Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231332e302f32342d3234203d3e20323131333733.roa
File: 38352e3233372e3231332e302f32342d3234203d3e20323131333733.roa (raw, json)
Hash identifier: fc5NXpd845Pb6Z3IPS3voa/X/GD8MpSej0aAocv3yvc=
Subject key identifier: 35:77:45:43:B2:48:37:9D:11:0F:4E:CC:88:F0:B7:61:B5:F0:7A:8B
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 4ADF0AD2207CDB9FC7E7F54C51D82C5D7E1FB34B
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231332e302f32342d3234203d3e20323131333733.roa
Signing time: Wed 09 Oct 2024 09:43:22 +0000
ROA not before: Wed 09 Oct 2024 09:38:22 +0000
ROA not after: Wed 08 Oct 2025 09:43:22 +0000
asID: 211373
IP address blocks: 85.237.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Dec 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:df:0a:d2:20:7c:db:9f:c7:e7:f5:4c:51:d8:2c:5d:7e:1f:b3:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:22 2024 GMT
Not After : Oct 8 09:43:22 2025 GMT
Subject: CN=35774543B248379D110F4ECC88F0B761B5F07A8B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e9:8c:a0:a3:58:4d:e2:e2:85:52:09:4d:14:
70:59:9c:18:84:76:23:de:66:6b:b3:f9:72:2d:82:
00:46:41:77:9d:35:c5:b7:1f:f3:d9:e6:e3:91:f0:
e3:a2:b8:fd:96:8c:13:04:09:d1:16:38:6f:02:c5:
93:03:2a:a9:b1:35:d2:00:8c:fb:fc:4f:70:e0:35:
c1:76:8b:5c:06:02:ea:34:82:73:43:e1:b4:16:49:
6b:82:50:9e:cd:5b:f7:2c:a8:03:7a:da:6d:5f:ce:
dd:3a:f3:b5:81:2f:09:9e:b2:84:47:cf:62:35:e3:
4a:a4:28:8e:c4:db:80:5f:7d:79:dd:88:b5:24:15:
8c:4c:b3:58:2f:aa:9b:34:3b:b2:3c:48:cb:54:7e:
7e:23:22:f8:c2:18:56:8c:46:91:b4:f5:39:d8:a6:
7e:10:99:39:9f:ce:5f:fb:75:57:66:e0:74:67:62:
1a:b1:76:83:14:ed:db:c1:2e:88:6d:0b:be:c6:c5:
69:13:bf:67:50:99:b5:a4:c2:8c:aa:eb:4f:9a:b8:
f9:b1:31:20:b3:1d:a2:59:0a:97:4a:ee:28:bc:cb:
40:bb:9a:0e:98:c9:7c:43:9d:59:1c:b8:70:67:b3:
a7:1b:6c:b3:3f:f7:12:18:df:44:46:99:20:ed:1e:
32:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:77:45:43:B2:48:37:9D:11:0F:4E:CC:88:F0:B7:61:B5:F0:7A:8B
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231332e302f32342d3234203d3e20323131333733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.213.0/24
Signature Algorithm: sha256WithRSAEncryption
94:13:a3:1a:bf:55:4b:34:5d:f7:c2:42:11:dd:88:16:fa:bd:
f5:7c:cc:62:3a:3d:68:1c:8b:52:2f:a9:43:b7:f3:81:e9:94:
19:35:79:3c:b6:fd:49:80:d7:75:45:8b:7a:aa:01:54:d1:f4:
bb:44:ab:a9:84:2d:1d:27:ed:a9:ca:e9:2f:69:b8:43:ea:53:
d1:a7:01:2d:b3:73:c5:78:ac:8c:f7:a2:31:f7:f3:75:1e:77:
b0:3d:c8:a6:4a:6e:31:f6:27:99:aa:06:a1:31:74:b9:cf:86:
ed:22:ef:57:52:fd:93:cb:ac:45:26:2b:33:94:a4:29:3f:43:
49:92:72:38:96:32:1f:a8:d1:b5:98:c2:bc:55:da:e3:c7:51:
fc:ca:6e:28:5c:e6:6d:9a:d1:21:b2:53:b9:7a:68:a8:bb:19:
68:a6:ef:8e:cc:f5:b4:7d:7c:84:d4:05:53:1b:63:62:17:76:
2b:63:2b:61:d0:73:d4:2a:bc:62:4e:70:18:e2:c6:f7:cb:f1:
c1:cc:9b:cc:1f:cb:45:16:3a:af:e1:2d:aa:69:9a:65:0c:a2:
d9:2b:9b:6b:27:be:8c:19:51:cd:f5:31:65:6f:40:f1:ec:22:
ab:b1:bc:19:86:f8:d2:ef:8e:17:9a:91:41:24:09:9c:8b:1a:
5e:c8:e6:2b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSt8K0iB825/H5/VMUdgsXX4fs0swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjJaFw0yNTEwMDgwOTQzMjJaMDMxMTAvBgNV
BAMTKDM1Nzc0NTQzQjI0ODM3OUQxMTBGNEVDQzg4RjBCNzYxQjVGMDdBOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC16Yygo1hN4uKFUglNFHBZnBiE
diPeZmuz+XItggBGQXedNcW3H/PZ5uOR8OOiuP2WjBMECdEWOG8CxZMDKqmxNdIA
jPv8T3DgNcF2i1wGAuo0gnND4bQWSWuCUJ7NW/csqAN62m1fzt0687WBLwmesoRH
z2I140qkKI7E24BffXndiLUkFYxMs1gvqps0O7I8SMtUfn4jIvjCGFaMRpG09TnY
pn4QmTmfzl/7dVdm4HRnYhqxdoMU7dvBLohtC77GxWkTv2dQmbWkwoyq60+auPmx
MSCzHaJZCpdK7ii8y0C7mg6YyXxDnVkcuHBns6cbbLM/9xIY30RGmSDtHjJRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUNXdFQ7JIN50RD07MiPC3YbXweoswHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzEzMzM3MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7dUwDQYJKoZIhvcNAQELBQADggEBAJQToxq/VUs0XffCQhHdiBb6vfV8zGI6
PWgci1IvqUO384HplBk1eTy2/UmA13VFi3qqAVTR9LtEq6mELR0n7anK6S9puEPq
U9GnAS2zc8V4rIz3ojH383Ued7A9yKZKbjH2J5mqBqExdLnPhu0i71dS/ZPLrEUm
KzOUpCk/Q0mScjiWMh+o0bWYwrxV2uPHUfzKbihc5m2a0SGyU7l6aKi7GWim747M
9bR9fITUBVMbY2IXditjK2HQc9QqvGJOcBjixvfL8cHMm8wfy0UWOq/hLappmmUM
otkrm2snvowZUc31MWVvQPHsIquxvBmG+NLvjheakUEkCZyLGl7I5is=
-----END CERTIFICATE-----
Generated at Fri Dec 13 14:11:20 2024 by rpki-client on console-fra.rpki-client.org