Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231322e302f32342d3234203d3e20323036303932.roa
File: 38352e3233372e3231322e302f32342d3234203d3e20323036303932.roa (raw, json)
Hash identifier: MYFIDUoJhB1dIggSosNXYnwt5eUt5HrlDiHMb6R0b1Y=
Subject key identifier: AF:13:59:25:76:22:ED:61:2F:6F:C3:A4:EA:9A:E2:58:2C:AF:19:AE
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 7C251E6E193E61CF2DAFA907CA47B73E758C7E12
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231322e302f32342d3234203d3e20323036303932.roa
Signing time: Wed 08 Nov 2023 09:23:21 +0000
ROA not before: Wed 08 Nov 2023 09:18:21 +0000
ROA not after: Wed 06 Nov 2024 09:23:21 +0000
asID: 206092
IP address blocks: 85.237.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:25:1e:6e:19:3e:61:cf:2d:af:a9:07:ca:47:b7:3e:75:8c:7e:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:18:21 2023 GMT
Not After : Nov 6 09:23:21 2024 GMT
Subject: CN=AF1359257622ED612F6FC3A4EA9AE2582CAF19AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a2:51:2e:37:0d:1d:02:aa:0d:7f:58:9a:95:
c1:4e:e7:ae:d7:fe:ba:9e:a9:16:13:55:08:a4:7b:
77:29:8d:c0:4a:8d:0c:93:66:09:27:03:70:da:fa:
12:92:95:4a:1d:57:30:e6:d2:a6:c0:d1:6c:5d:24:
c6:56:8e:8a:0d:5b:57:df:3c:67:35:93:99:53:a6:
0c:e6:93:fc:09:ec:b9:08:bc:12:3b:d9:f6:07:3d:
ac:71:8b:e8:4a:23:7c:55:05:08:63:07:db:d0:d8:
54:18:f4:7c:fe:6f:2f:57:d0:8c:49:39:59:e0:1d:
5b:92:64:0b:7e:ee:43:88:b4:a9:2e:c1:b9:80:aa:
d6:bb:9c:8f:a0:fe:38:fa:f4:c3:3b:56:8f:72:38:
7b:e9:82:ed:78:a3:d6:ea:67:72:9b:a6:f8:5d:f4:
18:18:b4:b0:e4:2f:84:58:73:32:aa:3f:91:82:48:
05:98:a1:00:ec:74:65:f5:05:92:3d:ec:a1:76:ce:
3d:4e:93:f3:51:4e:7e:d7:83:2b:b3:a9:11:50:5c:
d6:7d:a1:30:c1:ab:df:98:1a:4f:9d:e2:b9:e7:3d:
e4:0d:10:d3:0c:83:39:97:32:81:89:1a:99:1c:a0:
fd:da:19:cb:8f:df:02:82:0a:76:a9:38:1d:d7:c1:
0f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:13:59:25:76:22:ED:61:2F:6F:C3:A4:EA:9A:E2:58:2C:AF:19:AE
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231322e302f32342d3234203d3e20323036303932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.212.0/24
Signature Algorithm: sha256WithRSAEncryption
05:9f:b7:cc:46:bf:d1:dc:c7:7d:45:c7:b3:26:e2:87:16:0f:
fe:5e:f8:a1:70:62:0b:44:e6:7f:4e:6b:db:00:5d:d9:bc:a5:
01:2c:14:37:e1:83:52:aa:ab:e5:10:a9:f6:b2:d8:58:f8:ff:
ba:4b:d8:ed:34:ae:25:8b:a5:c5:da:f5:97:18:9a:2d:9d:ba:
77:8f:a2:e7:0f:77:b9:ec:12:a2:2b:23:b6:2b:a9:7e:15:e4:
1c:42:04:f8:eb:78:ae:aa:b8:d6:6a:84:f6:48:89:2a:7b:1c:
2c:4e:01:e6:23:49:43:e2:52:a6:f6:b3:88:06:64:0e:ca:0f:
6c:e7:95:3f:31:cf:fa:6b:c6:68:27:fd:9a:c0:20:e3:28:44:
a0:45:7a:09:2b:38:77:65:bf:ef:0b:5d:cb:3e:55:c6:6e:bc:
d0:0b:4e:53:80:01:d6:1f:39:1f:2b:e4:9f:7a:95:7e:e7:90:
ab:45:df:20:c2:3f:1c:3e:9d:f9:10:22:f6:bd:ba:f4:60:fa:
95:e8:d7:f4:cb:24:ce:90:4e:29:ac:a7:ee:4f:59:3a:d4:4f:
d1:9f:5c:23:8b:a0:64:b8:66:70:19:d8:b5:59:e1:dc:a0:52:
b8:01:d3:5c:37:bd:f4:65:e8:3f:6e:7c:a5:99:ae:11:ca:ac:
4b:3d:79:20
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfCUebhk+Yc8tr6kHyke3PnWMfhIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE4MjFaFw0yNDExMDYwOTIzMjFaMDMxMTAvBgNV
BAMTKEFGMTM1OTI1NzYyMkVENjEyRjZGQzNBNEVBOUFFMjU4MkNBRjE5QUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNolEuNw0dAqoNf1ialcFO567X
/rqeqRYTVQike3cpjcBKjQyTZgknA3Da+hKSlUodVzDm0qbA0WxdJMZWjooNW1ff
PGc1k5lTpgzmk/wJ7LkIvBI72fYHPaxxi+hKI3xVBQhjB9vQ2FQY9Hz+by9X0IxJ
OVngHVuSZAt+7kOItKkuwbmAqta7nI+g/jj69MM7Vo9yOHvpgu14o9bqZ3Kbpvhd
9BgYtLDkL4RYczKqP5GCSAWYoQDsdGX1BZI97KF2zj1Ok/NRTn7XgyuzqRFQXNZ9
oTDBq9+YGk+d4rnnPeQNENMMgzmXMoGJGpkcoP3aGcuP3wKCCnapOB3XwQ9VAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUrxNZJXYi7WEvb8Ok6priWCyvGa4wHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzMDM5MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7dQwDQYJKoZIhvcNAQELBQADggEBAAWft8xGv9Hcx31Fx7Mm4ocWD/5e+KFw
YgtE5n9Oa9sAXdm8pQEsFDfhg1Kqq+UQqfay2Fj4/7pL2O00riWLpcXa9ZcYmi2d
unePoucPd7nsEqIrI7YrqX4V5BxCBPjreK6quNZqhPZIiSp7HCxOAeYjSUPiUqb2
s4gGZA7KD2znlT8xz/prxmgn/ZrAIOMoRKBFegkrOHdlv+8LXcs+VcZuvNALTlOA
AdYfOR8r5J96lX7nkKtF3yDCPxw+nfkQIva9uvRg+pXo1/TLJM6QTimsp+5PWTrU
T9GfXCOLoGS4ZnAZ2LVZ4dygUrgB01w3vfRl6D9ufKWZrhHKrEs9eSA=
-----END CERTIFICATE-----
Generated at Wed May 8 06:34:42 2024 by rpki-client on console-fra.rpki-client.org