Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139382e302f32342d3234203d3e20323030303838.roa
File: 38352e3233372e3139382e302f32342d3234203d3e20323030303838.roa (raw, json)
Hash identifier: FzLNmNTngm2W9dunqx0JBg90IGbgjUVK0kylWbH4hC8=
Subject key identifier: 95:28:6E:99:76:5D:B1:67:42:A4:71:E3:49:DF:59:6C:0D:8E:1D:AD
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 215AB2FBF26415001464D3588F0553AD8D04C84C
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139382e302f32342d3234203d3e20323030303838.roa
Signing time: Wed 08 Nov 2023 09:23:05 +0000
ROA not before: Wed 08 Nov 2023 09:18:05 +0000
ROA not after: Wed 06 Nov 2024 09:23:05 +0000
asID: 200088
IP address blocks: 85.237.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:5a:b2:fb:f2:64:15:00:14:64:d3:58:8f:05:53:ad:8d:04:c8:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:18:05 2023 GMT
Not After : Nov 6 09:23:05 2024 GMT
Subject: CN=95286E99765DB16742A471E349DF596C0D8E1DAD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:78:80:ad:46:a1:92:ab:3c:77:43:e2:a8:7f:
48:ac:fa:f4:00:2b:10:6a:ee:f8:06:2b:4c:dc:f7:
22:f0:dc:8c:07:3b:95:66:46:15:75:df:49:05:36:
59:01:26:b0:1a:81:2e:b6:9b:90:8c:bb:17:4b:7f:
0e:76:ef:63:1e:e7:c8:40:67:ae:0d:c0:57:72:29:
d0:3c:dd:31:aa:e7:33:d3:24:a5:05:14:5c:ec:c0:
5d:a1:4c:67:ed:04:61:76:b2:1f:bf:cb:02:5d:6f:
a6:af:9e:80:de:18:2f:0b:ab:4d:99:29:44:b3:41:
95:db:61:a1:1a:3c:8b:da:25:f2:39:50:40:d8:02:
6c:85:2b:f5:45:9c:e3:6a:c6:73:e0:ed:d1:ed:06:
ed:73:ab:92:76:4a:18:3a:0d:1f:99:5a:e5:12:01:
4f:4a:89:ca:7f:ef:bb:7a:a7:3b:21:dc:f1:63:d4:
61:8e:f1:19:72:d6:32:67:9d:83:49:db:cb:88:b4:
c8:a1:76:1b:a7:e6:71:6f:02:16:43:dc:96:90:6f:
53:bd:2d:59:4c:73:66:f3:77:d6:42:75:73:0c:23:
ed:2e:b1:4a:56:a4:57:46:ba:63:79:48:10:16:d3:
12:21:ec:e0:2b:fa:89:e1:49:cd:8a:df:68:98:51:
1c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:28:6E:99:76:5D:B1:67:42:A4:71:E3:49:DF:59:6C:0D:8E:1D:AD
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139382e302f32342d3234203d3e20323030303838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.198.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:5d:b2:74:ba:a1:30:5c:d8:a7:e7:ca:5b:9e:54:16:71:a1:
9d:44:7b:16:a7:ee:9c:cf:36:19:82:00:ac:d0:bb:a5:5a:88:
b9:b0:ad:87:99:0a:5f:7e:4e:56:e5:60:49:dc:ff:1a:60:6a:
13:ab:df:5c:b6:20:f2:fd:d7:69:be:71:be:b9:11:ef:8a:6b:
bf:77:2f:45:7c:40:e0:06:3d:46:a4:ca:ab:52:3d:84:bb:eb:
db:e7:0a:d0:1f:bc:de:eb:3a:dc:62:cf:ee:9b:31:e8:15:85:
d3:f5:ad:77:2c:93:c0:fd:0a:89:6a:96:c7:f6:9e:30:8a:32:
63:12:66:27:c1:33:68:b7:18:af:05:eb:08:f0:7d:cd:87:6d:
7f:17:c7:42:90:4b:06:12:9f:86:de:cc:40:1d:f1:31:97:4d:
78:27:d7:2f:74:50:05:76:4b:26:6d:ce:33:eb:17:cf:4e:25:
09:0c:94:38:fb:c6:a4:14:b7:bf:a8:a1:c5:da:01:95:61:d7:
5a:d9:e7:6f:24:88:19:fe:5c:8f:6a:be:05:d7:dd:6d:81:ea:
d4:0a:4a:d6:14:f9:9b:58:3c:a5:5e:8f:15:1b:6f:12:11:59:
27:bc:76:f2:fe:bc:1a:f8:1c:5e:8e:20:8c:48:22:42:86:24:
fb:06:6a:f1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIVqy+/JkFQAUZNNYjwVTrY0EyEwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE4MDVaFw0yNDExMDYwOTIzMDVaMDMxMTAvBgNV
BAMTKDk1Mjg2RTk5NzY1REIxNjc0MkE0NzFFMzQ5REY1OTZDMEQ4RTFEQUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6eICtRqGSqzx3Q+Kof0is+vQA
KxBq7vgGK0zc9yLw3IwHO5VmRhV130kFNlkBJrAagS62m5CMuxdLfw5272Me58hA
Z64NwFdyKdA83TGq5zPTJKUFFFzswF2hTGftBGF2sh+/ywJdb6avnoDeGC8Lq02Z
KUSzQZXbYaEaPIvaJfI5UEDYAmyFK/VFnONqxnPg7dHtBu1zq5J2Shg6DR+ZWuUS
AU9Kicp/77t6pzsh3PFj1GGO8Rly1jJnnYNJ28uItMihdhun5nFvAhZD3JaQb1O9
LVlMc2bzd9ZCdXMMI+0usUpWpFdGumN5SBAW0xIh7OAr+onhSc2K32iYURxVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUlShumXZdsWdCpHHjSd9ZbA2OHa0wHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMTM5
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzAzMDM4Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7cYwDQYJKoZIhvcNAQELBQADggEBAA9dsnS6oTBc2KfnylueVBZxoZ1Eexan
7pzPNhmCAKzQu6VaiLmwrYeZCl9+TlblYEnc/xpgahOr31y2IPL912m+cb65Ee+K
a793L0V8QOAGPUakyqtSPYS769vnCtAfvN7rOtxiz+6bMegVhdP1rXcsk8D9Colq
lsf2njCKMmMSZifBM2i3GK8F6wjwfc2HbX8Xx0KQSwYSn4bezEAd8TGXTXgn1y90
UAV2SyZtzjPrF89OJQkMlDj7xqQUt7+oocXaAZVh11rZ528kiBn+XI9qvgXX3W2B
6tQKStYU+ZtYPKVejxUbbxIRWSe8dvL+vBr4HF6OIIxIIkKGJPsGavE=
-----END CERTIFICATE-----
Generated at Fri May 31 21:33:36 2024 by rpki-client on console-fra.rpki-client.org