Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230312e302f32342d3234203d3e20313335333931.roa
File: 38352e3233372e3230312e302f32342d3234203d3e20313335333931.roa (raw, json)
Hash identifier: pR73SLc+Kv1WiN+ZLDgqXwGhwy7GrGvvcXYErxA7SZs=
Subject key identifier: CA:5C:80:66:AC:3B:B1:31:93:5B:2D:92:C6:E5:95:33:2C:F5:7F:7C
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 10E4FAD1FE2DB8220AC950B2053008C286EE096A
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230312e302f32342d3234203d3e20313335333931.roa
Signing time: Wed 26 Jun 2024 06:53:14 +0000
ROA not before: Wed 26 Jun 2024 06:48:14 +0000
ROA not after: Wed 25 Jun 2025 06:53:14 +0000
asID: 135391
IP address blocks: 85.237.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:e4:fa:d1:fe:2d:b8:22:0a:c9:50:b2:05:30:08:c2:86:ee:09:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Jun 26 06:48:14 2024 GMT
Not After : Jun 25 06:53:14 2025 GMT
Subject: CN=CA5C8066AC3BB131935B2D92C6E595332CF57F7C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a4:81:ad:a7:c9:94:d1:cf:6b:ac:ee:1d:e9:
e9:5a:91:ed:5f:ce:50:a4:07:5e:31:e6:c6:98:19:
a6:d5:f2:a5:4c:4b:3e:4d:64:95:b0:57:ef:00:65:
b1:da:14:19:48:6f:01:15:51:9b:e4:f0:2c:1c:1d:
32:0d:d4:bf:46:d0:d0:73:ef:ce:8f:1e:f6:a3:87:
d9:96:bf:a0:59:48:2f:42:0a:ef:a5:e4:74:28:75:
e8:57:d3:c6:fd:bd:6c:64:f4:d5:70:da:2f:24:09:
bc:06:8e:80:49:60:e5:8e:d8:70:05:94:ff:cd:ac:
d1:37:54:b1:d3:6b:68:1c:57:48:a5:3a:9d:94:51:
b9:9e:3e:24:37:7e:7f:28:70:27:67:fb:df:31:62:
c6:e8:6c:d0:3b:75:c4:97:6d:9e:a0:70:ad:ba:71:
7c:12:cf:22:af:ec:ba:21:ef:f7:25:5c:a5:50:77:
22:26:fa:b4:15:cb:07:56:1f:be:f6:c8:d9:f7:53:
c6:2b:a2:5c:90:e4:6c:96:54:e5:cf:0f:1b:17:51:
aa:62:01:4a:b9:33:27:3a:ae:d1:a3:a9:99:f2:65:
07:07:34:13:41:55:e9:99:a9:22:ee:e3:1d:ab:7b:
ac:fb:6a:d7:a6:15:eb:b6:e1:2a:49:77:25:96:de:
09:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:5C:80:66:AC:3B:B1:31:93:5B:2D:92:C6:E5:95:33:2C:F5:7F:7C
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230312e302f32342d3234203d3e20313335333931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.201.0/24
Signature Algorithm: sha256WithRSAEncryption
26:ec:20:e2:ff:11:6b:01:3e:9e:57:82:0e:13:a5:cf:3b:22:
da:50:25:19:8d:a2:aa:5c:2f:f4:54:4c:6c:a8:f0:9e:cd:27:
ce:51:85:44:2d:c5:9f:3a:c0:d1:d6:e3:26:63:e6:29:8c:7a:
42:d4:2f:72:4c:68:f1:c4:97:f8:b6:51:7a:c9:a8:8b:a2:a8:
8c:03:03:54:13:9b:9d:06:7f:03:e9:c2:bf:f8:03:8b:36:02:
c3:ae:b6:c6:b1:2d:e8:93:18:9a:72:12:13:a9:6a:a5:24:f3:
fe:b4:e9:4a:32:08:76:71:5d:5d:4e:e9:2a:05:79:0b:97:8f:
b5:22:be:ca:dd:87:70:a5:f1:e6:4d:8d:22:5e:b8:3e:ab:3b:
d0:cb:38:9c:87:b1:b9:ed:8d:d3:b8:18:cd:89:f9:12:c7:73:
3b:03:94:11:33:f7:ac:04:2c:63:90:29:d6:0a:e5:36:7b:e4:
bb:b6:0a:fa:4e:18:33:aa:27:62:3f:12:be:29:b8:a5:41:38:
f2:84:f8:3b:18:15:3b:13:9a:30:5b:e8:fb:96:e9:c9:eb:56:
87:43:6d:83:8c:6b:06:79:8d:f7:a6:44:ac:35:4c:67:4c:7f:
7e:ff:89:2c:db:f8:a7:83:7f:90:ea:86:ea:48:98:e4:60:8f:
74:29:f4:42
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEOT60f4tuCIKyVCyBTAIwobuCWowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDA2MjYwNjQ4MTRaFw0yNTA2MjUwNjUzMTRaMDMxMTAvBgNV
BAMTKENBNUM4MDY2QUMzQkIxMzE5MzVCMkQ5MkM2RTU5NTMzMkNGNTdGN0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMpIGtp8mU0c9rrO4d6elake1f
zlCkB14x5saYGabV8qVMSz5NZJWwV+8AZbHaFBlIbwEVUZvk8CwcHTIN1L9G0NBz
786PHvajh9mWv6BZSC9CCu+l5HQodehX08b9vWxk9NVw2i8kCbwGjoBJYOWO2HAF
lP/NrNE3VLHTa2gcV0ilOp2UUbmePiQ3fn8ocCdn+98xYsbobNA7dcSXbZ6gcK26
cXwSzyKv7Loh7/clXKVQdyIm+rQVywdWH772yNn3U8YrolyQ5GyWVOXPDxsXUapi
AUq5Myc6rtGjqZnyZQcHNBNBVemZqSLu4x2re6z7atemFeu24SpJdyWW3gmXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUylyAZqw7sTGTWy2SxuWVMyz1f3wwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzUzMzM5MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7ckwDQYJKoZIhvcNAQELBQADggEBACbsIOL/EWsBPp5Xgg4Tpc87ItpQJRmN
oqpcL/RUTGyo8J7NJ85RhUQtxZ86wNHW4yZj5imMekLUL3JMaPHEl/i2UXrJqIui
qIwDA1QTm50GfwPpwr/4A4s2AsOutsaxLeiTGJpyEhOpaqUk8/606UoyCHZxXV1O
6SoFeQuXj7Uivsrdh3Cl8eZNjSJeuD6rO9DLOJyHsbntjdO4GM2J+RLHczsDlBEz
96wELGOQKdYK5TZ75Lu2CvpOGDOqJ2I/Er4puKVBOPKE+DsYFTsTmjBb6PuW6cnr
VodDbYOMawZ5jfemRKw1TGdMf37/iSzb+KeDf5DqhupImORgj3Qp9EI=
-----END CERTIFICATE-----
Generated at Mon Nov 25 07:54:59 2024 by rpki-client on console-ams.rpki-client.org