Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230382e302f32342d3234203d3e203538303631.roa
File: 38352e3233372e3230382e302f32342d3234203d3e203538303631.roa (raw, json)
Hash identifier: 7rB1ekO5zeDxQOnghJIr4hY48S25A0nWzyOuTi+RscU=
Subject key identifier: 30:4D:35:BE:18:0E:91:CB:9D:AE:08:27:8A:EA:FB:8A:C2:04:34:02
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 0725930C4BDE82B6B95BCF17FC9314D7719B1280
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230382e302f32342d3234203d3e203538303631.roa
Signing time: Wed 20 Nov 2024 16:43:28 +0000
ROA not before: Wed 20 Nov 2024 16:38:28 +0000
ROA not after: Wed 19 Nov 2025 16:43:28 +0000
asID: 58061
IP address blocks: 85.237.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:25:93:0c:4b:de:82:b6:b9:5b:cf:17:fc:93:14:d7:71:9b:12:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 20 16:38:28 2024 GMT
Not After : Nov 19 16:43:28 2025 GMT
Subject: CN=304D35BE180E91CB9DAE08278AEAFB8AC2043402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:49:20:26:0e:2a:48:02:bf:9a:86:9b:0a:61:
33:86:36:8d:55:97:6c:8e:c1:71:bf:5f:79:bb:ae:
73:f0:c5:47:f6:ff:ec:a7:4a:4f:c0:bf:3f:1e:a2:
b6:69:67:9c:61:0c:49:07:c5:8d:7d:9d:05:2f:82:
2c:c0:5a:80:07:00:09:4e:89:1c:4f:be:4d:a7:a9:
0a:2c:ea:09:07:ee:cb:6e:96:98:9c:00:16:57:ca:
c9:f8:3b:8e:bb:d0:32:44:f9:cb:5d:4f:91:7f:9a:
90:4c:91:57:c8:db:1e:51:c5:b4:76:ba:56:37:69:
ce:fd:a5:06:2f:12:0a:5a:c6:48:ee:a0:44:2b:db:
f1:54:7d:d1:ba:44:b9:03:fb:e1:12:a6:78:a8:e8:
29:71:44:e5:88:6e:fa:3e:6e:26:37:f3:bb:f1:34:
5f:c8:b0:c8:e3:32:56:20:df:13:71:53:1c:cc:3e:
55:99:5d:b1:f9:02:ee:f4:5b:0d:83:be:4d:d9:e8:
01:f7:28:4f:18:67:ac:cb:b5:f7:d7:6c:17:fa:35:
15:18:cc:29:1d:e6:5e:b6:1b:cb:7c:79:7d:e7:13:
72:73:ea:92:62:33:a5:1b:2a:07:93:51:1a:59:d4:
01:83:ce:3b:0b:ef:c5:50:44:de:8c:72:69:47:21:
51:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:4D:35:BE:18:0E:91:CB:9D:AE:08:27:8A:EA:FB:8A:C2:04:34:02
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230382e302f32342d3234203d3e203538303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.208.0/24
Signature Algorithm: sha256WithRSAEncryption
07:d1:5c:ca:c8:0d:1f:e5:5f:29:4c:b1:66:4c:26:01:9a:c8:
56:91:6d:9f:a6:2d:c6:99:9b:1e:4a:36:40:cf:b4:02:19:b2:
18:e2:d7:88:0f:71:eb:2d:70:11:c1:26:56:6a:89:1c:79:58:
85:32:a9:d2:56:e9:92:a5:db:83:ae:c1:64:10:c2:fb:2b:08:
5c:26:97:d1:b0:b2:97:c2:34:da:61:47:a5:85:e8:2c:3e:c5:
a7:7f:57:d0:a7:b3:99:69:25:0a:cd:76:b0:59:dd:46:39:e8:
66:c0:ff:96:5f:c7:61:ec:cf:10:e5:74:f3:9c:5c:c6:85:37:
c5:31:49:9e:ae:b3:0a:e7:e0:2c:e5:ee:2e:79:c7:d2:d7:f9:
91:1e:57:16:22:0d:c2:f1:c1:86:13:c0:67:5c:97:a2:68:97:
24:87:0a:0b:11:e0:20:60:91:60:af:a2:4d:b4:62:84:1b:04:
ea:da:5d:c2:6c:87:f5:bc:76:2d:7e:ce:f6:34:0d:8e:17:14:
db:58:25:6e:1c:76:8a:7e:08:9c:fd:9d:c6:1b:df:d9:09:98:
16:3a:c8:18:21:b4:31:d3:f7:09:7b:76:ca:f6:06:b5:84:fd:
bf:67:a7:09:bf:82:1c:b6:4e:34:21:02:01:81:3d:50:de:c1:
73:5f:3d:12
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUByWTDEvegra5W88X/JMU13GbEoAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDExMjAxNjM4MjhaFw0yNTExMTkxNjQzMjhaMDMxMTAvBgNV
BAMTKDMwNEQzNUJFMTgwRTkxQ0I5REFFMDgyNzhBRUFGQjhBQzIwNDM0MDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDSSAmDipIAr+ahpsKYTOGNo1V
l2yOwXG/X3m7rnPwxUf2/+ynSk/Avz8eorZpZ5xhDEkHxY19nQUvgizAWoAHAAlO
iRxPvk2nqQos6gkH7stulpicABZXysn4O4670DJE+ctdT5F/mpBMkVfI2x5RxbR2
ulY3ac79pQYvEgpaxkjuoEQr2/FUfdG6RLkD++ESpnio6ClxROWIbvo+biY387vx
NF/IsMjjMlYg3xNxUxzMPlWZXbH5Au70Ww2Dvk3Z6AH3KE8YZ6zLtffXbBf6NRUY
zCkd5l62G8t8eX3nE3Jz6pJiM6UbKgeTURpZ1AGDzjsL78VQRN6McmlHIVHNAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUME01vhgOkcudrggniur7isIENAIwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM4MzAzNjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3QMA0GCSqGSIb3DQEBCwUAA4IBAQAH0VzKyA0f5V8pTLFmTCYBmshWkW2fpi3G
mZseSjZAz7QCGbIY4teID3HrLXARwSZWaokceViFMqnSVumSpduDrsFkEML7Kwhc
JpfRsLKXwjTaYUelhegsPsWnf1fQp7OZaSUKzXawWd1GOehmwP+WX8dh7M8Q5XTz
nFzGhTfFMUmerrMK5+As5e4uecfS1/mRHlcWIg3C8cGGE8BnXJeiaJckhwoLEeAg
YJFgr6JNtGKEGwTq2l3CbIf1vHYtfs72NA2OFxTbWCVuHHaKfgic/Z3GG9/ZCZgW
OsgYIbQx0/cJe3bK9ga1hP2/Z6cJv4Ictk40IQIBgT1Q3sFzXz0S
-----END CERTIFICATE-----
Generated at Fri Nov 22 07:03:45 2024 by rpki-client on console-fra.rpki-client.org