Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230302e302f32342d3234203d3e20323131333733.roa
File: 38352e3233372e3230302e302f32342d3234203d3e20323131333733.roa (raw, json)
Hash identifier: 9ENKStq9sY7+oiXKzv5PkqW55AbyDulQ/gAEDZ1ppew=
Subject key identifier: 63:C2:DD:F5:97:B4:7A:FD:42:A5:F5:DB:FA:35:51:13:1D:7D:F5:D2
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 5BD4B4A6239BBE721264EFBFD8075A74355921B1
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230302e302f32342d3234203d3e20323131333733.roa
Signing time: Wed 08 Nov 2023 09:23:43 +0000
ROA not before: Wed 08 Nov 2023 09:18:43 +0000
ROA not after: Wed 06 Nov 2024 09:23:43 +0000
asID: 211373
IP address blocks: 85.237.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:d4:b4:a6:23:9b:be:72:12:64:ef:bf:d8:07:5a:74:35:59:21:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:18:43 2023 GMT
Not After : Nov 6 09:23:43 2024 GMT
Subject: CN=63C2DDF597B47AFD42A5F5DBFA3551131D7DF5D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0c:00:aa:66:bc:b5:f2:3a:eb:0c:f3:4e:ad:
7b:07:b6:a6:9e:68:af:8d:ba:5a:4d:04:5e:ac:01:
ec:6b:60:38:bf:3c:77:06:f7:51:93:4b:42:63:f4:
9c:02:19:f0:9d:56:ca:fb:6c:92:ea:29:3e:4e:40:
3c:dd:97:b9:fe:6c:ae:34:d3:42:6b:a6:b0:76:4b:
36:66:f5:e6:cb:0e:68:09:ef:c6:ce:d8:b3:46:35:
25:16:ac:d0:12:09:20:aa:0a:19:48:17:f3:4a:57:
1a:04:9b:83:34:e4:8f:c1:db:50:4b:bf:ff:11:71:
2e:dc:7d:55:0e:04:2d:dc:a9:70:37:c6:f3:36:ad:
0c:84:51:c2:ee:5f:ee:0f:e1:d0:c7:68:83:11:20:
eb:54:a4:4f:2c:03:05:95:c0:ba:8e:31:56:1e:36:
03:37:80:a8:17:ef:3d:ce:c3:8c:1d:c8:40:29:bd:
b1:98:03:94:b3:c9:5b:50:c9:14:de:b9:a9:4c:5a:
6c:10:27:af:14:25:a6:9c:23:78:e2:85:80:ea:35:
84:a7:51:60:ab:46:da:9c:a5:41:20:55:85:69:8c:
b8:13:45:d0:b8:4c:4c:b1:38:26:79:e3:bd:27:d3:
90:21:d5:b4:22:86:8a:95:bb:8a:2b:b1:1c:f6:fe:
6c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C2:DD:F5:97:B4:7A:FD:42:A5:F5:DB:FA:35:51:13:1D:7D:F5:D2
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230302e302f32342d3234203d3e20323131333733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.200.0/24
Signature Algorithm: sha256WithRSAEncryption
23:b1:eb:57:b2:9b:9d:f8:49:1e:e4:fa:30:c2:ee:b9:88:e8:
5e:fa:ce:bc:45:ca:91:80:c3:d3:fe:e2:5d:91:e0:2f:69:78:
d4:4a:47:27:6e:58:2a:11:8b:c6:d1:57:61:ca:89:5f:93:d7:
f4:01:14:75:1a:13:0c:eb:36:ea:46:c0:7c:1f:92:c0:30:37:
34:e0:45:43:9b:7d:eb:67:56:7b:6c:a3:04:10:41:ab:54:73:
57:67:4d:50:f6:d9:92:d1:6f:7d:63:0a:8a:cc:ed:73:50:f0:
d7:0e:78:c8:98:fa:45:98:b0:d4:82:29:86:7a:41:c4:2f:b0:
4b:5e:8d:1c:1c:82:42:6b:fa:d1:e5:5d:04:fa:3e:a7:ec:4e:
af:e0:af:79:32:59:48:6c:af:3f:ee:5c:ed:5e:89:80:84:e6:
67:50:70:74:63:ff:c9:2f:a1:4a:65:a1:b1:aa:51:52:8f:4d:
44:3b:b5:26:8c:d6:32:66:78:0a:61:6d:ee:a9:40:0c:f6:aa:
6b:4d:51:17:ec:7e:14:64:ca:d3:1e:0a:98:e8:bf:ad:ec:7a:
74:28:9a:71:27:76:24:e0:27:14:ff:7f:c9:70:fd:2d:d2:b0:
b8:cf:fb:8d:39:fa:24:85:c1:dd:72:ef:ef:4d:7c:60:8e:77:
01:63:0d:51
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUW9S0piObvnISZO+/2AdadDVZIbEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE4NDNaFw0yNDExMDYwOTIzNDNaMDMxMTAvBgNV
BAMTKDYzQzJEREY1OTdCNDdBRkQ0MkE1RjVEQkZBMzU1MTEzMUQ3REY1RDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrDACqZry18jrrDPNOrXsHtqae
aK+NulpNBF6sAexrYDi/PHcG91GTS0Jj9JwCGfCdVsr7bJLqKT5OQDzdl7n+bK40
00JrprB2SzZm9ebLDmgJ78bO2LNGNSUWrNASCSCqChlIF/NKVxoEm4M05I/B21BL
v/8RcS7cfVUOBC3cqXA3xvM2rQyEUcLuX+4P4dDHaIMRIOtUpE8sAwWVwLqOMVYe
NgM3gKgX7z3Ow4wdyEApvbGYA5SzyVtQyRTeualMWmwQJ68UJaacI3jihYDqNYSn
UWCrRtqcpUEgVYVpjLgTRdC4TEyxOCZ5470n05Ah1bQihoqVu4orsRz2/myJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUY8Ld9Ze0ev1CpfXb+jVREx199dIwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzEzMzM3MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7cgwDQYJKoZIhvcNAQELBQADggEBACOx61eym534SR7k+jDC7rmI6F76zrxF
ypGAw9P+4l2R4C9peNRKRyduWCoRi8bRV2HKiV+T1/QBFHUaEwzrNupGwHwfksAw
NzTgRUObfetnVntsowQQQatUc1dnTVD22ZLRb31jCorM7XNQ8NcOeMiY+kWYsNSC
KYZ6QcQvsEtejRwcgkJr+tHlXQT6PqfsTq/gr3kyWUhsrz/uXO1eiYCE5mdQcHRj
/8kvoUplobGqUVKPTUQ7tSaM1jJmeAphbe6pQAz2qmtNURfsfhRkytMeCpjov63s
enQomnEndiTgJxT/f8lw/S3SsLjP+405+iSFwd1y7+9NfGCOdwFjDVE=
-----END CERTIFICATE-----
Generated at Sat May 18 23:46:00 2024 by rpki-client on console-ams.rpki-client.org