Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230372e302f32342d3234203d3e20313938313030.roa
File: 38352e3233372e3230372e302f32342d3234203d3e20313938313030.roa (raw, json)
Hash identifier: I0ZNF4zIrxGl8ubeIZ4N2ihc6OFVtV29RDw2wU1tONs=
Subject key identifier: F1:2D:D7:3E:16:22:25:7A:14:D1:74:50:AF:FA:76:7C:45:55:BF:CC
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 1853E43B019D348188B9217765EFD4A971C44A5A
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230372e302f32342d3234203d3e20313938313030.roa
Signing time: Wed 08 Nov 2023 09:22:56 +0000
ROA not before: Wed 08 Nov 2023 09:17:56 +0000
ROA not after: Wed 06 Nov 2024 09:22:56 +0000
asID: 198100
IP address blocks: 85.237.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 May 2024 13:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:53:e4:3b:01:9d:34:81:88:b9:21:77:65:ef:d4:a9:71:c4:4a:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:17:56 2023 GMT
Not After : Nov 6 09:22:56 2024 GMT
Subject: CN=F12DD73E1622257A14D17450AFFA767C4555BFCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f1:9c:e1:39:3c:58:af:db:83:ea:90:d5:ba:
29:bd:de:db:53:aa:dd:71:23:40:41:70:8d:85:a2:
91:ca:78:fc:e3:8a:b7:f9:4c:a4:28:8b:8b:9b:2a:
8c:2c:de:b6:39:91:09:61:ad:d7:16:e3:02:67:2a:
7f:e6:a3:2f:f7:b0:70:91:b1:66:12:92:41:ac:f0:
12:f0:75:00:d7:00:ff:e2:90:b6:05:71:ae:2c:47:
44:b3:56:e0:89:25:2a:66:1b:94:e9:09:15:eb:19:
84:3a:23:be:be:31:25:5b:e2:57:d6:b1:99:ca:aa:
dc:9f:58:dd:c6:c5:db:55:3e:e6:6b:10:f0:b5:b9:
a3:f0:3c:d1:54:b4:0f:8a:0b:26:3c:f3:20:29:9a:
6c:04:41:47:49:b9:e9:5f:5f:87:ae:e2:ae:1f:74:
a4:2e:36:d6:ce:e6:4f:a2:ec:42:b2:2b:b2:ee:b6:
d2:2f:5f:64:69:08:d2:56:e4:e8:2f:a9:ab:9c:6a:
32:b8:73:e9:2e:ed:d7:49:f0:95:b7:8b:3c:76:ed:
c3:b9:c3:ee:ce:9c:96:44:fe:c4:0d:f9:2e:7e:3d:
6c:30:0d:6a:2a:a9:8f:6f:85:c9:6d:fc:4b:18:42:
6a:2c:17:b1:0c:8e:ce:63:c1:cf:5e:86:73:2b:6c:
ba:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:2D:D7:3E:16:22:25:7A:14:D1:74:50:AF:FA:76:7C:45:55:BF:CC
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230372e302f32342d3234203d3e20313938313030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.207.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:56:b5:ca:01:90:e7:c3:35:73:be:7f:a0:0f:50:80:58:95:
5c:57:da:30:72:b2:f3:91:02:e9:e2:eb:7f:a5:0b:f6:da:b1:
59:16:f9:0d:01:0a:85:91:86:d9:6d:4e:5f:48:84:7b:21:fd:
0e:45:18:71:a4:60:38:d3:26:17:5b:a5:5f:5a:64:67:b9:ba:
74:f1:01:01:c9:c5:58:c5:b6:fb:93:59:3a:bd:2a:89:bd:c4:
de:4d:fe:57:c1:af:84:8c:bb:d6:6c:16:dd:e1:ea:99:5a:a3:
35:69:e8:9d:ba:ed:7e:51:f5:e1:61:a5:4b:a5:c8:90:a1:3f:
68:c1:67:b7:a1:99:cd:0c:d4:65:e5:29:08:6d:96:59:89:f7:
ed:04:4e:4f:23:e0:33:ce:9c:8a:99:80:54:02:94:3e:73:23:
c1:1f:f4:d4:92:16:87:d3:ac:b2:d5:29:2a:d5:7f:ef:c8:57:
b7:88:73:88:8f:49:8f:47:43:39:08:9b:dc:75:15:ac:e6:49:
7d:56:94:21:d3:2f:ff:43:a8:63:9a:60:26:4b:c3:f5:df:d2:
b9:2f:8e:eb:09:c4:24:51:c0:d9:00:ad:31:0c:51:42:e4:d9:
d5:8c:de:7a:2a:8f:da:5c:fc:51:79:98:bd:5f:ac:2c:93:ad:
aa:ad:5f:24
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGFPkOwGdNIGIuSF3Ze/UqXHESlowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE3NTZaFw0yNDExMDYwOTIyNTZaMDMxMTAvBgNV
BAMTKEYxMkRENzNFMTYyMjI1N0ExNEQxNzQ1MEFGRkE3NjdDNDU1NUJGQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT8ZzhOTxYr9uD6pDVuim93ttT
qt1xI0BBcI2FopHKePzjirf5TKQoi4ubKows3rY5kQlhrdcW4wJnKn/moy/3sHCR
sWYSkkGs8BLwdQDXAP/ikLYFca4sR0SzVuCJJSpmG5TpCRXrGYQ6I76+MSVb4lfW
sZnKqtyfWN3GxdtVPuZrEPC1uaPwPNFUtA+KCyY88yApmmwEQUdJuelfX4eu4q4f
dKQuNtbO5k+i7EKyK7LuttIvX2RpCNJW5OgvqaucajK4c+ku7ddJ8JW3izx27cO5
w+7OnJZE/sQN+S5+PWwwDWoqqY9vhclt/EsYQmosF7EMjs5jwc9ehnMrbLo1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU8S3XPhYiJXoU0XRQr/p2fEVVv8wwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzMTMwMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7c8wDQYJKoZIhvcNAQELBQADggEBAI9WtcoBkOfDNXO+f6APUIBYlVxX2jBy
svORAuni63+lC/basVkW+Q0BCoWRhtltTl9IhHsh/Q5FGHGkYDjTJhdbpV9aZGe5
unTxAQHJxVjFtvuTWTq9Kom9xN5N/lfBr4SMu9ZsFt3h6plaozVp6J267X5R9eFh
pUulyJChP2jBZ7ehmc0M1GXlKQhtllmJ9+0ETk8j4DPOnIqZgFQClD5zI8Ef9NSS
FofTrLLVKSrVf+/IV7eIc4iPSY9HQzkIm9x1FazmSX1WlCHTL/9DqGOaYCZLw/Xf
0rkvjusJxCRRwNkArTEMUULk2dWM3noqj9pc/FF5mL1frCyTraqtXyQ=
-----END CERTIFICATE-----
Generated at Wed May 29 17:52:06 2024 by rpki-client on console-fra.rpki-client.org