Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230392e302f32342d3234203d3e2037303239.roa
File: 38352e3233372e3230392e302f32342d3234203d3e2037303239.roa (raw, json)
Hash identifier: oWet5a4FFlI28p+HLumvqsjuxIOixMwbA47udLf3GsE=
Subject key identifier: DF:56:13:FD:06:47:51:14:2E:BE:67:80:CF:44:C7:83:A7:82:60:05
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 6BEEC2CF6E83EE6DFCB96641BA519FC816F0E826
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230392e302f32342d3234203d3e2037303239.roa
Signing time: Tue 05 Nov 2024 19:47:57 +0000
ROA not before: Tue 05 Nov 2024 19:42:57 +0000
ROA not after: Tue 04 Nov 2025 19:47:57 +0000
asID: 7029
IP address blocks: 85.237.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:ee:c2:cf:6e:83:ee:6d:fc:b9:66:41:ba:51:9f:c8:16:f0:e8:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 5 19:42:57 2024 GMT
Not After : Nov 4 19:47:57 2025 GMT
Subject: CN=DF5613FD064751142EBE6780CF44C783A7826005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:b7:be:4e:b3:f3:cd:52:88:34:61:e2:06:1c:
b2:11:59:de:bb:60:5d:c5:b9:cd:1f:47:d6:86:f0:
a7:4c:62:ce:4a:4f:ce:97:38:68:bd:da:41:f5:48:
55:6b:d9:ef:27:d4:53:3e:a9:d6:54:fa:36:cd:d6:
24:f7:74:bf:c5:ae:45:7c:9d:a5:2c:32:f6:8f:97:
e1:44:2c:27:7a:48:39:54:b0:0a:a2:bd:01:2c:dc:
0d:a2:45:63:94:0d:e0:f5:de:fa:ed:ca:05:0d:1a:
0d:e0:78:0b:f1:f9:94:75:f6:60:13:29:c9:48:e5:
d5:b6:aa:3a:a8:51:9f:fa:43:e2:98:a5:75:d3:56:
9c:61:4b:10:40:5a:da:b2:12:44:46:30:52:5a:d7:
8a:24:fe:91:84:40:c2:16:85:c9:ff:e2:87:a0:e0:
53:39:6c:6d:27:cb:2a:a4:d5:4f:fb:90:7a:f5:d1:
2c:14:6f:ba:89:5b:9c:f7:e4:5b:c2:df:df:c9:c9:
ae:db:60:65:86:2d:46:76:c5:d5:55:95:e7:9d:d8:
03:df:eb:55:8c:67:cc:eb:e0:82:7d:b0:41:ec:00:
09:e8:16:60:6d:30:5f:6b:21:73:31:ee:0d:36:de:
a0:fd:77:2a:a2:50:18:4b:ad:13:88:f5:f6:e0:b8:
58:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:56:13:FD:06:47:51:14:2E:BE:67:80:CF:44:C7:83:A7:82:60:05
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230392e302f32342d3234203d3e2037303239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.209.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:9f:e2:2c:b2:09:4b:45:9b:82:9b:61:6f:10:df:f5:bd:1b:
19:2e:12:ed:53:19:73:71:c4:6c:c9:21:de:1d:21:90:3b:d6:
13:7a:69:e4:01:1a:f5:b7:d6:4d:91:c4:8a:18:43:92:d1:6a:
4b:4c:6c:e1:1a:5b:39:56:b0:e0:4b:06:6c:5b:e7:ab:cf:b9:
b0:72:f0:a7:3c:03:4f:38:6f:78:d2:1e:b4:b7:40:0b:83:f3:
e6:d4:7b:ac:6c:bd:9c:79:b8:a9:ef:74:31:99:40:0a:d0:cb:
23:00:a6:5a:e8:28:6e:5c:62:82:52:78:cb:29:72:a8:f6:53:
2b:ef:28:e4:7c:38:18:86:9f:01:7b:21:60:3d:6f:50:a1:ff:
4b:6d:a2:3c:2f:31:b0:94:18:cd:dc:e9:cc:4d:87:d8:0f:bc:
a6:77:08:f8:79:50:d8:e8:ec:d0:e1:8e:04:4d:d5:3f:e3:e9:
06:67:31:ec:c2:b8:7e:a2:b1:1d:54:71:f9:60:20:09:53:eb:
2c:85:ab:04:b9:77:52:27:3d:93:aa:03:62:bb:2e:ec:c2:b5:
30:0c:63:b4:b7:38:cc:09:0d:fd:bb:fe:61:53:60:26:b9:fc:
5f:1e:33:45:57:a4:1a:e1:07:1e:1d:da:82:87:60:ce:9a:b4:
e7:f6:5a:60
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUa+7Cz26D7m38uWZBulGfyBbw6CYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDExMDUxOTQyNTdaFw0yNTExMDQxOTQ3NTdaMDMxMTAvBgNV
BAMTKERGNTYxM0ZEMDY0NzUxMTQyRUJFNjc4MENGNDRDNzgzQTc4MjYwMDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDit75Os/PNUog0YeIGHLIRWd67
YF3Fuc0fR9aG8KdMYs5KT86XOGi92kH1SFVr2e8n1FM+qdZU+jbN1iT3dL/FrkV8
naUsMvaPl+FELCd6SDlUsAqivQEs3A2iRWOUDeD13vrtygUNGg3geAvx+ZR19mAT
KclI5dW2qjqoUZ/6Q+KYpXXTVpxhSxBAWtqyEkRGMFJa14ok/pGEQMIWhcn/4oeg
4FM5bG0nyyqk1U/7kHr10SwUb7qJW5z35FvC39/Jya7bYGWGLUZ2xdVVleed2APf
61WMZ8zr4IJ9sEHsAAnoFmBtMF9rIXMx7g023qD9dyqiUBhLrROI9fbguFjLAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU31YT/QZHURQuvmeAz0THg6eCYAUwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNzMwMzIzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXt
0TANBgkqhkiG9w0BAQsFAAOCAQEATJ/iLLIJS0WbgpthbxDf9b0bGS4S7VMZc3HE
bMkh3h0hkDvWE3pp5AEa9bfWTZHEihhDktFqS0xs4RpbOVaw4EsGbFvnq8+5sHLw
pzwDTzhveNIetLdAC4Pz5tR7rGy9nHm4qe90MZlACtDLIwCmWugoblxiglJ4yyly
qPZTK+8o5Hw4GIafAXshYD1vUKH/S22iPC8xsJQYzdzpzE2H2A+8pncI+HlQ2Ojs
0OGOBE3VP+PpBmcx7MK4fqKxHVRx+WAgCVPrLIWrBLl3Uic9k6oDYrsu7MK1MAxj
tLc4zAkN/bv+YVNgJrn8Xx4zRVekGuEHHh3agodgzpq05/ZaYA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org