Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230332e302f32342d3234203d3e20333937343233.roa
File: 38352e3233372e3230332e302f32342d3234203d3e20333937343233.roa (raw, json)
Hash identifier: Ae5e7kH0aw3dfuzP5LZLmXIvM9bKUC0eO5M02uJ5zN0=
Subject key identifier: 7B:D0:21:6F:04:53:ED:29:B3:A9:B8:21:C3:7A:94:EA:98:74:D1:A9
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 74C4CE465F202922D9B1013448453CE1911B901D
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230332e302f32342d3234203d3e20333937343233.roa
Signing time: Wed 09 Oct 2024 09:43:24 +0000
ROA not before: Wed 09 Oct 2024 09:38:24 +0000
ROA not after: Wed 08 Oct 2025 09:43:24 +0000
asID: 397423
IP address blocks: 85.237.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:c4:ce:46:5f:20:29:22:d9:b1:01:34:48:45:3c:e1:91:1b:90:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:24 2024 GMT
Not After : Oct 8 09:43:24 2025 GMT
Subject: CN=7BD0216F0453ED29B3A9B821C37A94EA9874D1A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:de:a4:23:52:f7:8f:d9:20:9f:fb:48:6e:bc:
7e:7a:14:0f:a4:af:3b:ca:a7:ee:4f:01:cb:6c:f0:
6e:9c:81:e4:7a:ed:53:57:6d:f8:e6:ae:70:cb:50:
c7:21:f0:09:7e:bf:2d:27:5b:d0:2b:3c:54:8f:5f:
8b:af:e1:43:38:6d:93:27:cc:c4:90:eb:e5:a6:bf:
e7:da:f3:a3:66:78:67:35:89:0a:b5:93:23:bf:cd:
3a:64:fe:e0:dc:89:78:4e:71:64:0d:0d:58:e0:12:
ad:d6:02:22:07:44:da:14:94:19:27:6e:ee:70:b7:
f2:03:f9:ce:fa:28:97:70:05:c4:1d:30:f3:fb:60:
3e:84:88:69:34:14:a9:82:b8:66:8a:33:73:0c:f5:
8e:cd:e4:92:b3:99:0e:bc:8d:57:11:45:95:7b:e9:
e1:13:4c:90:58:d2:cb:3b:ed:5d:76:ab:f5:e9:d7:
66:4d:42:4c:f0:9e:9e:82:d0:40:96:0d:17:8b:a4:
99:d5:c8:81:ff:dc:bb:55:a4:82:1a:f3:b9:4b:cb:
31:6a:f3:11:1e:bd:a1:cc:1b:36:21:11:f2:82:70:
8b:7e:c7:7e:7d:4b:d1:61:06:89:d4:8b:ed:01:b1:
1b:d0:8c:ad:8b:b4:3b:14:bc:14:79:9e:53:ac:81:
41:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:D0:21:6F:04:53:ED:29:B3:A9:B8:21:C3:7A:94:EA:98:74:D1:A9
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230332e302f32342d3234203d3e20333937343233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.203.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:ad:13:33:f9:c1:d9:80:fd:ac:29:22:0b:95:3c:06:03:f3:
a2:34:42:1b:26:a9:1e:e3:31:f2:21:0a:9c:c1:54:42:f9:6f:
1e:f6:f3:53:7c:5b:06:20:9e:47:68:d7:d3:c0:cb:72:a5:85:
d5:03:d3:82:ef:aa:c3:4d:d2:47:96:51:e0:16:8b:55:42:96:
8e:e9:a2:1a:d3:5d:b7:a0:52:f6:4d:29:81:b7:22:8d:77:c7:
39:cd:cf:7c:91:cc:54:f7:3e:de:01:0f:1e:0e:14:65:07:74:
14:1a:85:86:93:51:40:00:a7:a4:0b:53:ed:2b:0b:95:3d:35:
d5:0a:18:5b:31:0d:d0:6b:b9:0e:87:d0:70:d0:68:e5:10:5f:
3e:8f:6e:bf:8f:7e:f1:42:28:9d:b7:e2:07:e6:c4:a1:83:9b:
36:e1:9f:30:fd:95:fc:a9:6d:46:0a:2d:e3:a1:03:a4:08:22:
e1:90:34:1f:c0:27:e1:52:0a:f3:0e:7e:72:c0:77:cb:2a:0f:
e9:c2:26:58:b4:f1:06:d6:4a:43:e5:ed:67:ab:3a:d7:5b:23:
c3:f7:69:f6:f3:83:7e:92:f3:ac:9c:d7:ba:24:20:4b:90:2a:
75:54:56:c2:f6:0c:84:94:f7:44:09:e4:a8:65:cc:7b:b4:19:
9e:47:18:75
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdMTORl8gKSLZsQE0SEU84ZEbkB0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjRaFw0yNTEwMDgwOTQzMjRaMDMxMTAvBgNV
BAMTKDdCRDAyMTZGMDQ1M0VEMjlCM0E5QjgyMUMzN0E5NEVBOTg3NEQxQTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo3qQjUveP2SCf+0huvH56FA+k
rzvKp+5PActs8G6cgeR67VNXbfjmrnDLUMch8Al+vy0nW9ArPFSPX4uv4UM4bZMn
zMSQ6+Wmv+fa86NmeGc1iQq1kyO/zTpk/uDciXhOcWQNDVjgEq3WAiIHRNoUlBkn
bu5wt/ID+c76KJdwBcQdMPP7YD6EiGk0FKmCuGaKM3MM9Y7N5JKzmQ68jVcRRZV7
6eETTJBY0ss77V12q/Xp12ZNQkzwnp6C0ECWDReLpJnVyIH/3LtVpIIa87lLyzFq
8xEevaHMGzYhEfKCcIt+x359S9FhBonUi+0BsRvQjK2LtDsUvBR5nlOsgUHfAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUe9AhbwRT7Smzqbghw3qU6ph00akwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzczNDMyMzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7cswDQYJKoZIhvcNAQELBQADggEBAAutEzP5wdmA/awpIguVPAYD86I0Qhsm
qR7jMfIhCpzBVEL5bx7281N8WwYgnkdo19PAy3KlhdUD04LvqsNN0keWUeAWi1VC
lo7pohrTXbegUvZNKYG3Io13xznNz3yRzFT3Pt4BDx4OFGUHdBQahYaTUUAAp6QL
U+0rC5U9NdUKGFsxDdBruQ6H0HDQaOUQXz6Pbr+PfvFCKJ234gfmxKGDmzbhnzD9
lfypbUYKLeOhA6QIIuGQNB/AJ+FSCvMOfnLAd8sqD+nCJli08QbWSkPl7WerOtdb
I8P3afbzg36S86yc17okIEuQKnVUVsL2DISU90QJ5KhlzHu0GZ5HGHU=
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org