Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230372e302f32342d3234203d3e20313938313030.roa
File: 38352e3233372e3230372e302f32342d3234203d3e20313938313030.roa (raw, json)
Hash identifier: d9HgowFfpuRoX8uwxAcMkFTpZECZr1ZQKr7sVLu6dOI=
Subject key identifier: F2:54:1B:4B:2D:B2:B0:A9:03:A4:46:13:DC:36:7A:81:20:28:CB:44
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 16626189E669BFE256FAD8717239ACF01BFF156D
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230372e302f32342d3234203d3e20313938313030.roa
Signing time: Wed 09 Oct 2024 09:43:23 +0000
ROA not before: Wed 09 Oct 2024 09:38:23 +0000
ROA not after: Wed 08 Oct 2025 09:43:23 +0000
asID: 198100
IP address blocks: 85.237.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:62:61:89:e6:69:bf:e2:56:fa:d8:71:72:39:ac:f0:1b:ff:15:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:23 2024 GMT
Not After : Oct 8 09:43:23 2025 GMT
Subject: CN=F2541B4B2DB2B0A903A44613DC367A812028CB44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f5:9a:e4:66:d1:f3:01:f7:75:87:da:3c:43:
65:ef:be:87:35:77:6f:7a:91:0b:ea:fb:a1:f6:df:
55:62:e8:e2:1c:66:7e:11:2b:96:66:af:ec:cf:21:
7e:b8:e1:b3:61:9c:85:72:02:c8:af:24:73:f1:07:
e7:3c:06:64:61:2f:f7:a5:41:05:aa:5e:e3:44:b7:
24:c2:81:07:41:e0:0e:a0:2a:b6:ff:ec:f0:db:fb:
ed:e8:a8:f3:e7:b7:36:7b:12:54:e2:91:49:0d:dc:
28:5e:21:78:ab:2a:84:79:a9:e7:fb:4c:a3:d2:f3:
49:15:aa:e1:fe:0b:72:6b:82:94:e0:9f:95:2d:4c:
f7:f5:48:70:95:26:4e:be:f1:90:63:f8:b6:4b:13:
11:ac:bd:7d:7d:93:11:6e:c4:f8:55:13:6e:44:4e:
7c:e4:5f:db:61:49:d4:b2:1b:86:0a:36:cb:bc:78:
36:f1:6c:cd:45:b8:ef:9a:66:d3:1c:3c:cf:6b:36:
bd:f2:df:84:61:21:10:6c:25:20:d0:01:7e:27:5d:
e4:db:5c:3a:4c:7e:f3:b5:27:59:94:e8:4a:ed:5d:
a4:27:40:ac:3a:cf:33:01:95:b6:e0:1c:1a:c5:24:
85:e0:ee:7d:f3:6c:35:7b:d3:76:78:fe:2a:b1:7d:
fb:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:54:1B:4B:2D:B2:B0:A9:03:A4:46:13:DC:36:7A:81:20:28:CB:44
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230372e302f32342d3234203d3e20313938313030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.207.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:9f:31:72:a1:28:21:02:07:57:76:be:ca:8f:88:72:b6:58:
c2:4e:39:75:3c:04:b3:4a:c6:d8:47:8e:5d:cc:39:59:f8:55:
1e:a1:fc:da:c6:43:42:90:eb:77:0e:78:94:a9:a9:1d:77:0f:
0b:ee:da:3c:2c:5f:1f:3a:64:48:e0:d1:6a:1d:e9:56:1c:0b:
a2:1d:8e:bb:80:f1:4e:b5:30:1d:ab:49:d3:37:dc:99:df:79:
3a:f4:e8:f8:58:dd:48:8c:55:e9:2b:3d:72:4e:30:a9:cc:d0:
3d:62:a9:df:9f:37:96:15:9b:f8:ea:34:ed:4a:db:e1:0c:cc:
5c:ec:bd:7b:95:43:b3:a0:3a:28:2d:ed:96:d9:bc:2b:81:bf:
ae:72:26:78:cf:8a:a4:84:b0:06:6a:ea:ba:a7:99:e2:31:5b:
6f:90:d2:9d:c2:3e:00:8e:e9:9a:f8:0c:aa:87:54:0d:b4:2e:
91:ff:b7:f8:f2:2b:56:dd:65:58:aa:e1:7f:e1:c7:a6:97:f6:
3f:86:9d:da:6c:fa:c7:bc:b4:54:40:2e:af:02:3a:16:60:89:
f0:e6:18:00:7e:f0:c0:fb:63:bb:45:db:58:94:ab:0f:73:6d:
cb:f1:12:de:00:60:95:a7:9e:80:a4:be:9c:68:15:2c:b1:82:
13:da:f7:d8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFmJhieZpv+JW+thxcjms8Bv/FW0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjNaFw0yNTEwMDgwOTQzMjNaMDMxMTAvBgNV
BAMTKEYyNTQxQjRCMkRCMkIwQTkwM0E0NDYxM0RDMzY3QTgxMjAyOENCNDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQ9ZrkZtHzAfd1h9o8Q2Xvvoc1
d296kQvq+6H231Vi6OIcZn4RK5Zmr+zPIX644bNhnIVyAsivJHPxB+c8BmRhL/el
QQWqXuNEtyTCgQdB4A6gKrb/7PDb++3oqPPntzZ7ElTikUkN3CheIXirKoR5qef7
TKPS80kVquH+C3JrgpTgn5UtTPf1SHCVJk6+8ZBj+LZLExGsvX19kxFuxPhVE25E
TnzkX9thSdSyG4YKNsu8eDbxbM1FuO+aZtMcPM9rNr3y34RhIRBsJSDQAX4nXeTb
XDpMfvO1J1mU6ErtXaQnQKw6zzMBlbbgHBrFJIXg7n3zbDV703Z4/iqxffu5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU8lQbSy2ysKkDpEYT3DZ6gSAoy0QwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzMTMwMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7c8wDQYJKoZIhvcNAQELBQADggEBAJqfMXKhKCECB1d2vsqPiHK2WMJOOXU8
BLNKxthHjl3MOVn4VR6h/NrGQ0KQ63cOeJSpqR13Dwvu2jwsXx86ZEjg0Wod6VYc
C6IdjruA8U61MB2rSdM33JnfeTr06PhY3UiMVekrPXJOMKnM0D1iqd+fN5YVm/jq
NO1K2+EMzFzsvXuVQ7OgOigt7ZbZvCuBv65yJnjPiqSEsAZq6rqnmeIxW2+Q0p3C
PgCO6Zr4DKqHVA20LpH/t/jyK1bdZViq4X/hx6aX9j+Gndps+se8tFRALq8COhZg
ifDmGAB+8MD7Y7tF21iUqw9zbcvxEt4AYJWnnoCkvpxoFSyxghPa99g=
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:14:20 2024 by rpki-client on console-ams.rpki-client.org