Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230362e302f32332d3233203d3e20313938313030.roa
File: 38352e3233372e3230362e302f32332d3233203d3e20313938313030.roa (raw, json)
Hash identifier: e0XZKtRIHTWKIVCWPEiaBSndJUYxgUrwREm+qtfae4A=
Subject key identifier: FD:5D:78:6B:11:EB:0C:EC:E2:DF:9A:0B:2C:CF:D4:E0:15:18:C3:C8
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 371A08AD4318DC5F4DE554F9CB62A138FC30139C
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230362e302f32332d3233203d3e20313938313030.roa
Signing time: Wed 08 Nov 2023 09:22:44 +0000
ROA not before: Wed 08 Nov 2023 09:17:44 +0000
ROA not after: Wed 06 Nov 2024 09:22:44 +0000
asID: 198100
IP address blocks: 85.237.206.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 13:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:1a:08:ad:43:18:dc:5f:4d:e5:54:f9:cb:62:a1:38:fc:30:13:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:17:44 2023 GMT
Not After : Nov 6 09:22:44 2024 GMT
Subject: CN=FD5D786B11EB0CECE2DF9A0B2CCFD4E01518C3C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d3:7c:d1:18:3c:bf:63:6f:5e:25:ee:03:18:
d7:38:3e:05:6c:08:e0:ef:9c:1e:40:52:a2:09:e1:
1c:31:55:f2:f6:d1:73:5d:b4:e6:43:b1:8e:cf:2e:
d5:87:eb:fa:64:f1:f7:aa:20:9f:d9:79:c0:a1:41:
a1:f5:63:44:95:88:e5:b0:f0:35:0f:81:45:8a:1c:
0d:b2:6f:41:50:c8:5a:43:2b:e6:42:cc:ac:10:69:
98:56:65:8e:39:d7:f3:59:75:11:4e:03:29:05:2c:
35:67:ec:bb:4b:2f:57:e7:7c:6d:0c:21:c8:d0:b6:
88:e1:d6:37:92:d6:5f:17:0b:22:ba:60:ab:fa:c1:
f4:cb:b8:ff:c7:8c:86:65:47:3f:4f:63:43:43:b4:
a0:f6:21:f5:37:31:d2:0e:74:1e:76:ce:4f:c2:6d:
90:79:1f:4e:e3:65:39:29:82:a9:c9:4a:81:3c:76:
47:f0:7f:a3:f6:3c:3f:53:c1:ed:17:96:2f:84:79:
22:3a:c1:92:d1:92:1f:b7:3d:1d:6b:d3:6f:d7:e4:
92:3c:34:7f:4c:1c:7c:6d:f0:47:7d:65:2e:37:5b:
dd:2d:3d:6c:3a:94:14:ce:cd:03:12:0a:ce:7a:fa:
24:85:6e:4e:db:04:b9:0b:c2:ff:c3:5f:80:ef:01:
a6:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:5D:78:6B:11:EB:0C:EC:E2:DF:9A:0B:2C:CF:D4:E0:15:18:C3:C8
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230362e302f32332d3233203d3e20313938313030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.206.0/23
Signature Algorithm: sha256WithRSAEncryption
01:f0:bd:73:d4:51:f4:68:36:20:61:4a:80:32:d6:97:7f:a8:
ea:37:88:22:46:49:90:aa:ce:60:85:d7:b4:09:53:3c:04:c5:
13:9e:af:86:7d:a5:b1:7b:41:3e:c1:ea:39:8d:22:67:1d:e7:
70:c5:22:1e:e5:1d:58:1e:b4:c5:0a:30:20:f3:21:19:f1:9d:
b3:26:59:b3:35:d3:e8:8e:66:81:0f:ad:58:a0:e7:19:e0:8c:
c6:ec:96:0a:b1:0c:ab:97:60:8e:9b:c7:58:1f:39:35:65:79:
ec:65:62:e5:e7:c4:ee:b8:8e:e5:5d:97:0e:2a:e6:73:51:67:
60:1b:a9:f9:29:fb:62:c5:77:46:dc:5c:fd:95:03:26:70:d0:
bb:e3:18:b1:a1:6b:89:2c:56:b0:ad:c0:f6:cb:ac:3d:35:af:
b2:82:6f:d9:ce:e0:78:71:bc:db:87:e7:3a:7a:4a:4c:77:0d:
ab:78:af:d9:c9:d8:73:c1:85:b3:43:11:ce:2a:58:21:7f:c5:
d1:85:2c:9c:9b:13:9d:bd:b1:25:3d:dd:ba:46:7c:b3:f3:10:
d6:a8:32:75:38:9d:b6:33:18:fe:5d:41:b9:47:ec:15:0f:b0:
c5:47:e4:75:66:f5:b7:7d:12:40:fd:26:61:dd:be:31:93:3d:
aa:b5:91:dc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNxoIrUMY3F9N5VT5y2KhOPwwE5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE3NDRaFw0yNDExMDYwOTIyNDRaMDMxMTAvBgNV
BAMTKEZENUQ3ODZCMTFFQjBDRUNFMkRGOUEwQjJDQ0ZENEUwMTUxOEMzQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCR03zRGDy/Y29eJe4DGNc4PgVs
CODvnB5AUqIJ4RwxVfL20XNdtOZDsY7PLtWH6/pk8feqIJ/ZecChQaH1Y0SViOWw
8DUPgUWKHA2yb0FQyFpDK+ZCzKwQaZhWZY451/NZdRFOAykFLDVn7LtLL1fnfG0M
IcjQtojh1jeS1l8XCyK6YKv6wfTLuP/HjIZlRz9PY0NDtKD2IfU3MdIOdB52zk/C
bZB5H07jZTkpgqnJSoE8dkfwf6P2PD9Twe0Xli+EeSI6wZLRkh+3PR1r02/X5JI8
NH9MHHxt8Ed9ZS43W90tPWw6lBTOzQMSCs56+iSFbk7bBLkLwv/DX4DvAaZhAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU/V14axHrDOzi35oLLM/U4BUYw8gwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzYyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMTM5MzgzMTMwMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFV7c4wDQYJKoZIhvcNAQELBQADggEBAAHwvXPUUfRoNiBhSoAy1pd/qOo3iCJG
SZCqzmCF17QJUzwExROer4Z9pbF7QT7B6jmNImcd53DFIh7lHVgetMUKMCDzIRnx
nbMmWbM10+iOZoEPrVig5xngjMbslgqxDKuXYI6bx1gfOTVleexlYuXnxO64juVd
lw4q5nNRZ2Abqfkp+2LFd0bcXP2VAyZw0LvjGLGha4ksVrCtwPbLrD01r7KCb9nO
4HhxvNuH5zp6Skx3Dat4r9nJ2HPBhbNDEc4qWCF/xdGFLJybE529sSU93bpGfLPz
ENaoMnU4nbYzGP5dQblH7BUPsMVH5HVm9bd9EkD9JmHdvjGTPaq1kdw=
-----END CERTIFICATE-----
Generated at Sun May 19 17:21:05 2024 by rpki-client on console-fra.rpki-client.org