Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231312e302f32342d3234203d3e203231383539.roa
File: 38352e3233372e3231312e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier: S6oT2+XBCRWMSCouko7Fn4JBZRddb+ukKmlYrA6MOTs=
Subject key identifier: B7:2D:F9:E2:CA:5D:6D:37:C9:D1:45:48:37:48:E0:D3:52:3F:AF:CC
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 476101D73FAF9C8866708FAF9F6EBD27BB8CEFBF
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231312e302f32342d3234203d3e203231383539.roa
Signing time: Wed 10 Jul 2024 06:24:50 +0000
ROA not before: Wed 10 Jul 2024 06:19:50 +0000
ROA not after: Wed 09 Jul 2025 06:24:50 +0000
asID: 21859
IP address blocks: 85.237.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:61:01:d7:3f:af:9c:88:66:70:8f:af:9f:6e:bd:27:bb:8c:ef:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Jul 10 06:19:50 2024 GMT
Not After : Jul 9 06:24:50 2025 GMT
Subject: CN=B72DF9E2CA5D6D37C9D145483748E0D3523FAFCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3b:c4:d8:e3:c8:77:74:0b:72:57:14:95:13:
4f:06:3e:1a:e0:50:5e:5e:b3:1b:a1:b8:ee:ff:67:
99:7e:a0:9e:be:80:1e:95:78:ba:b1:5b:89:47:84:
44:19:41:f6:dc:0d:5d:1a:6d:45:7e:04:13:27:69:
38:42:c3:f5:db:39:25:16:68:b7:27:3a:fe:40:8d:
12:f5:1e:c4:31:ed:92:f7:73:2f:58:d8:88:bc:f3:
b8:ff:10:68:82:97:38:52:7e:46:98:45:8c:49:15:
06:93:ac:d8:39:bc:cd:ba:68:34:59:d4:3b:28:44:
da:09:c5:7a:7c:52:9f:44:02:d3:3e:38:69:22:e6:
2c:86:89:8b:a8:a8:06:5d:e0:01:8c:7c:cc:bd:e4:
e3:58:e8:2e:25:58:cd:53:3e:1f:4f:f2:3a:2b:f3:
29:c6:b0:8b:17:fb:1d:6f:ed:7c:5b:7d:fd:56:0f:
32:01:1d:1e:01:c4:13:eb:a7:b7:98:a0:a7:2f:49:
a1:fe:e0:0a:8d:12:62:a7:96:bf:2c:65:52:cd:0a:
0b:a7:96:9d:3b:2c:68:b3:85:4c:b1:66:28:65:79:
fc:c0:c5:2f:e6:cc:9a:ea:00:77:aa:6f:32:c8:e0:
28:1a:0f:2c:d5:71:d4:a2:e9:22:23:01:48:88:31:
20:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:2D:F9:E2:CA:5D:6D:37:C9:D1:45:48:37:48:E0:D3:52:3F:AF:CC
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231312e302f32342d3234203d3e203231383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.211.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:13:09:7f:fc:d5:9f:95:52:3b:46:0f:2c:8d:ea:1b:03:54:
19:a7:c5:ae:6c:d7:ba:e8:0c:d4:03:8f:1f:ff:ad:97:ed:81:
0e:a3:56:eb:ea:08:e2:34:b0:4d:22:db:18:63:bb:00:fc:dc:
bd:17:f3:5b:ac:0f:4c:6b:0e:20:e4:8a:38:d1:62:93:5c:c1:
4e:a8:05:e0:00:b6:5d:48:63:4e:89:b3:e1:da:ae:87:b9:5e:
f8:1a:83:96:45:5f:c7:bf:df:37:4a:dc:e0:92:e8:aa:36:5e:
a2:c4:4e:54:0c:dd:a5:b0:cc:77:6e:f7:3f:c3:f9:88:fa:08:
b7:6b:35:73:0a:7e:83:95:19:b8:79:44:6f:be:df:1c:de:ef:
3e:96:9e:7a:05:c9:9f:d1:f0:c9:ba:34:9b:9b:d5:95:66:f1:
14:24:7d:6e:0a:cc:09:d1:d4:2e:7d:47:9d:3f:c5:ec:87:56:
99:1d:1d:c8:f1:55:8c:53:4d:bd:cf:1d:a4:5e:3c:a8:13:0c:
a5:90:71:a7:08:68:ce:55:e1:c0:26:b8:e9:f7:0f:aa:35:2a:
c9:6f:c4:af:4b:2e:0c:91:79:eb:3e:64:d1:de:35:3c:3e:a7:
cb:d1:42:99:06:b3:eb:b5:d5:fe:d0:8b:45:66:5a:99:31:95:
9b:e3:56:cd
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUR2EB1z+vnIhmcI+vn269J7uM778wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDA3MTAwNjE5NTBaFw0yNTA3MDkwNjI0NTBaMDMxMTAvBgNV
BAMTKEI3MkRGOUUyQ0E1RDZEMzdDOUQxNDU0ODM3NDhFMEQzNTIzRkFGQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2O8TY48h3dAtyVxSVE08GPhrg
UF5esxuhuO7/Z5l+oJ6+gB6VeLqxW4lHhEQZQfbcDV0abUV+BBMnaThCw/XbOSUW
aLcnOv5AjRL1HsQx7ZL3cy9Y2Ii887j/EGiClzhSfkaYRYxJFQaTrNg5vM26aDRZ
1DsoRNoJxXp8Up9EAtM+OGki5iyGiYuoqAZd4AGMfMy95ONY6C4lWM1TPh9P8jor
8ynGsIsX+x1v7Xxbff1WDzIBHR4BxBPrp7eYoKcvSaH+4AqNEmKnlr8sZVLNCgun
lp07LGizhUyxZihlefzAxS/mzJrqAHeqbzLI4CgaDyzVcdSi6SIjAUiIMSDxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUty354spdbTfJ0UVIN0jg01I/r8wwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzgzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3TMA0GCSqGSIb3DQEBCwUAA4IBAQA/Ewl//NWflVI7Rg8sjeobA1QZp8WubNe6
6AzUA48f/62X7YEOo1br6gjiNLBNItsYY7sA/Ny9F/NbrA9Maw4g5Io40WKTXMFO
qAXgALZdSGNOibPh2q6HuV74GoOWRV/Hv983StzgkuiqNl6ixE5UDN2lsMx3bvc/
w/mI+gi3azVzCn6DlRm4eURvvt8c3u8+lp56Bcmf0fDJujSbm9WVZvEUJH1uCswJ
0dQufUedP8Xsh1aZHR3I8VWMU029zx2kXjyoEwylkHGnCGjOVeHAJrjp9w+qNSrJ
b8SvSy4MkXnrPmTR3jU8PqfL0UKZBrPrtdX+0ItFZlqZMZWb41bN
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:50 2024 by rpki-client on console-fra.rpki-client.org