Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230342e302f32342d3234203d3e203631333137.roa
File: 38352e3233372e3230342e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: CRBXEkyGsAEX6duoV1pu4v2C3Txix5TCCAm7irKJUUE=
Subject key identifier: 48:ED:CF:66:DC:94:F6:E7:48:EB:2D:2B:B0:11:10:82:94:A5:58:F2
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 7CAA368BCBA3D7FEF2BF706853EE204C48A5E017
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230342e302f32342d3234203d3e203631333137.roa
Signing time: Wed 09 Oct 2024 09:43:22 +0000
ROA not before: Wed 09 Oct 2024 09:38:22 +0000
ROA not after: Wed 08 Oct 2025 09:43:22 +0000
asID: 61317
IP address blocks: 85.237.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:aa:36:8b:cb:a3:d7:fe:f2:bf:70:68:53:ee:20:4c:48:a5:e0:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:22 2024 GMT
Not After : Oct 8 09:43:22 2025 GMT
Subject: CN=48EDCF66DC94F6E748EB2D2BB011108294A558F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c6:ed:65:fd:9d:be:32:41:34:8c:ed:e9:33:
be:62:00:18:db:a5:b7:fe:3c:c8:32:fd:da:f2:1c:
19:65:22:0f:be:9b:85:13:67:f7:bf:fe:f0:6e:9d:
d1:ea:3c:b0:a1:86:4c:90:a7:59:d5:f3:cd:d7:39:
af:5d:97:28:ef:18:af:66:be:82:b8:6c:8a:5f:47:
8d:c4:34:a3:c8:41:8f:08:90:53:86:01:17:65:82:
1d:97:1f:df:5c:49:ec:c3:d8:00:8f:f6:9f:e9:a2:
31:71:43:71:7f:f1:6c:ac:e7:93:f5:bf:9f:ed:52:
4b:c9:1a:16:1b:4e:20:64:4a:c1:fa:f9:17:37:81:
57:65:1d:a2:3e:a0:51:ff:77:dc:43:4e:72:54:65:
3b:15:0f:33:4b:38:54:46:ed:d9:92:a4:df:57:06:
45:27:ec:3f:59:91:f4:78:b3:e8:d3:d7:c5:c1:d9:
b8:24:be:8a:ae:9f:8e:43:f3:7a:50:2c:13:87:77:
b5:13:92:87:5a:7d:76:72:21:be:c1:a2:a0:5b:c8:
f3:28:1f:2f:83:d0:c2:a6:1a:7e:59:1c:6f:e1:fc:
41:6d:93:6f:cd:2b:ab:8c:8a:01:22:86:c1:d9:1a:
69:ba:e0:aa:e2:55:90:00:6b:b6:a5:0b:ac:94:de:
a0:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:ED:CF:66:DC:94:F6:E7:48:EB:2D:2B:B0:11:10:82:94:A5:58:F2
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230342e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.204.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:12:e1:0c:2d:64:f3:40:1c:b7:69:ae:3b:05:6d:35:05:d7:
4f:1a:65:87:5e:99:2e:87:29:9a:de:40:64:01:2e:64:ce:6e:
43:34:a2:9d:42:d6:6d:f7:9a:88:f9:47:e4:5e:f4:92:c7:3e:
70:bc:28:c6:49:8d:ff:fb:ec:bb:d5:f6:5f:9b:5b:04:1a:9c:
5f:d7:bf:65:9c:83:88:3a:31:a2:0d:27:0d:c0:76:61:0b:30:
ba:19:6d:27:23:9e:62:e4:9b:aa:9f:34:e4:31:c2:0f:5a:58:
02:92:32:7a:26:88:16:b0:a1:08:49:d7:c8:31:d1:ee:a0:09:
42:d2:98:d2:9d:7e:18:ed:31:92:63:3a:10:cf:48:c0:2a:28:
b0:44:b2:77:d8:aa:3b:1e:0f:eb:e9:20:3d:41:a0:36:04:6f:
b3:b8:5d:77:c6:85:6e:3a:f9:02:35:62:95:7d:94:34:c9:f1:
dc:0b:9e:12:00:b6:3e:f9:0c:0d:54:4a:88:3b:b2:8a:a1:aa:
7c:21:89:e1:a8:25:ea:6d:43:38:51:3f:66:c4:6d:ec:da:b7:
75:7a:46:d5:c7:34:55:56:26:11:44:68:1a:52:27:6c:e1:05:
e1:f7:b0:62:71:a9:6f:aa:4a:f3:73:7e:77:dd:71:c0:fc:bc:
81:02:a9:53
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfKo2i8uj1/7yv3BoU+4gTEil4BcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjJaFw0yNTEwMDgwOTQzMjJaMDMxMTAvBgNV
BAMTKDQ4RURDRjY2REM5NEY2RTc0OEVCMkQyQkIwMTExMDgyOTRBNTU4RjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZxu1l/Z2+MkE0jO3pM75iABjb
pbf+PMgy/dryHBllIg++m4UTZ/e//vBundHqPLChhkyQp1nV883XOa9dlyjvGK9m
voK4bIpfR43ENKPIQY8IkFOGARdlgh2XH99cSezD2ACP9p/pojFxQ3F/8Wys55P1
v5/tUkvJGhYbTiBkSsH6+Rc3gVdlHaI+oFH/d9xDTnJUZTsVDzNLOFRG7dmSpN9X
BkUn7D9ZkfR4s+jT18XB2bgkvoqun45D83pQLBOHd7UTkodafXZyIb7BoqBbyPMo
Hy+D0MKmGn5ZHG/h/EFtk2/NK6uMigEihsHZGmm64KriVZAAa7alC6yU3qBFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUSO3PZtyU9udI6y0rsBEQgpSlWPIwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3MMA0GCSqGSIb3DQEBCwUAA4IBAQAtEuEMLWTzQBy3aa47BW01BddPGmWHXpku
hyma3kBkAS5kzm5DNKKdQtZt95qI+UfkXvSSxz5wvCjGSY3/++y71fZfm1sEGpxf
179lnIOIOjGiDScNwHZhCzC6GW0nI55i5JuqnzTkMcIPWlgCkjJ6JogWsKEISdfI
MdHuoAlC0pjSnX4Y7TGSYzoQz0jAKiiwRLJ32Ko7Hg/r6SA9QaA2BG+zuF13xoVu
OvkCNWKVfZQ0yfHcC54SALY++QwNVEqIO7KKoap8IYnhqCXqbUM4UT9mxG3s2rd1
ekbVxzRVViYRRGgaUids4QXh97Bicalvqkrzc3533XHA/LyBAqlT
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org