Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230362e302f32342d3234203d3e20313938313030.roa
File: 38352e3233372e3230362e302f32342d3234203d3e20313938313030.roa (raw, json)
Hash identifier: 53w1QFsa+x3sj8CWTZGvXvsBgrR2atpiuzDuSxLgJpM=
Subject key identifier: B3:61:2A:5C:EB:3B:EB:2A:0F:73:D2:0F:DC:E5:F0:BD:03:AD:65:B2
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 13CB68778EB52CAB65CC93AFAC356228D7C2DFF9
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230362e302f32342d3234203d3e20313938313030.roa
Signing time: Wed 08 Nov 2023 09:22:51 +0000
ROA not before: Wed 08 Nov 2023 09:17:51 +0000
ROA not after: Wed 06 Nov 2024 09:22:51 +0000
asID: 198100
IP address blocks: 85.237.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 13:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:cb:68:77:8e:b5:2c:ab:65:cc:93:af:ac:35:62:28:d7:c2:df:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:17:51 2023 GMT
Not After : Nov 6 09:22:51 2024 GMT
Subject: CN=B3612A5CEB3BEB2A0F73D20FDCE5F0BD03AD65B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d0:87:26:06:80:a3:a2:04:1a:2c:af:fc:df:
58:48:7b:f3:e1:57:f3:02:1f:2e:e9:fd:e5:88:73:
f1:2c:95:a2:65:41:a8:bb:fa:6f:50:a2:a1:2f:cd:
bb:f8:f9:65:12:49:ad:b9:11:0a:98:60:a3:c6:e4:
ef:27:55:59:0c:89:cc:0f:39:0f:83:ee:e4:1e:37:
c2:72:4c:53:1d:2d:81:50:fa:32:d6:eb:f3:b6:f5:
71:0f:ad:41:12:44:0e:4b:ed:91:7d:b2:2e:96:c7:
8c:86:95:8a:60:6b:39:aa:f0:46:50:d2:f5:72:3f:
16:d0:55:64:f5:d6:f7:1f:84:56:bb:f9:d7:e3:5b:
fc:ba:a8:6c:f9:a7:10:28:3b:63:9e:ea:cf:ce:d7:
10:e0:fa:69:d7:c7:3b:5a:25:d8:86:fb:85:53:0e:
6a:10:05:80:20:f7:30:0c:57:e0:39:84:3a:68:bf:
0c:e5:e1:d0:0d:d3:06:07:1e:44:44:7a:8d:d6:4a:
c6:2c:74:3d:5c:d1:f8:d9:ad:d7:6d:e0:12:b7:c0:
9d:3b:a4:6d:71:ad:89:c0:2e:5c:1a:d4:1d:99:06:
c8:40:e0:99:55:72:c0:e0:2d:2e:60:8b:fb:ab:b3:
64:05:cf:84:25:80:72:dd:ca:60:7f:dc:5c:98:23:
cd:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:61:2A:5C:EB:3B:EB:2A:0F:73:D2:0F:DC:E5:F0:BD:03:AD:65:B2
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230362e302f32342d3234203d3e20313938313030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.206.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:04:c5:e5:02:36:c2:d1:e7:dc:c0:9e:72:b1:1a:64:71:55:
58:8b:9f:f9:b7:41:1a:8b:11:05:c1:57:38:32:20:44:57:3a:
e7:b9:84:82:c9:ad:df:3a:11:9c:56:8b:b8:01:54:31:a2:82:
53:10:68:e8:de:25:5a:ba:84:9b:f0:9b:b2:aa:00:20:88:2e:
68:19:b5:35:42:8c:4c:8e:1b:9c:4e:bd:13:8d:1a:c3:53:e9:
84:c4:0e:3f:19:0d:c9:de:9e:d8:f0:3c:3e:11:e9:5a:df:f4:
0d:07:1e:e8:8c:4c:15:db:3d:f0:b9:90:cb:cd:5c:93:b2:d8:
f4:48:71:c9:6b:27:7b:19:24:ac:90:f2:bd:03:63:e3:a4:6f:
96:17:23:9c:12:1d:d5:b0:29:88:da:4d:5e:10:f0:2e:9d:5c:
37:79:bf:ee:16:80:96:8b:80:ca:87:40:3a:da:a7:5f:85:f7:
77:25:b6:9a:c6:c2:d2:ee:89:64:49:c5:6d:72:6c:5e:f7:28:
85:a0:7a:ee:4b:ec:7e:a9:7d:80:ef:91:f0:2f:9b:5e:5b:fb:
85:3a:ed:d8:27:4b:46:5a:7a:27:90:3e:0a:92:75:22:d1:7f:
d1:63:fe:24:f6:6c:58:a7:b8:77:f5:fa:1e:97:86:77:74:a0:
d1:75:ab:52
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUE8tod461LKtlzJOvrDViKNfC3/kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE3NTFaFw0yNDExMDYwOTIyNTFaMDMxMTAvBgNV
BAMTKEIzNjEyQTVDRUIzQkVCMkEwRjczRDIwRkRDRTVGMEJEMDNBRDY1QjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh0IcmBoCjogQaLK/831hIe/Ph
V/MCHy7p/eWIc/EslaJlQai7+m9QoqEvzbv4+WUSSa25EQqYYKPG5O8nVVkMicwP
OQ+D7uQeN8JyTFMdLYFQ+jLW6/O29XEPrUESRA5L7ZF9si6Wx4yGlYpgazmq8EZQ
0vVyPxbQVWT11vcfhFa7+dfjW/y6qGz5pxAoO2Oe6s/O1xDg+mnXxztaJdiG+4VT
DmoQBYAg9zAMV+A5hDpovwzl4dAN0wYHHkREeo3WSsYsdD1c0fjZrddt4BK3wJ07
pG1xrYnALlwa1B2ZBshA4JlVcsDgLS5gi/urs2QFz4QlgHLdymB/3FyYI83LAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUs2EqXOs76yoPc9IP3OXwvQOtZbIwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzMTMwMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7c4wDQYJKoZIhvcNAQELBQADggEBAGwExeUCNsLR59zAnnKxGmRxVViLn/m3
QRqLEQXBVzgyIERXOue5hILJrd86EZxWi7gBVDGiglMQaOjeJVq6hJvwm7KqACCI
LmgZtTVCjEyOG5xOvRONGsNT6YTEDj8ZDcnentjwPD4R6Vrf9A0HHuiMTBXbPfC5
kMvNXJOy2PRIcclrJ3sZJKyQ8r0DY+Okb5YXI5wSHdWwKYjaTV4Q8C6dXDd5v+4W
gJaLgMqHQDrap1+F93cltprGwtLuiWRJxW1ybF73KIWgeu5L7H6pfYDvkfAvm15b
+4U67dgnS0ZaeieQPgqSdSLRf9Fj/iT2bFinuHf1+h6Xhnd0oNF1q1I=
-----END CERTIFICATE-----
Generated at Sun May 19 18:41:22 2024 by rpki-client on console-ams.rpki-client.org