Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139392e302f32342d3234203d3e20323030303838.roa
File: 38352e3233372e3139392e302f32342d3234203d3e20323030303838.roa (raw, json)
Hash identifier: 1t+8JpGNbuSAXKXsrnbZgRfYgBW6qy1ZoS4z7KA4jmw=
Subject key identifier: 46:62:48:2C:C5:8C:2A:1E:C1:B5:C0:B7:93:E0:8B:FE:11:28:36:85
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 2E3C8E39B423B84DD3201578B9E7DD274E657EB7
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139392e302f32342d3234203d3e20323030303838.roa
Signing time: Wed 08 Nov 2023 09:23:10 +0000
ROA not before: Wed 08 Nov 2023 09:18:10 +0000
ROA not after: Wed 06 Nov 2024 09:23:10 +0000
asID: 200088
IP address blocks: 85.237.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:3c:8e:39:b4:23:b8:4d:d3:20:15:78:b9:e7:dd:27:4e:65:7e:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:18:10 2023 GMT
Not After : Nov 6 09:23:10 2024 GMT
Subject: CN=4662482CC58C2A1EC1B5C0B793E08BFE11283685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9a:52:4d:e5:28:e0:7a:b4:62:69:03:10:65:
e8:8c:ee:bf:ce:2e:d0:d6:44:4e:41:07:e4:01:44:
4c:37:f9:63:9d:50:67:a9:4a:e2:ba:79:71:74:43:
83:61:e8:d9:d1:e8:8e:11:ca:f0:b0:4d:97:3d:03:
c6:31:9b:2f:95:a6:a8:a9:e7:27:55:ba:f3:52:71:
28:25:ce:d6:12:9f:ab:59:d2:9e:40:57:3d:81:58:
28:5d:63:61:20:b7:3a:b0:f4:77:3f:d7:b8:8c:b9:
b4:2f:5f:f9:11:58:e3:78:1e:73:e7:49:1f:19:d6:
a6:e9:dc:cc:ec:aa:72:36:5b:45:91:c7:9c:5c:5a:
aa:22:6d:1b:f8:83:c2:94:07:d6:68:c3:d6:b0:e1:
72:9a:23:c9:64:01:9a:6a:73:7d:bf:71:24:d4:e7:
32:70:c3:ec:cc:e2:16:0d:3f:f9:d7:f8:85:3b:c0:
a6:66:86:db:6a:d2:d3:9d:23:45:bb:6d:9c:7d:57:
1c:79:a8:83:ed:96:61:2f:91:7d:8b:b9:54:d5:17:
43:36:37:24:86:1e:47:22:52:11:ad:79:6b:d8:f2:
7e:a1:57:f7:af:23:cf:8a:27:e4:2f:7a:18:d5:5e:
56:7c:14:e0:0a:dd:52:56:09:9c:37:50:aa:25:f0:
1b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:62:48:2C:C5:8C:2A:1E:C1:B5:C0:B7:93:E0:8B:FE:11:28:36:85
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139392e302f32342d3234203d3e20323030303838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.199.0/24
Signature Algorithm: sha256WithRSAEncryption
54:56:6c:11:c2:27:2b:49:f3:1f:46:fc:53:e3:96:48:d3:f1:
36:35:69:e1:95:8c:50:34:73:81:86:f5:97:e1:a7:20:60:5f:
5a:b7:a6:18:cf:2c:58:a6:92:12:ac:b9:e4:86:cf:7c:74:d6:
c9:e8:ec:74:e8:04:c4:9d:79:0f:1e:b8:88:78:64:0a:c3:4e:
ba:d4:0b:e7:c6:eb:d1:ef:d3:93:9f:9a:f5:04:96:46:22:4c:
5d:96:75:44:1d:1b:6b:98:40:91:a8:b8:2e:fb:2d:9b:2f:fa:
0f:8c:37:3e:83:1a:9a:42:d4:85:0b:55:8d:cc:83:58:6f:52:
88:45:ae:ae:fd:3f:09:ce:f8:4e:1f:25:1f:85:e1:ca:82:8c:
c3:5f:27:05:75:3d:01:0f:da:3e:cc:37:cf:63:00:02:65:03:
a0:87:a5:ea:f5:f4:6a:fe:11:6d:35:8a:d2:ca:2f:64:6a:70:
fd:d0:d3:fa:3b:44:6c:81:e1:f9:9a:cd:d5:70:cb:c4:11:ca:
7c:db:34:23:5a:dc:7c:66:ff:00:e3:4d:8d:d2:7c:1a:fc:e2:
ee:eb:82:2b:df:89:1a:f7:af:2a:4e:9e:a2:a7:02:2b:3b:64:
d7:52:f0:83:b4:20:4c:1f:dc:eb:52:c6:55:2c:e8:9a:6e:c1:
b0:99:83:35
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULjyOObQjuE3TIBV4uefdJ05lfrcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE4MTBaFw0yNDExMDYwOTIzMTBaMDMxMTAvBgNV
BAMTKDQ2NjI0ODJDQzU4QzJBMUVDMUI1QzBCNzkzRTA4QkZFMTEyODM2ODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChmlJN5SjgerRiaQMQZeiM7r/O
LtDWRE5BB+QBREw3+WOdUGepSuK6eXF0Q4Nh6NnR6I4RyvCwTZc9A8Yxmy+Vpqip
5ydVuvNScSglztYSn6tZ0p5AVz2BWChdY2Egtzqw9Hc/17iMubQvX/kRWON4HnPn
SR8Z1qbp3MzsqnI2W0WRx5xcWqoibRv4g8KUB9Zow9aw4XKaI8lkAZpqc32/cSTU
5zJww+zM4hYNP/nX+IU7wKZmhttq0tOdI0W7bZx9Vxx5qIPtlmEvkX2LuVTVF0M2
NySGHkciUhGteWvY8n6hV/evI8+KJ+QvehjVXlZ8FOAK3VJWCZw3UKol8BtXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQURmJILMWMKh7BtcC3k+CL/hEoNoUwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMTM5
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzAzMDM4Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7ccwDQYJKoZIhvcNAQELBQADggEBAFRWbBHCJytJ8x9G/FPjlkjT8TY1aeGV
jFA0c4GG9ZfhpyBgX1q3phjPLFimkhKsueSGz3x01sno7HToBMSdeQ8euIh4ZArD
TrrUC+fG69Hv05OfmvUElkYiTF2WdUQdG2uYQJGouC77LZsv+g+MNz6DGppC1IUL
VY3Mg1hvUohFrq79PwnO+E4fJR+F4cqCjMNfJwV1PQEP2j7MN89jAAJlA6CHper1
9Gr+EW01itLKL2RqcP3Q0/o7RGyB4fmazdVwy8QRynzbNCNa3Hxm/wDjTY3SfBr8
4u7rgivfiRr3rypOnqKnAis7ZNdS8IO0IEwf3OtSxlUs6JpuwbCZgzU=
-----END CERTIFICATE-----
Generated at Fri May 31 21:33:36 2024 by rpki-client on console-fra.rpki-client.org