Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230362e302f32342d3234203d3e20313938313030.roa
File: 38352e3233372e3230362e302f32342d3234203d3e20313938313030.roa (raw, json)
Hash identifier: mChWWhX9L9Lcxxr3PIklQVapbQv/kb5m6Mnq5zUy/sE=
Subject key identifier: 46:DC:21:22:FA:7C:A9:33:F5:AE:3C:0D:B3:E7:A8:E1:C1:D6:E1:D9
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 48CBAF9DE4677943EF0F8E92526C8191C32F4C7D
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230362e302f32342d3234203d3e20313938313030.roa
Signing time: Wed 09 Oct 2024 09:43:24 +0000
ROA not before: Wed 09 Oct 2024 09:38:24 +0000
ROA not after: Wed 08 Oct 2025 09:43:24 +0000
asID: 198100
IP address blocks: 85.237.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:cb:af:9d:e4:67:79:43:ef:0f:8e:92:52:6c:81:91:c3:2f:4c:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:24 2024 GMT
Not After : Oct 8 09:43:24 2025 GMT
Subject: CN=46DC2122FA7CA933F5AE3C0DB3E7A8E1C1D6E1D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:43:a0:e9:ee:3c:a7:41:99:5f:41:ff:d0:7c:
cc:be:8d:08:bc:9d:4b:b7:fb:bf:0b:48:a4:2b:71:
89:93:87:a1:80:73:1d:88:50:a1:0b:6a:da:ac:0c:
c0:7f:36:5a:2f:db:6f:5c:db:9f:61:c1:58:c4:20:
16:90:b4:47:70:c2:14:ee:b4:f4:8d:14:b7:74:c0:
b8:aa:10:e6:7b:84:40:77:af:07:ff:d9:81:ed:ac:
f2:95:b5:60:01:26:44:ce:8f:47:b5:1c:b6:6a:49:
f3:20:5d:45:4a:a2:ca:b8:25:88:64:4f:a7:ca:cd:
97:b4:ff:ca:cf:cb:58:bd:55:53:77:48:ca:76:fb:
7f:a4:84:1e:1f:1e:d5:9b:ac:02:a5:a3:2c:11:e6:
84:3c:42:e8:e6:c9:41:8f:30:42:39:50:28:76:22:
49:c4:14:c1:0b:39:9b:54:38:74:64:6e:15:e6:4a:
9f:d8:76:e4:5a:0a:db:fe:7b:db:62:10:c9:1f:56:
a3:83:89:3e:b5:4f:4e:c2:cf:59:42:e3:96:01:9a:
f2:5e:21:9c:83:5c:ac:c5:86:d3:8a:87:ed:1e:5b:
3b:7a:a7:d0:a7:39:a8:db:31:0c:54:ee:9c:06:b3:
03:7e:26:ce:ce:61:c3:55:5a:c3:45:df:fc:54:60:
3b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:DC:21:22:FA:7C:A9:33:F5:AE:3C:0D:B3:E7:A8:E1:C1:D6:E1:D9
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230362e302f32342d3234203d3e20313938313030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.206.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:15:53:4e:ed:37:df:a5:0a:d2:41:75:1f:da:8b:82:e0:dc:
e9:bd:90:d8:d7:cf:dd:40:b9:2b:9b:20:4c:50:b1:62:a4:90:
85:2e:a2:d3:a2:e9:55:14:75:57:67:12:b6:60:07:75:9d:0e:
95:6d:22:ba:64:c6:58:ac:8c:01:51:d2:ee:da:6d:c3:31:e9:
dc:61:09:83:bb:49:0a:80:0b:c8:eb:09:11:81:2f:e7:4b:54:
d0:8a:a6:e8:a4:8e:08:ff:aa:3c:47:f2:85:b4:7c:fc:7b:cc:
93:56:2b:c9:c0:3a:20:dd:23:d9:e6:84:5b:1e:bd:cf:bd:80:
0c:e0:c7:ca:eb:7c:fa:ec:c4:8f:4a:1d:c3:d2:39:d0:08:94:
bd:af:2c:cb:2c:6b:d2:d6:ce:e9:45:84:d4:ce:33:1a:51:70:
f3:5a:6d:04:01:1c:19:de:45:c2:e7:b9:6b:08:1e:b2:5b:75:
70:3d:59:87:d1:f9:02:b6:6c:de:eb:f9:16:8d:a2:95:1b:5b:
b8:dc:87:26:f0:f0:08:97:d4:4b:55:00:6c:c1:2e:d0:e9:3b:
32:da:ca:03:58:03:42:c9:9d:18:33:a4:f8:a6:90:19:5d:d1:
df:7f:c0:5d:12:de:d7:1b:12:ad:1a:b4:57:ef:50:07:25:c0:
a8:0c:1f:1c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSMuvneRneUPvD46SUmyBkcMvTH0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjRaFw0yNTEwMDgwOTQzMjRaMDMxMTAvBgNV
BAMTKDQ2REMyMTIyRkE3Q0E5MzNGNUFFM0MwREIzRTdBOEUxQzFENkUxRDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaQ6Dp7jynQZlfQf/QfMy+jQi8
nUu3+78LSKQrcYmTh6GAcx2IUKELatqsDMB/Nlov229c259hwVjEIBaQtEdwwhTu
tPSNFLd0wLiqEOZ7hEB3rwf/2YHtrPKVtWABJkTOj0e1HLZqSfMgXUVKosq4JYhk
T6fKzZe0/8rPy1i9VVN3SMp2+3+khB4fHtWbrAKloywR5oQ8QujmyUGPMEI5UCh2
IknEFMELOZtUOHRkbhXmSp/YduRaCtv+e9tiEMkfVqODiT61T07Cz1lC45YBmvJe
IZyDXKzFhtOKh+0eWzt6p9CnOajbMQxU7pwGswN+Js7OYcNVWsNF3/xUYDvRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQURtwhIvp8qTP1rjwNs+eo4cHW4dkwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzMTMwMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7c4wDQYJKoZIhvcNAQELBQADggEBAEoVU07tN9+lCtJBdR/ai4Lg3Om9kNjX
z91AuSubIExQsWKkkIUuotOi6VUUdVdnErZgB3WdDpVtIrpkxlisjAFR0u7abcMx
6dxhCYO7SQqAC8jrCRGBL+dLVNCKpuikjgj/qjxH8oW0fPx7zJNWK8nAOiDdI9nm
hFsevc+9gAzgx8rrfPrsxI9KHcPSOdAIlL2vLMssa9LWzulFhNTOMxpRcPNabQQB
HBneRcLnuWsIHrJbdXA9WYfR+QK2bN7r+RaNopUbW7jchybw8AiX1EtVAGzBLtDp
OzLaygNYA0LJnRgzpPimkBld0d9/wF0S3tcbEq0atFfvUAclwKgMHxw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:14:20 2024 by rpki-client on console-ams.rpki-client.org