Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231302e302f32342d3234203d3e20323039313831.roa
File: 38352e3233372e3231302e302f32342d3234203d3e20323039313831.roa (raw, json)
Hash identifier: 6461U6S56oFyN48m0PSGoHSz/yooCearev+8VYoGLAk=
Subject key identifier: 40:ED:AC:64:FA:D9:2F:D9:FF:F0:5E:63:7A:C9:2C:B2:A9:EF:96:B6
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 12723860C194E0CBE5839C06FF9FFC16152AA104
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231302e302f32342d3234203d3e20323039313831.roa
Signing time: Wed 08 Nov 2023 09:23:37 +0000
ROA not before: Wed 08 Nov 2023 09:18:37 +0000
ROA not after: Wed 06 Nov 2024 09:23:37 +0000
asID: 209181
IP address blocks: 85.237.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:72:38:60:c1:94:e0:cb:e5:83:9c:06:ff:9f:fc:16:15:2a:a1:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:18:37 2023 GMT
Not After : Nov 6 09:23:37 2024 GMT
Subject: CN=40EDAC64FAD92FD9FFF05E637AC92CB2A9EF96B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7e:ae:37:d7:95:ab:2c:fe:5f:9c:8c:a7:b9:
92:b0:29:fd:39:5e:37:a2:5c:0e:cd:10:f0:4f:3d:
13:99:2c:df:8f:45:25:1d:05:fd:f9:c9:e3:2a:2e:
0a:02:60:f7:aa:04:19:c2:d6:00:f9:37:67:38:5a:
72:27:d0:c8:75:72:ed:c9:56:a8:de:63:22:49:cc:
7e:0e:14:e8:9e:68:2a:ea:97:cf:92:80:7d:8b:f1:
67:14:ed:88:4e:ef:d4:65:47:f9:29:77:61:91:da:
17:47:07:13:62:be:81:46:03:c5:0a:a9:e2:02:76:
00:3b:60:a7:85:2e:4e:70:5f:65:b3:2b:21:bf:45:
f8:21:1d:fa:d6:ee:29:c6:79:4c:0c:a3:10:36:bf:
8b:24:65:99:ac:5c:d9:bf:54:6e:b4:d9:47:e1:24:
8e:30:65:3a:c4:b6:8b:0e:ff:c6:e2:75:ae:03:cf:
61:cf:c0:95:81:90:cb:a3:bd:0c:d1:df:42:c8:13:
d6:57:0d:33:d5:33:0e:07:25:1a:38:65:03:41:a4:
81:b7:b1:3b:9d:e2:c1:0d:28:f3:da:18:be:2a:b4:
76:1c:df:5d:f8:c5:7c:dd:3f:79:18:81:b3:3a:26:
0a:98:f2:bf:a3:84:82:7c:ec:fc:45:5b:15:84:19:
49:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:ED:AC:64:FA:D9:2F:D9:FF:F0:5E:63:7A:C9:2C:B2:A9:EF:96:B6
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231302e302f32342d3234203d3e20323039313831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.210.0/24
Signature Algorithm: sha256WithRSAEncryption
20:e1:fb:26:e7:f0:52:c8:36:e6:b7:a6:15:bd:b4:f4:80:da:
e5:8b:73:f0:1a:40:70:d9:d4:86:46:7f:c1:48:47:35:9b:44:
16:3f:8d:7f:b6:c7:fd:1e:12:f0:91:22:7b:17:0d:b0:aa:8b:
36:44:d1:d1:b2:ec:b0:d4:f3:6a:1a:c1:09:b7:fd:ac:2c:bc:
e3:0d:45:24:21:01:c4:a1:e5:3f:f2:35:9e:d3:d8:98:52:a9:
13:63:16:6e:0a:e8:c7:8b:36:5a:20:9d:5c:3a:a2:a3:d3:3b:
a1:ab:2e:d0:57:fd:eb:94:04:a0:88:1c:f8:d0:b2:d8:d7:73:
2d:6f:c6:0e:4a:24:74:5e:cb:1c:90:5e:70:85:54:c8:47:8d:
4a:d7:37:ad:44:0e:fa:1d:be:de:ea:11:76:8e:a2:48:a1:b7:
44:17:47:e5:d8:7c:e6:f7:70:6e:6e:6c:c6:3e:ed:a0:32:c4:
89:e8:73:2a:b6:17:ed:2e:b5:e3:78:d8:a2:d5:1a:cd:1a:26:
09:76:83:27:5f:30:6f:9e:85:f3:b4:5d:8e:ce:e6:f1:26:2e:
e2:c7:b2:d6:4b:99:eb:15:a8:5c:7f:0d:ce:62:fb:af:51:9f:
b6:2b:b5:88:7a:f9:06:f9:00:b3:56:2e:c5:38:2c:40:46:4f:
06:35:f5:1b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEnI4YMGU4Mvlg5wG/5/8FhUqoQQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE4MzdaFw0yNDExMDYwOTIzMzdaMDMxMTAvBgNV
BAMTKDQwRURBQzY0RkFEOTJGRDlGRkYwNUU2MzdBQzkyQ0IyQTlFRjk2QjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRfq4315WrLP5fnIynuZKwKf05
XjeiXA7NEPBPPROZLN+PRSUdBf35yeMqLgoCYPeqBBnC1gD5N2c4WnIn0Mh1cu3J
VqjeYyJJzH4OFOieaCrql8+SgH2L8WcU7YhO79RlR/kpd2GR2hdHBxNivoFGA8UK
qeICdgA7YKeFLk5wX2WzKyG/RfghHfrW7inGeUwMoxA2v4skZZmsXNm/VG602Ufh
JI4wZTrEtosO/8bida4Dz2HPwJWBkMujvQzR30LIE9ZXDTPVMw4HJRo4ZQNBpIG3
sTud4sENKPPaGL4qtHYc3134xXzdP3kYgbM6JgqY8r+jhIJ87PxFWxWEGUk7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUQO2sZPrZL9n/8F5jeskssqnvlrYwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzkzMTM4MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7dIwDQYJKoZIhvcNAQELBQADggEBACDh+ybn8FLINua3phW9tPSA2uWLc/Aa
QHDZ1IZGf8FIRzWbRBY/jX+2x/0eEvCRInsXDbCqizZE0dGy7LDU82oawQm3/aws
vOMNRSQhAcSh5T/yNZ7T2JhSqRNjFm4K6MeLNlognVw6oqPTO6GrLtBX/euUBKCI
HPjQstjXcy1vxg5KJHReyxyQXnCFVMhHjUrXN61EDvodvt7qEXaOokiht0QXR+XY
fOb3cG5ubMY+7aAyxInocyq2F+0uteN42KLVGs0aJgl2gydfMG+ehfO0XY7O5vEm
LuLHstZLmesVqFx/Dc5i+69Rn7YrtYh6+Qb5ALNWLsU4LEBGTwY19Rs=
-----END CERTIFICATE-----
Generated at Thu May 2 07:17:10 2024 by rpki-client on console-ams.rpki-client.org