:56:79:43:17:47:30:2B:06:AF:F5:AC:47:2E:F5:68:51:58:DC
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 20C920D28142231CEB550E2426A9F170BC8B9333
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139372e302f32342d3234203d3e20343030303430.roa
Signing time: Wed 09 Oct 2024 09:43:22 +0000
ROA not before: Wed 09 Oct 2024 09:38:22 +0000
ROA not after: Wed 08 Oct 2025 09:43:22 +0000
asID: 400040
IP address blocks: 85.237.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:c9:20:d2:81:42:23:1c:eb:55:0e:24:26:a9:f1:70:bc:8b:93:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:22 2024 GMT
Not After : Oct 8 09:43:22 2025 GMT
Subject: CN=E3D65679431747302B06AFF5AC472EF5685158DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0e:7e:f4:bd:c5:08:76:4c:1f:5c:38:30:0c:
af:d0:b9:1d:a6:fe:f5:4d:b6:b1:cf:9b:0d:bf:9f:
45:34:e8:69:5a:d5:34:a7:d5:da:2e:3a:1f:01:61:
a9:bf:cf:19:64:0f:51:8e:e7:65:15:70:d1:05:15:
97:fd:56:0c:be:8b:f4:4f:5f:fd:fc:de:90:4d:23:
28:e3:3d:af:3a:77:4f:43:8b:55:cf:5c:9d:e9:43:
1e:4b:3c:05:87:ba:0e:c5:ec:63:20:9c:5e:57:de:
ec:17:d1:9b:38:d2:4b:66:4f:2b:83:b7:34:ed:75:
a5:57:69:5e:53:1e:1e:80:eb:a0:7f:b7:ad:60:d3:
09:35:68:55:ab:61:7f:8f:54:fc:49:83:4f:9c:2b:
f5:2c:94:d5:9e:16:eb:ea:ed:f1:e2:20:23:fe:ce:
67:75:4c:01:2e:8a:1f:61:49:31:ed:71:c7:4f:91:
3b:6e:3b:0b:be:4d:18:ca:64:23:83:d3:7c:3a:0a:
06:8a:08:d5:eb:72:a3:74:6b:13:b6:f0:f4:51:ea:
64:f9:64:44:2a:58:74:b9:fa:1d:21:9e:f6:6b:cb:
b2:f8:d1:da:b1:5b:38:4b:c5:f0:1a:26:7a:5a:d7:
74:ef:e4:a5:8d:25:87:5b:01:8c:35:e1:f5:7e:9b:
24:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:D6:56:79:43:17:47:30:2B:06:AF:F5:AC:47:2E:F5:68:51:58:DC
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139372e302f32342d3234203d3e20343030303430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.197.0/24
Signature Algorithm: sha256WithRSAEncryption
77:41:bc:3a:0b:6c:0d:64:88:1d:a5:28:00:6c:a2:83:7b:3a:
de:5f:96:25:b2:a5:28:1c:42:a8:87:a5:4b:4a:e7:1f:a5:77:
8b:85:0a:0c:7d:63:6d:23:40:43:f2:5d:4d:f8:8a:d5:47:1a:
37:c5:5e:01:2d:22:aa:0f:31:5e:07:67:d6:75:a2:57:69:7b:
a7:c5:fa:9f:d8:29:39:e3:ef:7e:da:f8:0a:83:a3:fd:d0:d1:
91:0f:e1:24:fe:66:e6:a4:c1:2e:7e:56:05:04:f8:c0:72:80:
3e:a0:f5:7b:2d:5b:a3:c6:c3:65:5a:1c:c5:a4:3d:2d:d8:1e:
c9:08:fd:0b:55:f8:e7:c5:b1:5f:a4:34:0e:ad:0f:8d:30:47:
8d:f4:ba:73:ee:3a:51:b3:3a:36:2b:84:4b:18:c2:ce:a9:db:
d7:bd:de:59:83:20:f4:5f:99:35:8c:14:df:73:d8:f6:c7:cc:
75:26:c3:b2:28:4c:dc:95:42:9f:c4:32:bd:99:66:8f:67:42:
ab:ef:01:b7:a2:b9:23:9a:be:f3:b6:66:ce:ec:84:9a:df:3c:
d8:99:1a:1b:d8:2c:83:0f:c9:44:65:6e:68:cb:d2:ae:6c:f0:
7a:07:3e:a6:4a:03:47:68:80:65:55:94:21:ed:fb:a1:7f:32:
c1:85:46:70
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIMkg0oFCIxzrVQ4kJqnxcLyLkzMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjJaFw0yNTEwMDgwOTQzMjJaMDMxMTAvBgNV
BAMTKEUzRDY1Njc5NDMxNzQ3MzAyQjA2QUZGNUFDNDcyRUY1Njg1MTU4REMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuDn70vcUIdkwfXDgwDK/QuR2m
/vVNtrHPmw2/n0U06Gla1TSn1douOh8BYam/zxlkD1GO52UVcNEFFZf9Vgy+i/RP
X/383pBNIyjjPa86d09Di1XPXJ3pQx5LPAWHug7F7GMgnF5X3uwX0Zs40ktmTyuD
tzTtdaVXaV5THh6A66B/t61g0wk1aFWrYX+PVPxJg0+cK/UslNWeFuvq7fHiICP+
zmd1TAEuih9hSTHtccdPkTtuOwu+TRjKZCOD03w6CgaKCNXrcqN0axO28PRR6mT5
ZEQqWHS5+h0hnvZry7L40dqxWzhLxfAaJnpa13Tv5KWNJYdbAYw14fV+mySDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU49ZWeUMXRzArBq/1rEcu9WhRWNwwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMTM5
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzAzMDM0MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7cUwDQYJKoZIhvcNAQELBQADggEBAHdBvDoLbA1kiB2lKABsooN7Ot5fliWy
pSgcQqiHpUtK5x+ld4uFCgx9Y20jQEPyXU34itVHGjfFXgEtIqoPMV4HZ9Z1oldp
e6fF+p/YKTnj737a+AqDo/3Q0ZEP4ST+ZuakwS5+VgUE+MBygD6g9XstW6PGw2Va
HMWkPS3YHskI/QtV+OfFsV+kNA6tD40wR430unPuOlGzOjYrhEsYws6p29e93lmD
IPRfmTWMFN9z2PbHzHUmw7IoTNyVQp/EMr2ZZo9nQqvvAbeiuSOavvO2Zs7shJrf
PNiZGhvYLIMPyURlbmjL0q5s8HoHPqZKA0dogGVVlCHt+6F/MsGFRnA=
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org