Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230362e302f32332d3233203d3e20313938313030.roa
File: 38352e3233372e3230362e302f32332d3233203d3e20313938313030.roa (raw, json)
Hash identifier: TfaZfYDe6ANjHUiFhHgiJ4LOBXuRtTHa56fu9gggrpM=
Subject key identifier: E7:2C:F5:F3:C0:AD:E3:3E:10:21:14:62:FE:83:66:25:1D:80:78:39
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 190FA5735B3D837A26811516DE4DDC6FDF65BAAF
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230362e302f32332d3233203d3e20313938313030.roa
Signing time: Wed 09 Oct 2024 09:43:23 +0000
ROA not before: Wed 09 Oct 2024 09:38:23 +0000
ROA not after: Wed 08 Oct 2025 09:43:23 +0000
asID: 198100
IP address blocks: 85.237.206.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:0f:a5:73:5b:3d:83:7a:26:81:15:16:de:4d:dc:6f:df:65:ba:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:23 2024 GMT
Not After : Oct 8 09:43:23 2025 GMT
Subject: CN=E72CF5F3C0ADE33E10211462FE8366251D807839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fb:bc:ea:06:30:a4:7d:0c:6e:2a:af:3c:3b:
d5:b6:23:0c:48:61:74:8f:55:10:6c:f6:33:c9:27:
8a:cc:0e:1a:48:80:bb:76:4c:c3:ec:59:1a:e0:fa:
84:6c:bf:c1:19:f1:b5:19:d1:9a:dc:f3:7b:0e:61:
fe:62:18:5c:e6:8b:d6:0b:05:9f:53:e5:0f:ed:34:
3b:e6:af:34:9e:25:52:2b:1e:e5:47:5e:73:cd:8d:
d0:71:9a:3e:16:cc:4e:0a:56:4d:72:c2:cd:ba:7c:
a0:92:fd:60:d2:40:64:8f:6c:6b:6c:b4:6c:84:6d:
b1:49:43:ea:6a:45:99:da:4d:d9:4a:cd:95:9e:ab:
f7:32:84:23:a8:c7:05:36:33:28:e5:ce:20:9e:60:
97:0a:6a:5e:50:22:59:70:f7:d0:11:c0:d9:60:ea:
0e:89:38:8d:79:09:4d:5d:01:d6:66:b9:e5:e3:a2:
4c:ae:0f:2e:cd:0f:81:40:68:47:f1:4a:5a:f9:d6:
1e:05:88:7c:e7:d8:24:57:c9:87:f9:60:56:11:e5:
22:36:94:51:e7:57:ff:dc:7f:d7:53:9c:0e:91:87:
e3:47:7d:fc:12:8e:74:d2:3c:1b:03:04:9f:36:b4:
23:bf:a3:80:43:41:4d:e7:be:e3:bd:db:3b:87:62:
39:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:2C:F5:F3:C0:AD:E3:3E:10:21:14:62:FE:83:66:25:1D:80:78:39
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230362e302f32332d3233203d3e20313938313030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.206.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:0c:04:8f:c7:67:66:bf:d8:98:04:c1:5f:67:58:e6:82:80:
20:a7:f9:bf:0c:7b:61:b1:52:8a:59:df:39:bb:5e:54:7f:10:
6b:b5:17:36:96:2f:47:10:02:c7:75:5e:27:cf:2c:c0:7a:3f:
3e:8d:2e:d4:4b:23:64:60:8b:eb:af:9f:48:51:ae:64:65:15:
5f:4b:c1:60:ca:2e:39:07:71:d3:49:00:c5:cf:39:9e:0b:b3:
26:8c:9a:a0:32:b5:fc:8e:47:74:ef:3d:d0:5c:f1:71:41:5c:
2c:81:86:4e:6a:e5:f0:c7:9d:c4:27:e4:b4:f6:57:4b:02:1e:
00:92:0a:1e:40:7f:db:6d:c0:69:dd:69:c5:13:0c:ef:96:f8:
b4:1f:ec:db:89:c9:dc:b5:6b:6f:38:b6:b5:56:f8:59:99:63:
a9:1e:08:2a:dd:25:c2:53:4f:4d:cd:04:06:fd:16:2f:7b:f1:
f9:be:fe:2a:d2:f7:eb:21:65:6b:ab:5e:da:00:0f:1f:aa:58:
ee:0f:67:59:72:55:91:d6:d1:53:df:40:3f:6d:05:23:bd:6f:
0c:a9:87:f7:2b:00:72:3d:5a:02:4c:cc:37:04:e1:e9:33:fa:
83:81:ad:4d:db:b1:af:fa:bb:f3:63:22:80:24:d2:85:35:a3:
f8:93:5b:d8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGQ+lc1s9g3omgRUW3k3cb99luq8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjNaFw0yNTEwMDgwOTQzMjNaMDMxMTAvBgNV
BAMTKEU3MkNGNUYzQzBBREUzM0UxMDIxMTQ2MkZFODM2NjI1MUQ4MDc4MzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4+7zqBjCkfQxuKq88O9W2IwxI
YXSPVRBs9jPJJ4rMDhpIgLt2TMPsWRrg+oRsv8EZ8bUZ0Zrc83sOYf5iGFzmi9YL
BZ9T5Q/tNDvmrzSeJVIrHuVHXnPNjdBxmj4WzE4KVk1yws26fKCS/WDSQGSPbGts
tGyEbbFJQ+pqRZnaTdlKzZWeq/cyhCOoxwU2MyjlziCeYJcKal5QIllw99ARwNlg
6g6JOI15CU1dAdZmueXjokyuDy7ND4FAaEfxSlr51h4FiHzn2CRXyYf5YFYR5SI2
lFHnV//cf9dTnA6Rh+NHffwSjnTSPBsDBJ82tCO/o4BDQU3nvuO92zuHYjk/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU5yz188Ct4z4QIRRi/oNmJR2AeDkwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzYyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMTM5MzgzMTMwMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFV7c4wDQYJKoZIhvcNAQELBQADggEBACsMBI/HZ2a/2JgEwV9nWOaCgCCn+b8M
e2GxUopZ3zm7XlR/EGu1FzaWL0cQAsd1XifPLMB6Pz6NLtRLI2Rgi+uvn0hRrmRl
FV9LwWDKLjkHcdNJAMXPOZ4LsyaMmqAytfyOR3TvPdBc8XFBXCyBhk5q5fDHncQn
5LT2V0sCHgCSCh5Af9ttwGndacUTDO+W+LQf7NuJydy1a284trVW+FmZY6keCCrd
JcJTT03NBAb9Fi978fm+/irS9+shZWurXtoADx+qWO4PZ1lyVZHW0VPfQD9tBSO9
bwyph/crAHI9WgJMzDcE4ekz+oOBrU3bsa/6u/NjIoAk0oU1o/iTW9g=
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:14:20 2024 by rpki-client on console-ams.rpki-client.org