Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230302e302f32342d3234203d3e20323131333733.roa
File: 38352e3233372e3230302e302f32342d3234203d3e20323131333733.roa (raw, json)
Hash identifier: djeEOPEddIDyJ08YRb/Z1biYVm0ASBMq+Lp0+yVV4A8=
Subject key identifier: 67:20:DB:CA:76:C8:3B:BF:FA:E8:3F:A7:0A:54:BC:8A:B9:B0:5F:B7
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 6C0637BDBA520A80A45509A8D3F338D37B73A180
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230302e302f32342d3234203d3e20323131333733.roa
Signing time: Wed 09 Oct 2024 09:43:22 +0000
ROA not before: Wed 09 Oct 2024 09:38:22 +0000
ROA not after: Wed 08 Oct 2025 09:43:22 +0000
asID: 211373
IP address blocks: 85.237.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:06:37:bd:ba:52:0a:80:a4:55:09:a8:d3:f3:38:d3:7b:73:a1:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:22 2024 GMT
Not After : Oct 8 09:43:22 2025 GMT
Subject: CN=6720DBCA76C83BBFFAE83FA70A54BC8AB9B05FB7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:14:5d:26:70:d3:70:d5:30:64:18:56:04:b1:
3c:79:52:88:d3:cd:83:2f:0e:67:7f:55:8e:3b:9d:
d4:21:08:95:14:6a:3d:19:6c:b5:6c:8f:7f:7b:8a:
71:6c:06:bc:9c:11:ec:f4:b5:9b:1e:3b:d5:07:e5:
3b:57:76:2f:c8:21:8c:ed:db:58:5b:ba:bf:0e:67:
02:bf:e5:98:ca:f7:cf:10:0e:27:36:ee:fc:24:cb:
5d:f1:1b:f9:60:43:86:7d:9a:b8:db:d7:19:c5:91:
56:92:54:26:59:99:7c:41:b4:b5:7a:a7:cf:96:ea:
01:dc:c2:23:5a:22:55:98:b4:40:bb:a0:8e:29:8c:
c2:d8:38:5f:d8:70:71:70:72:4f:d9:34:36:0a:b2:
f2:00:5c:74:92:ba:fe:03:58:21:f8:68:03:60:89:
ca:43:8d:b4:9f:a1:4c:4c:51:a5:24:c2:11:03:59:
27:be:89:90:0c:64:25:4a:bb:c0:ce:fb:78:4a:e0:
59:35:e5:e2:86:49:98:6b:aa:a7:e9:8d:a1:16:f4:
d2:f7:b7:0f:80:fd:b7:cd:dc:56:30:89:f9:4b:98:
cd:cf:a4:58:c9:90:c4:84:26:45:64:52:7c:a3:fe:
aa:79:d2:be:bb:79:d9:4c:21:e9:20:42:4f:e6:d0:
09:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:20:DB:CA:76:C8:3B:BF:FA:E8:3F:A7:0A:54:BC:8A:B9:B0:5F:B7
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230302e302f32342d3234203d3e20323131333733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.200.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:8d:bd:d1:3a:93:25:59:a5:3d:41:ca:4a:8f:f9:ae:2e:69:
0d:43:ab:35:43:0a:b0:bc:b1:ab:8e:49:8f:da:b5:db:76:34:
db:f4:0d:94:1a:01:6c:39:9c:e5:8b:d4:4f:ab:55:91:96:9d:
a4:61:57:77:28:fb:65:94:42:d1:f2:08:cd:e5:a9:f2:ad:e2:
69:7e:6a:eb:13:8d:1f:5e:99:2d:87:1e:cf:fe:b0:b3:5d:9d:
28:bf:ba:98:12:b6:4f:41:d4:9f:b8:fd:ed:e7:a0:4b:15:c6:
53:53:1e:51:a9:6b:84:33:e8:5f:4c:be:e5:b9:af:ca:01:68:
b6:10:6a:88:4c:ab:08:c4:9a:67:28:3a:03:f1:02:74:98:4f:
a7:fb:93:28:4f:10:ab:10:d1:d9:d2:c4:6d:c2:ec:72:65:14:
1e:e7:4b:af:3f:a9:1a:e0:c4:55:24:ec:ed:6f:78:f3:09:65:
4b:e0:8e:3e:4c:8a:5e:c7:20:80:10:b7:50:10:b1:78:d1:f4:
46:cd:9a:80:12:67:0c:38:30:a2:95:19:d9:bc:cb:49:7b:d4:
aa:9e:15:87:54:bc:22:c0:b0:97:28:ed:f3:86:93:80:d1:53:
8f:18:a6:47:a7:0a:3a:df:8e:82:96:d6:f9:38:f9:9c:bc:6d:
af:26:ed:b0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUbAY3vbpSCoCkVQmo0/M403tzoYAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjJaFw0yNTEwMDgwOTQzMjJaMDMxMTAvBgNV
BAMTKDY3MjBEQkNBNzZDODNCQkZGQUU4M0ZBNzBBNTRCQzhBQjlCMDVGQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNFF0mcNNw1TBkGFYEsTx5UojT
zYMvDmd/VY47ndQhCJUUaj0ZbLVsj397inFsBrycEez0tZseO9UH5TtXdi/IIYzt
21hbur8OZwK/5ZjK988QDic27vwky13xG/lgQ4Z9mrjb1xnFkVaSVCZZmXxBtLV6
p8+W6gHcwiNaIlWYtEC7oI4pjMLYOF/YcHFwck/ZNDYKsvIAXHSSuv4DWCH4aANg
icpDjbSfoUxMUaUkwhEDWSe+iZAMZCVKu8DO+3hK4Fk15eKGSZhrqqfpjaEW9NL3
tw+A/bfN3FYwiflLmM3PpFjJkMSEJkVkUnyj/qp50r67edlMIekgQk/m0AkxAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUZyDbynbIO7/66D+nClS8irmwX7cwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzEzMzM3MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7cgwDQYJKoZIhvcNAQELBQADggEBAD+NvdE6kyVZpT1BykqP+a4uaQ1DqzVD
CrC8sauOSY/atdt2NNv0DZQaAWw5nOWL1E+rVZGWnaRhV3co+2WUQtHyCM3lqfKt
4ml+ausTjR9emS2HHs/+sLNdnSi/upgStk9B1J+4/e3noEsVxlNTHlGpa4Qz6F9M
vuW5r8oBaLYQaohMqwjEmmcoOgPxAnSYT6f7kyhPEKsQ0dnSxG3C7HJlFB7nS68/
qRrgxFUk7O1vePMJZUvgjj5Mil7HIIAQt1AQsXjR9EbNmoASZww4MKKVGdm8y0l7
1KqeFYdUvCLAsJco7fOGk4DRU48YpkenCjrfjoKW1vk4+Zy8ba8m7bA=
-----END CERTIFICATE-----
Generated at Mon Nov 25 06:09:05 2024 by rpki-client on console-fra.rpki-client.org