Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231302e302f32342d3234203d3e20323039313831.roa
File: 38352e3233372e3231302e302f32342d3234203d3e20323039313831.roa (raw, json)
Hash identifier: ABh3ynZ8xw9hJ3wql+qm9bfSArYCdzzqjdWn2TzWa4M=
Subject key identifier: 9D:73:8C:A9:1E:39:12:F1:27:09:B4:4A:BF:0A:F7:65:2C:28:FF:DE
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 081B6CB91851273989C3554E86BF93BEFC09DC39
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231302e302f32342d3234203d3e20323039313831.roa
Signing time: Wed 09 Oct 2024 09:43:23 +0000
ROA not before: Wed 09 Oct 2024 09:38:23 +0000
ROA not after: Wed 08 Oct 2025 09:43:23 +0000
asID: 209181
IP address blocks: 85.237.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:1b:6c:b9:18:51:27:39:89:c3:55:4e:86:bf:93:be:fc:09:dc:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:23 2024 GMT
Not After : Oct 8 09:43:23 2025 GMT
Subject: CN=9D738CA91E3912F12709B44ABF0AF7652C28FFDE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c2:82:76:1d:db:25:f9:ee:8c:71:08:7a:45:
32:e8:07:18:2c:43:fd:56:75:8a:25:71:2c:dd:eb:
6b:05:e2:99:60:19:8b:d3:52:85:0f:96:dc:e8:a3:
a2:e7:ca:b9:b0:e1:6e:c2:dd:5d:e6:ac:16:a5:d9:
c8:b8:6b:c9:d9:ab:59:22:c8:5b:66:f7:0a:8f:a0:
e9:40:68:06:f4:3b:6b:a8:85:c4:ce:d6:e2:5b:2e:
83:ee:25:76:74:c9:4f:a2:30:00:4c:ab:48:0d:8a:
27:37:73:ca:8a:ab:3d:4c:2f:47:16:70:18:f3:e1:
95:39:7c:cb:3f:02:60:16:34:12:b7:19:a7:08:c1:
16:4c:c7:83:79:24:97:af:c1:f1:96:78:79:c6:18:
0f:8c:32:cc:0b:5d:b5:f0:f7:7d:96:d7:5f:7b:84:
a0:b2:8b:ee:10:34:57:d6:18:36:ff:e9:95:bd:35:
3b:df:9c:d2:a2:19:5c:32:99:3c:24:fe:75:71:82:
24:d4:8c:b4:3b:34:3d:0a:35:60:33:2f:22:a3:b9:
83:78:05:1a:a9:81:d1:91:52:74:83:20:a9:b0:19:
89:b6:a6:f2:b8:8d:08:2d:80:f6:3d:7a:cf:52:8a:
d4:8b:c9:05:9b:be:df:5f:2b:f0:ca:32:05:69:8c:
39:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:73:8C:A9:1E:39:12:F1:27:09:B4:4A:BF:0A:F7:65:2C:28:FF:DE
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231302e302f32342d3234203d3e20323039313831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.210.0/24
Signature Algorithm: sha256WithRSAEncryption
26:d2:3f:04:bf:69:a7:d6:3f:13:f6:91:4b:f7:66:43:a8:09:
ff:52:1e:a8:ab:52:d1:85:f1:88:17:b2:ed:7f:2f:58:be:e7:
57:3a:bc:24:1e:fd:4b:35:7c:5c:e8:e4:a2:f4:b6:5c:fe:19:
fd:fd:76:5b:43:44:02:1b:be:ad:86:67:06:5f:f2:e6:ec:62:
f9:40:ba:a8:bb:68:05:00:4b:3c:ac:d8:4b:af:3c:5b:07:c9:
f9:78:c0:1a:62:9f:a1:bb:7a:58:50:97:db:b6:32:73:18:61:
ae:a2:14:43:cb:2e:41:e0:80:77:60:51:d1:d6:13:15:dd:a1:
a8:8c:03:70:5f:85:9c:38:d8:16:d7:49:cd:3d:0b:98:14:06:
b2:6f:34:af:7d:f8:8d:7f:6e:83:d2:b3:1e:6b:fe:ff:e4:01:
8f:fe:57:09:f1:77:f2:4c:a8:22:cc:a8:c4:15:4e:23:09:d4:
85:4c:52:3f:de:1c:e2:87:56:60:e7:92:2d:ed:ce:ea:91:93:
40:f7:17:7a:da:7b:fc:f6:6a:de:a4:77:93:82:c2:13:ef:97:
57:6e:ea:3a:68:b6:ea:05:fd:e2:07:76:6b:e7:3d:87:3b:57:
b6:2c:e5:25:4d:6e:0f:3d:40:d1:10:cb:4c:26:10:2c:9e:85:
c8:47:71:dd
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCBtsuRhRJzmJw1VOhr+TvvwJ3DkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjNaFw0yNTEwMDgwOTQzMjNaMDMxMTAvBgNV
BAMTKDlENzM4Q0E5MUUzOTEyRjEyNzA5QjQ0QUJGMEFGNzY1MkMyOEZGREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXwoJ2Hdsl+e6McQh6RTLoBxgs
Q/1WdYolcSzd62sF4plgGYvTUoUPltzoo6Lnyrmw4W7C3V3mrBal2ci4a8nZq1ki
yFtm9wqPoOlAaAb0O2uohcTO1uJbLoPuJXZ0yU+iMABMq0gNiic3c8qKqz1ML0cW
cBjz4ZU5fMs/AmAWNBK3GacIwRZMx4N5JJevwfGWeHnGGA+MMswLXbXw932W1197
hKCyi+4QNFfWGDb/6ZW9NTvfnNKiGVwymTwk/nVxgiTUjLQ7ND0KNWAzLyKjuYN4
BRqpgdGRUnSDIKmwGYm2pvK4jQgtgPY9es9SitSLyQWbvt9fK/DKMgVpjDnBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUnXOMqR45EvEnCbRKvwr3ZSwo/94wHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzkzMTM4MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7dIwDQYJKoZIhvcNAQELBQADggEBACbSPwS/aafWPxP2kUv3ZkOoCf9SHqir
UtGF8YgXsu1/L1i+51c6vCQe/Us1fFzo5KL0tlz+Gf39dltDRAIbvq2GZwZf8ubs
YvlAuqi7aAUASzys2EuvPFsHyfl4wBpin6G7elhQl9u2MnMYYa6iFEPLLkHggHdg
UdHWExXdoaiMA3BfhZw42BbXSc09C5gUBrJvNK99+I1/boPSsx5r/v/kAY/+Vwnx
d/JMqCLMqMQVTiMJ1IVMUj/eHOKHVmDnki3tzuqRk0D3F3rae/z2at6kd5OCwhPv
l1du6jpotuoF/eIHdmvnPYc7V7Ys5SVNbg89QNEQy0wmECyehchHcd0=
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:50 2024 by rpki-client on console-fra.rpki-client.org