Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230382e302f32342d3234203d3e203538303631.roa
File: 38352e3233372e3230382e302f32342d3234203d3e203538303631.roa (raw, json)
Hash identifier: ufGtYwD2LnFvHDGtU7wDVxJ9dyrk8T0vc9hc3y3Pcxg=
Subject key identifier: 60:12:C6:B7:47:16:76:D1:22:8A:0C:9B:C7:CD:93:9E:62:C5:A5:27
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 2161F95BDF17D87B934FAC4318CF1EB7D9BC1FBE
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230382e302f32342d3234203d3e203538303631.roa
Signing time: Wed 20 Dec 2023 16:16:52 +0000
ROA not before: Wed 20 Dec 2023 16:11:52 +0000
ROA not after: Wed 18 Dec 2024 16:16:52 +0000
asID: 58061
IP address blocks: 85.237.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 22:35:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:61:f9:5b:df:17:d8:7b:93:4f:ac:43:18:cf:1e:b7:d9:bc:1f:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Dec 20 16:11:52 2023 GMT
Not After : Dec 18 16:16:52 2024 GMT
Subject: CN=6012C6B7471676D1228A0C9BC7CD939E62C5A527
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:54:c9:f4:92:6e:36:f2:4b:d5:1c:09:a8:b8:
7c:0b:8b:77:f1:a9:48:9d:f5:ea:54:e6:35:d0:3b:
af:2c:4d:5a:b7:25:49:7d:5c:66:b1:4a:ec:28:bf:
1c:c0:5d:85:7b:45:ca:d2:8f:4b:3c:ea:4d:6f:81:
cd:ec:bf:c3:ca:fd:94:da:6e:ad:4c:be:d8:27:22:
55:da:cf:3c:a8:bb:fd:db:fc:b6:d3:d1:5e:ba:99:
16:28:32:49:47:2d:4d:29:4c:83:46:3a:a2:39:9d:
05:14:fe:31:46:19:f5:4f:8a:13:1a:c8:6d:4d:7d:
e1:37:a4:b7:d1:e3:92:99:d4:ca:57:ce:1b:08:d2:
80:45:4c:3e:01:af:77:ae:2b:ac:d9:3a:d9:c0:82:
60:f5:a2:ef:22:54:75:8a:ac:4a:2f:12:13:43:a0:
5c:86:4a:a9:14:fc:95:d8:cc:da:14:05:a8:69:d1:
63:7d:cc:ae:d3:b2:3e:bd:60:68:b6:f9:8b:84:39:
c5:0d:35:6c:53:1c:de:4f:4c:e6:2d:a0:90:c9:33:
fb:72:50:bd:b9:14:09:ec:09:a0:5b:10:98:15:26:
0d:7c:a3:f2:15:ea:0e:58:6c:bb:aa:03:b3:e7:f0:
6e:90:df:55:29:32:c1:92:04:ed:4d:6e:2d:ba:96:
b1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:12:C6:B7:47:16:76:D1:22:8A:0C:9B:C7:CD:93:9E:62:C5:A5:27
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230382e302f32342d3234203d3e203538303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.208.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:2b:21:f9:b7:f6:56:59:93:3b:55:24:ea:4b:57:40:75:c7:
9b:23:82:c7:34:e5:ca:ef:fa:de:b5:6b:c8:48:3b:e6:55:c7:
a0:5d:47:61:41:c6:fe:98:ca:b0:57:8f:c2:89:82:16:5d:6d:
e5:1e:5e:1f:20:51:0c:b5:7d:02:ec:8c:de:b3:77:f9:cb:73:
5c:f2:6b:3f:4a:77:30:3c:46:d4:07:3d:29:09:2f:8d:b8:85:
b3:27:42:2d:29:84:62:93:9c:1a:b2:83:8f:c2:79:1b:75:67:
de:9a:b7:a1:98:71:1f:5b:06:e2:a8:83:50:51:39:f8:f2:b4:
b5:25:99:78:43:fe:ab:ad:48:a2:d0:37:f7:d8:df:df:0f:4b:
bc:62:e1:70:b5:a2:5f:a0:a5:18:aa:13:61:be:12:6a:64:6c:
10:d9:d0:e0:05:73:20:ab:21:98:71:fd:be:d9:2a:35:5a:8b:
8b:26:f8:dd:37:0f:72:43:95:eb:25:2b:c1:a5:be:b5:a0:ea:
eb:0c:7f:1a:7a:bf:0b:4d:ae:8f:c4:d0:22:28:6a:1e:ea:45:
2d:a4:6f:a5:4d:9b:d2:6e:81:7b:b1:2b:ef:48:92:d4:6f:3a:
94:8d:e7:e4:77:40:12:a7:17:5f:b3:5e:ff:d1:d2:f7:0c:dd:
11:7b:17:fd
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIWH5W98X2HuTT6xDGM8et9m8H74wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzEyMjAxNjExNTJaFw0yNDEyMTgxNjE2NTJaMDMxMTAvBgNV
BAMTKDYwMTJDNkI3NDcxNjc2RDEyMjhBMEM5QkM3Q0Q5MzlFNjJDNUE1MjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3VMn0km428kvVHAmouHwLi3fx
qUid9epU5jXQO68sTVq3JUl9XGaxSuwovxzAXYV7RcrSj0s86k1vgc3sv8PK/ZTa
bq1MvtgnIlXazzyou/3b/LbT0V66mRYoMklHLU0pTINGOqI5nQUU/jFGGfVPihMa
yG1NfeE3pLfR45KZ1MpXzhsI0oBFTD4Br3euK6zZOtnAgmD1ou8iVHWKrEovEhND
oFyGSqkU/JXYzNoUBahp0WN9zK7Tsj69YGi2+YuEOcUNNWxTHN5PTOYtoJDJM/ty
UL25FAnsCaBbEJgVJg18o/IV6g5YbLuqA7Pn8G6Q31UpMsGSBO1Nbi26lrHvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUYBLGt0cWdtEiigybx82TnmLFpScwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM4MzAzNjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3QMA0GCSqGSIb3DQEBCwUAA4IBAQAdKyH5t/ZWWZM7VSTqS1dAdcebI4LHNOXK
7/retWvISDvmVcegXUdhQcb+mMqwV4/CiYIWXW3lHl4fIFEMtX0C7Izes3f5y3Nc
8ms/SncwPEbUBz0pCS+NuIWzJ0ItKYRik5wasoOPwnkbdWfemrehmHEfWwbiqINQ
UTn48rS1JZl4Q/6rrUii0Df32N/fD0u8YuFwtaJfoKUYqhNhvhJqZGwQ2dDgBXMg
qyGYcf2+2So1WouLJvjdNw9yQ5XrJSvBpb61oOrrDH8aer8LTa6PxNAiKGoe6kUt
pG+lTZvSboF7sSvvSJLUbzqUjefkd0ASpxdfs17/0dL3DN0Rexf9
-----END CERTIFICATE-----
Generated at Thu May 23 00:59:09 2024 by rpki-client on console-fra.rpki-client.org