Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230332e302f32342d3234203d3e20333937343233.roa
File: 38352e3233372e3230332e302f32342d3234203d3e20333937343233.roa (raw, json)
Hash identifier: gwnyMr2Ll4C7TeNMtK71wZsf5rhrh/f4krKTv+THsFU=
Subject key identifier: 22:34:73:A7:63:92:5A:CC:16:01:5D:C5:ED:2A:A5:B8:C6:BF:54:C9
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 248032AC7605BA19A11DEC35CB63A0DBBBD04AEE
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230332e302f32342d3234203d3e20333937343233.roa
Signing time: Wed 08 Nov 2023 09:24:08 +0000
ROA not before: Wed 08 Nov 2023 09:19:08 +0000
ROA not after: Wed 06 Nov 2024 09:24:08 +0000
asID: 397423
IP address blocks: 85.237.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:80:32:ac:76:05:ba:19:a1:1d:ec:35:cb:63:a0:db:bb:d0:4a:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:19:08 2023 GMT
Not After : Nov 6 09:24:08 2024 GMT
Subject: CN=223473A763925ACC16015DC5ED2AA5B8C6BF54C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:59:67:06:01:41:df:e3:a7:22:68:68:56:e3:
ce:12:47:ca:e8:3e:a7:7c:ba:af:48:9d:4c:7e:8c:
57:bc:93:76:de:44:10:91:05:18:69:4d:b0:68:97:
8a:51:8d:d8:7f:c7:a7:35:24:f1:db:c0:f9:81:51:
b5:eb:91:c9:37:a1:91:fc:c2:54:23:af:dc:1c:3d:
75:2a:31:c0:73:fc:92:3a:9d:8b:7e:cc:4c:9c:53:
5e:b7:2e:8e:bc:99:76:ae:76:e7:f1:b3:39:c8:a7:
7e:9a:99:00:2d:b4:f4:00:bc:6e:50:da:d5:fd:6f:
13:8d:b1:83:59:0f:9b:b3:29:14:05:45:76:74:ca:
b7:c1:de:51:6f:b3:63:a3:62:d6:a4:b3:fa:ec:f4:
55:db:13:a0:4d:7b:d4:16:12:35:4b:bc:9a:3d:e9:
59:7d:c4:18:fd:de:9a:6b:4a:33:67:10:92:cf:c8:
dc:d6:ae:aa:75:22:c6:43:c0:7f:60:ac:03:7f:d1:
35:cd:75:65:af:4f:7c:f8:60:82:b2:9e:a8:ee:cc:
ec:0f:1b:fb:6b:7a:c8:5c:a9:6b:d3:dc:67:0c:58:
68:c2:ed:1d:e1:ec:ab:cd:a6:5e:9f:40:f9:28:1e:
8a:78:7e:72:e1:fc:5b:ed:cb:0d:d4:db:4c:23:2a:
7d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:34:73:A7:63:92:5A:CC:16:01:5D:C5:ED:2A:A5:B8:C6:BF:54:C9
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230332e302f32342d3234203d3e20333937343233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.203.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:56:48:26:23:d8:07:3a:ce:4e:3e:50:1e:f9:96:5f:5a:31:
08:ad:bc:88:07:4d:1f:e7:fe:5f:e7:e4:01:25:ec:2d:b1:95:
0b:b5:5c:b2:e5:83:20:43:49:de:0f:03:97:2e:8c:41:c1:37:
ff:89:81:2f:97:fa:5d:94:67:70:79:27:42:ae:5e:8d:ed:92:
f2:f7:c4:24:3e:16:94:cd:43:2a:ab:b5:b8:6c:88:eb:a0:a6:
5b:29:31:d0:86:4c:d2:5c:bd:a9:00:11:af:a7:47:51:3b:44:
d6:4d:cf:da:46:bf:34:85:34:f9:4c:31:55:de:7f:19:ac:fd:
62:30:9d:d0:29:ab:2a:c0:45:ae:3b:6b:39:71:7e:3f:7e:99:
60:8f:79:96:1f:41:7a:43:c7:5d:b4:e8:98:3d:7b:6d:5f:5a:
0f:1f:18:89:35:69:b9:00:a1:db:5a:49:c0:a6:c2:5d:4d:9c:
9f:ba:ce:d6:df:ed:e4:85:ac:f3:af:dc:c1:0f:77:78:77:37:
88:35:b9:e9:3e:f6:15:cb:a9:80:65:72:4c:af:39:71:3e:91:
0b:00:55:9c:7a:ab:f2:24:f3:18:1a:c4:1f:f0:7e:5e:9f:90:
e7:91:8e:d1:af:a9:ac:b3:d3:f4:94:43:c4:97:ae:9e:e4:36:
7d:d7:1a:06
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJIAyrHYFuhmhHew1y2Og27vQSu4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE5MDhaFw0yNDExMDYwOTI0MDhaMDMxMTAvBgNV
BAMTKDIyMzQ3M0E3NjM5MjVBQ0MxNjAxNURDNUVEMkFBNUI4QzZCRjU0QzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPWWcGAUHf46ciaGhW484SR8ro
Pqd8uq9InUx+jFe8k3beRBCRBRhpTbBol4pRjdh/x6c1JPHbwPmBUbXrkck3oZH8
wlQjr9wcPXUqMcBz/JI6nYt+zEycU163Lo68mXaudufxsznIp36amQAttPQAvG5Q
2tX9bxONsYNZD5uzKRQFRXZ0yrfB3lFvs2OjYtaks/rs9FXbE6BNe9QWEjVLvJo9
6Vl9xBj93pprSjNnEJLPyNzWrqp1IsZDwH9grAN/0TXNdWWvT3z4YIKynqjuzOwP
G/treshcqWvT3GcMWGjC7R3h7KvNpl6fQPkoHop4fnLh/Fvtyw3U20wjKn05AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUIjRzp2OSWswWAV3F7SqluMa/VMkwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzczNDMyMzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7cswDQYJKoZIhvcNAQELBQADggEBAGpWSCYj2Ac6zk4+UB75ll9aMQitvIgH
TR/n/l/n5AEl7C2xlQu1XLLlgyBDSd4PA5cujEHBN/+JgS+X+l2UZ3B5J0KuXo3t
kvL3xCQ+FpTNQyqrtbhsiOugplspMdCGTNJcvakAEa+nR1E7RNZNz9pGvzSFNPlM
MVXefxms/WIwndApqyrARa47azlxfj9+mWCPeZYfQXpDx1206Jg9e21fWg8fGIk1
abkAodtaScCmwl1NnJ+6ztbf7eSFrPOv3MEPd3h3N4g1uek+9hXLqYBlckyvOXE+
kQsAVZx6q/Ik8xgaxB/wfl6fkOeRjtGvqayz0/SUQ8SXrp7kNn3XGgY=
-----END CERTIFICATE-----
Generated at Sat May 4 11:29:11 2024 by rpki-client on console-ams.rpki-client.org