Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231322e302f32342d3234203d3e20323036303932.roa
File: 38352e3233372e3231322e302f32342d3234203d3e20323036303932.roa (raw, json)
Hash identifier: N0spo8aGcmX2s20aLI6n/yMMS7Q1XAz5HqdK5iPBJCs=
Subject key identifier: F5:82:4D:DE:ED:FC:71:04:91:67:9C:17:37:B6:67:1F:09:9B:CD:8D
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 4857464EDFD880AF93CD51AB03728995FB5EFF2D
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231322e302f32342d3234203d3e20323036303932.roa
Signing time: Wed 09 Oct 2024 09:43:25 +0000
ROA not before: Wed 09 Oct 2024 09:38:25 +0000
ROA not after: Wed 08 Oct 2025 09:43:25 +0000
asID: 206092
IP address blocks: 85.237.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:57:46:4e:df:d8:80:af:93:cd:51:ab:03:72:89:95:fb:5e:ff:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:25 2024 GMT
Not After : Oct 8 09:43:25 2025 GMT
Subject: CN=F5824DDEEDFC710491679C1737B6671F099BCD8D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:bd:b8:74:9b:45:1b:21:c3:d8:80:9c:9c:a3:
d4:59:5d:1f:3b:44:a6:4a:75:4b:03:f4:78:d0:23:
85:f1:a7:b0:0c:8f:b3:71:48:0c:7a:54:b7:07:47:
e3:93:a2:eb:da:3b:e3:cf:e0:29:19:86:81:4a:7e:
c6:61:eb:6c:10:ac:e9:00:fb:18:5f:21:9d:7c:88:
3d:26:ea:99:4a:c9:22:6b:6e:4d:44:48:84:43:86:
0d:68:23:7c:6c:9f:ed:e9:da:47:97:db:e1:31:49:
0e:db:91:e3:85:8a:95:09:6c:4c:63:aa:bd:e1:22:
12:01:7f:b6:05:70:ca:0b:99:0b:7a:12:fd:b9:fb:
ed:37:0d:51:e5:7b:c9:15:0e:c5:6f:b5:da:bd:55:
87:ea:15:62:18:61:bb:12:24:31:66:93:b7:bf:2d:
93:7b:c1:ab:15:05:58:1b:8b:6e:3b:33:e3:73:d0:
f7:99:3c:a4:c7:73:71:7d:81:14:bf:2c:b2:b0:ab:
9d:33:6d:22:a6:e9:eb:a7:ad:28:c5:f6:27:bd:58:
88:4b:e5:e0:09:48:56:1f:51:30:b7:7e:5e:c2:48:
40:ea:c6:b1:76:59:75:e8:bc:51:35:d6:6d:e1:d0:
72:ca:44:f7:6e:ba:27:0e:a2:3f:91:d6:df:f6:0f:
5b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:82:4D:DE:ED:FC:71:04:91:67:9C:17:37:B6:67:1F:09:9B:CD:8D
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231322e302f32342d3234203d3e20323036303932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.212.0/24
Signature Algorithm: sha256WithRSAEncryption
21:f0:27:58:ab:af:0d:c7:26:62:76:28:62:dd:e3:1f:c5:2c:
14:78:6f:dc:9c:da:21:5b:07:1d:51:d8:4b:9a:05:4f:7d:ba:
ff:ef:49:7a:56:e6:1f:7b:b5:ae:bc:a1:3b:bf:4d:62:12:75:
58:e4:9e:12:19:10:bb:ae:6d:54:8b:58:03:86:40:a7:0b:7a:
bd:9e:66:ad:4f:3e:08:66:8f:98:27:cc:0e:82:86:1b:4c:92:
ce:66:42:dc:b2:73:97:68:77:56:18:37:4f:4a:a8:7e:ad:fc:
9f:a5:a8:85:af:04:ee:64:3d:34:eb:95:ce:85:e3:fb:36:ac:
c0:ce:d4:6e:d8:ac:c7:27:66:d2:e8:0c:02:e1:e7:70:6b:10:
23:4c:79:a1:5d:fc:62:32:87:42:52:37:fa:b8:2d:8e:cb:e8:
49:0f:72:14:29:26:5c:c7:4c:1c:ee:5b:b1:d4:9f:2d:b5:f3:
80:ea:4f:df:9d:af:98:44:c1:a6:c4:4a:7a:1d:01:3b:58:f3:
3b:78:8c:24:aa:c6:03:ab:24:99:66:ba:e7:3b:47:24:40:0e:
a4:19:fe:62:4b:73:a8:60:35:3c:11:41:31:a1:fc:8a:42:4f:
fd:a8:25:00:43:ab:12:c4:f5:e6:8b:42:9c:78:dc:ce:a4:b2:
f8:60:01:de
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSFdGTt/YgK+TzVGrA3KJlfte/y0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjVaFw0yNTEwMDgwOTQzMjVaMDMxMTAvBgNV
BAMTKEY1ODI0RERFRURGQzcxMDQ5MTY3OUMxNzM3QjY2NzFGMDk5QkNEOEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFvbh0m0UbIcPYgJyco9RZXR87
RKZKdUsD9HjQI4Xxp7AMj7NxSAx6VLcHR+OTouvaO+PP4CkZhoFKfsZh62wQrOkA
+xhfIZ18iD0m6plKySJrbk1ESIRDhg1oI3xsn+3p2keX2+ExSQ7bkeOFipUJbExj
qr3hIhIBf7YFcMoLmQt6Ev25++03DVHle8kVDsVvtdq9VYfqFWIYYbsSJDFmk7e/
LZN7wasVBVgbi247M+Nz0PeZPKTHc3F9gRS/LLKwq50zbSKm6eunrSjF9ie9WIhL
5eAJSFYfUTC3fl7CSEDqxrF2WXXovFE11m3h0HLKRPduuicOoj+R1t/2D1vZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU9YJN3u38cQSRZ5wXN7ZnHwmbzY0wHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzMDM5MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7dQwDQYJKoZIhvcNAQELBQADggEBACHwJ1irrw3HJmJ2KGLd4x/FLBR4b9yc
2iFbBx1R2EuaBU99uv/vSXpW5h97ta68oTu/TWISdVjknhIZELuubVSLWAOGQKcL
er2eZq1PPghmj5gnzA6ChhtMks5mQtyyc5dod1YYN09KqH6t/J+lqIWvBO5kPTTr
lc6F4/s2rMDO1G7YrMcnZtLoDALh53BrECNMeaFd/GIyh0JSN/q4LY7L6EkPchQp
JlzHTBzuW7HUny2184DqT9+dr5hEwabESnodATtY8zt4jCSqxgOrJJlmuuc7RyRA
DqQZ/mJLc6hgNTwRQTGh/IpCT/2oJQBDqxLE9eaLQpx43M6ksvhgAd4=
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:50 2024 by rpki-client on console-fra.rpki-client.org