Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230352e302f32342d3234203d3e203432393632.roa
File: 38352e3233372e3230352e302f32342d3234203d3e203432393632.roa (raw, json)
Hash identifier: xdPQP3O5kDDcn4Rr0jSAtFsDft24VpMHMZjifyVmSm8=
Subject key identifier: 9D:AA:5D:A2:71:71:B6:94:4D:59:FA:19:DD:A4:2E:B8:7C:61:52:D3
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 6D2837A277475D0CFE9704E774DBF2B01C9871D9
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230352e302f32342d3234203d3e203432393632.roa
Signing time: Wed 09 Oct 2024 09:43:23 +0000
ROA not before: Wed 09 Oct 2024 09:38:23 +0000
ROA not after: Wed 08 Oct 2025 09:43:23 +0000
asID: 42962
IP address blocks: 85.237.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:35:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:28:37:a2:77:47:5d:0c:fe:97:04:e7:74:db:f2:b0:1c:98:71:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:23 2024 GMT
Not After : Oct 8 09:43:23 2025 GMT
Subject: CN=9DAA5DA27171B6944D59FA19DDA42EB87C6152D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a8:8e:e0:b9:b4:8f:0f:66:fa:a2:3e:9d:ec:
42:ec:ac:ed:ca:90:39:da:f0:63:fa:ef:69:37:73:
ec:8f:b4:6c:9b:7f:e5:4e:01:41:83:4a:f3:83:7a:
1c:5f:3a:8f:c0:5f:4e:87:5a:71:25:43:a4:2b:30:
70:5a:b5:03:15:05:1b:d3:02:ff:da:cf:0a:82:43:
83:76:6c:46:21:a7:2d:76:d8:ce:9c:cb:6a:20:eb:
cd:f6:7c:ce:56:0e:d1:e5:93:44:03:06:72:b2:e1:
d2:47:82:36:15:76:49:c2:3a:55:40:19:f9:31:5b:
9e:85:4d:2d:86:97:9c:ce:b3:58:a3:72:d9:1f:cb:
5e:0d:9a:ab:0b:69:dd:c3:50:6e:e4:1e:07:a2:57:
5c:bf:37:5f:36:81:f5:51:b6:e0:1a:c5:a9:ac:64:
4a:fe:08:7f:76:b5:5a:59:7d:e7:c9:52:4d:e5:98:
a8:09:eb:2e:76:1a:ca:4c:b9:c1:d9:ac:73:94:4e:
32:fc:b6:06:56:7f:72:0e:35:57:c2:10:da:f9:48:
1e:28:d8:f2:1f:b9:d0:bc:31:f2:98:76:b1:01:65:
03:cc:f2:80:8d:4a:f3:ab:03:31:db:66:09:16:44:
c7:ca:38:80:dd:ce:7c:ad:4f:ed:f3:a3:96:d9:08:
c4:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:AA:5D:A2:71:71:B6:94:4D:59:FA:19:DD:A4:2E:B8:7C:61:52:D3
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230352e302f32342d3234203d3e203432393632.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.205.0/24
Signature Algorithm: sha256WithRSAEncryption
88:9f:1d:52:37:ee:55:0e:31:44:90:b2:8e:56:4c:c3:19:01:
d5:42:0a:7f:fa:73:7e:ec:d1:0e:20:57:d6:4d:49:46:8b:ae:
03:69:32:35:7d:84:ca:fc:2d:ba:31:98:22:76:df:b4:2c:7f:
18:11:5f:7e:1b:91:67:ac:df:42:25:39:e0:67:df:51:7a:c0:
de:c2:1b:84:97:8c:73:66:88:19:f8:38:b1:5e:d0:a2:03:32:
1d:8d:46:d8:7f:0c:aa:cb:73:17:75:7e:b9:8b:19:a5:21:1a:
37:95:76:83:d6:f8:aa:b9:c9:00:34:4b:ff:8e:e5:41:eb:94:
8b:8f:e0:1a:ac:bd:8e:b2:b2:8b:37:68:ca:b9:6e:a1:b8:28:
31:a4:1e:26:7e:a0:74:3f:1b:04:8a:e3:71:ba:14:a5:40:a7:
e2:26:7d:38:c8:0d:65:a5:17:5d:3b:9c:ef:dc:5c:6c:c6:5b:
98:63:d2:ca:c7:11:3d:e4:de:4f:c6:ed:17:f0:52:bb:53:a0:
dd:80:b0:c0:6c:cf:53:17:d5:05:74:e7:da:52:23:2d:46:3c:
eb:ed:08:17:aa:19:55:9c:22:49:3a:c6:1d:19:e3:36:bb:14:
de:59:c1:7f:b7:e0:0a:03:17:23:81:00:e1:16:cf:aa:bb:c1:
61:ff:97:b5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbSg3ondHXQz+lwTndNvysByYcdkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjNaFw0yNTEwMDgwOTQzMjNaMDMxMTAvBgNV
BAMTKDlEQUE1REEyNzE3MUI2OTQ0RDU5RkExOUREQTQyRUI4N0M2MTUyRDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYqI7gubSPD2b6oj6d7ELsrO3K
kDna8GP672k3c+yPtGybf+VOAUGDSvODehxfOo/AX06HWnElQ6QrMHBatQMVBRvT
Av/azwqCQ4N2bEYhpy122M6cy2og6832fM5WDtHlk0QDBnKy4dJHgjYVdknCOlVA
GfkxW56FTS2Gl5zOs1ijctkfy14NmqsLad3DUG7kHgeiV1y/N182gfVRtuAaxams
ZEr+CH92tVpZfefJUk3lmKgJ6y52GspMucHZrHOUTjL8tgZWf3IONVfCENr5SB4o
2PIfudC8MfKYdrEBZQPM8oCNSvOrAzHbZgkWRMfKOIDdznytT+3zo5bZCMRdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUnapdonFxtpRNWfoZ3aQuuHxhUtMwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzkzNjMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3NMA0GCSqGSIb3DQEBCwUAA4IBAQCInx1SN+5VDjFEkLKOVkzDGQHVQgp/+nN+
7NEOIFfWTUlGi64DaTI1fYTK/C26MZgidt+0LH8YEV9+G5FnrN9CJTngZ99ResDe
whuEl4xzZogZ+DixXtCiAzIdjUbYfwyqy3MXdX65ixmlIRo3lXaD1viquckANEv/
juVB65SLj+AarL2OsrKLN2jKuW6huCgxpB4mfqB0PxsEiuNxuhSlQKfiJn04yA1l
pRddO5zv3FxsxluYY9LKxxE95N5Pxu0X8FK7U6DdgLDAbM9TF9UFdOfaUiMtRjzr
7QgXqhlVnCJJOsYdGeM2uxTeWcF/t+AKAxcjgQDhFs+qu8Fh/5e1
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:42:51 2025 by rpki-client