Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139392e302f32342d3234203d3e20323030303838.roa
File: 38352e3233372e3139392e302f32342d3234203d3e20323030303838.roa (raw, json)
Hash identifier: sp4RZ4cB2oBehK6xv/yDdKrR8QQhBTqMCw1jsvVMEIk=
Subject key identifier: 55:17:01:B3:0C:E3:6F:60:6B:6F:66:5B:94:12:78:DC:82:80:E7:F3
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 698D73E169E31AC3D6BA204563E089834186C45F
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139392e302f32342d3234203d3e20323030303838.roa
Signing time: Wed 09 Oct 2024 09:43:23 +0000
ROA not before: Wed 09 Oct 2024 09:38:23 +0000
ROA not after: Wed 08 Oct 2025 09:43:23 +0000
asID: 200088
IP address blocks: 85.237.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:8d:73:e1:69:e3:1a:c3:d6:ba:20:45:63:e0:89:83:41:86:c4:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:23 2024 GMT
Not After : Oct 8 09:43:23 2025 GMT
Subject: CN=551701B30CE36F606B6F665B941278DC8280E7F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7d:c1:fc:a2:bd:af:ee:79:7c:71:28:3f:d6:
2a:e7:f2:98:d0:35:d4:07:37:24:1d:90:97:6e:f4:
58:5f:94:f2:3b:77:91:9d:0d:92:4a:39:cb:06:bf:
f5:e8:b0:03:0a:83:46:3d:73:3e:27:e7:2d:85:d3:
2e:86:0a:c0:75:02:d3:c4:b5:fd:a8:e2:f2:4e:7a:
0e:65:e4:13:32:8d:de:de:4a:d4:47:bd:c8:13:29:
5a:9b:a7:a1:16:db:c1:4d:0c:cc:b2:28:0a:75:07:
4f:1b:80:29:57:d3:e7:a6:f1:9f:a5:0b:49:f0:16:
7c:98:79:61:d3:b6:f1:c5:8d:ca:dd:da:3f:37:82:
07:0d:10:0e:af:74:e7:66:72:e5:7f:7e:b7:b0:a0:
0b:15:2d:59:99:5a:11:51:e9:3a:44:28:6e:e7:99:
2d:4d:e9:39:88:8d:1b:0a:75:1b:8b:a0:90:59:a5:
13:95:2d:84:38:1b:2e:6b:70:8a:05:ee:48:1a:2a:
9c:ca:89:4e:a6:63:63:e8:fb:04:6d:89:ad:37:c9:
71:81:3a:b4:cb:4c:b5:7c:06:26:32:f5:11:89:fd:
3d:50:35:aa:f7:de:d6:53:c8:e3:d0:a9:bf:bc:e4:
00:b3:b9:fe:d4:22:f8:f0:0c:47:e0:94:1f:f1:ef:
3a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:17:01:B3:0C:E3:6F:60:6B:6F:66:5B:94:12:78:DC:82:80:E7:F3
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139392e302f32342d3234203d3e20323030303838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.199.0/24
Signature Algorithm: sha256WithRSAEncryption
29:e9:cd:79:eb:a2:f9:28:50:62:12:c1:d8:54:d2:89:c0:f2:
f7:4a:01:f9:8d:9d:74:5e:4c:da:87:bb:be:2c:16:88:bc:10:
8e:6a:d9:2a:ac:36:d9:02:cd:f6:a9:b0:8f:d7:ba:a8:08:cd:
7d:c2:bd:51:6e:06:df:73:64:5c:34:6b:a8:81:1f:db:7a:a2:
5e:08:ac:ea:58:c1:c1:c6:01:dc:09:39:fe:92:55:9f:50:b0:
28:c7:6d:2d:a4:5a:8b:dc:36:60:a0:9c:ac:74:b0:b1:76:ff:
f7:dd:ee:5f:43:8b:26:58:fa:6d:f7:f7:bf:65:e9:82:aa:ec:
b3:79:dc:29:02:0f:48:3d:0c:f7:28:ab:7a:c9:ed:fa:b9:cc:
db:1b:12:a4:89:da:1c:f4:a8:62:f6:44:8d:02:3f:71:39:0d:
92:2c:81:56:77:f7:3f:9b:54:bc:6b:0b:8e:fc:8e:db:d4:dd:
a0:40:88:c6:fb:65:c3:f3:7c:78:2d:2d:57:d1:12:71:cb:70:
15:5a:48:4d:df:45:b4:db:11:b7:00:f4:63:8c:5b:6d:2f:3c:
1f:73:e8:79:71:d3:9e:08:93:a0:05:14:30:f2:cd:91:d6:c4:
97:14:af:dd:c8:2b:2e:78:8c:ba:8f:d9:fa:fc:c7:ce:cf:2f:
2e:17:3b:73
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUaY1z4WnjGsPWuiBFY+CJg0GGxF8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjNaFw0yNTEwMDgwOTQzMjNaMDMxMTAvBgNV
BAMTKDU1MTcwMUIzMENFMzZGNjA2QjZGNjY1Qjk0MTI3OERDODI4MEU3RjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPfcH8or2v7nl8cSg/1irn8pjQ
NdQHNyQdkJdu9FhflPI7d5GdDZJKOcsGv/XosAMKg0Y9cz4n5y2F0y6GCsB1AtPE
tf2o4vJOeg5l5BMyjd7eStRHvcgTKVqbp6EW28FNDMyyKAp1B08bgClX0+em8Z+l
C0nwFnyYeWHTtvHFjcrd2j83ggcNEA6vdOdmcuV/frewoAsVLVmZWhFR6TpEKG7n
mS1N6TmIjRsKdRuLoJBZpROVLYQ4Gy5rcIoF7kgaKpzKiU6mY2Po+wRtia03yXGB
OrTLTLV8BiYy9RGJ/T1QNar33tZTyOPQqb+85ACzuf7UIvjwDEfglB/x7zqBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUVRcBswzjb2Brb2ZblBJ43IKA5/MwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMTM5
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzAzMDM4Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7ccwDQYJKoZIhvcNAQELBQADggEBACnpzXnrovkoUGISwdhU0onA8vdKAfmN
nXReTNqHu74sFoi8EI5q2SqsNtkCzfapsI/XuqgIzX3CvVFuBt9zZFw0a6iBH9t6
ol4IrOpYwcHGAdwJOf6SVZ9QsCjHbS2kWovcNmCgnKx0sLF2//fd7l9DiyZY+m33
979l6YKq7LN53CkCD0g9DPcoq3rJ7fq5zNsbEqSJ2hz0qGL2RI0CP3E5DZIsgVZ3
9z+bVLxrC478jtvU3aBAiMb7ZcPzfHgtLVfREnHLcBVaSE3fRbTbEbcA9GOMW20v
PB9z6Hlx054Ik6AFFDDyzZHWxJcUr93IKy54jLqP2fr8x87PLy4XO3M=
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:14:20 2024 by rpki-client on console-ams.rpki-client.org