Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231352e302f32342d3234203d3e20323030303137.roa
File: 38352e3233372e3231352e302f32342d3234203d3e20323030303137.roa (raw, json)
Hash identifier: iZnhISr5/a7a5cEEyC/T6ya8SZ4drw5V5I99WnWe5hQ=
Subject key identifier: 59:9C:87:E9:75:47:F5:3E:AA:59:45:73:CF:5E:B5:FB:97:4B:3B:78
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 50C010B86034C934C1A57B5653BD1D59DBB312B4
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231352e302f32342d3234203d3e20323030303137.roa
Signing time: Wed 24 Apr 2024 13:05:01 +0000
ROA not before: Wed 24 Apr 2024 13:00:01 +0000
ROA not after: Wed 23 Apr 2025 13:05:01 +0000
asID: 200017
IP address blocks: 85.237.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:c0:10:b8:60:34:c9:34:c1:a5:7b:56:53:bd:1d:59:db:b3:12:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Apr 24 13:00:01 2024 GMT
Not After : Apr 23 13:05:01 2025 GMT
Subject: CN=599C87E97547F53EAA594573CF5EB5FB974B3B78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:03:98:3f:4e:4b:3c:0e:a2:c2:8a:5d:3e:32:
d2:07:ea:82:16:74:da:20:6a:b2:e5:b1:43:bf:88:
e8:27:38:1f:14:c1:28:87:14:a9:a9:b7:58:28:21:
15:3d:67:95:65:84:c5:c4:f2:21:91:50:d4:6b:6f:
65:a7:66:84:e3:3a:af:48:d2:a0:df:14:9b:6d:2a:
b9:02:f9:68:46:c9:c3:7e:fa:21:ab:ef:14:08:cf:
7a:dc:ae:0b:41:77:99:b6:ac:70:65:b5:3f:32:78:
14:57:2b:f1:d1:37:d5:30:ac:7c:80:c7:4e:28:12:
af:ef:ec:77:a9:2a:45:8d:73:d0:2e:90:db:85:0e:
c7:2d:13:dd:7d:b8:19:8d:ec:93:60:07:66:e0:49:
49:0c:81:5b:1a:56:61:b3:83:cc:b9:7b:c6:0a:77:
54:47:8f:f4:05:a2:d0:71:4b:8d:ba:b8:65:13:ef:
a0:4c:f3:72:97:e4:3e:92:a9:84:d2:bd:c4:5d:58:
1c:21:91:1f:6c:b4:9c:8b:74:4c:8a:4a:67:f0:00:
ff:e5:69:14:76:53:a8:e7:86:8e:b5:2b:7f:d0:b9:
30:bd:74:ef:5a:c5:79:ea:94:6a:35:6a:60:53:2b:
d5:6a:17:a1:09:0a:db:6e:a5:7d:6e:d1:3d:3e:c4:
ab:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:9C:87:E9:75:47:F5:3E:AA:59:45:73:CF:5E:B5:FB:97:4B:3B:78
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231352e302f32342d3234203d3e20323030303137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.215.0/24
Signature Algorithm: sha256WithRSAEncryption
55:57:7e:50:8a:5f:d8:7d:db:bc:a7:31:44:93:da:f3:55:b6:
13:9c:17:5d:5a:48:63:df:9c:45:6d:b1:4a:9b:29:a8:f5:89:
fd:bb:ab:0c:b1:1c:06:55:3d:f1:54:f5:68:41:71:16:2a:a0:
71:d7:65:94:d2:67:b3:6a:09:cf:7c:4a:29:a1:71:57:6c:12:
d1:33:41:94:10:c8:b8:2c:28:ac:c5:9d:3e:f2:0c:d2:f3:f1:
72:5f:4c:e5:2a:04:70:13:9a:96:f6:29:9f:e3:35:c2:9f:43:
47:3a:34:bc:ed:e7:4b:59:c6:18:53:b8:38:25:03:5c:cc:38:
54:ac:a8:59:2b:a3:f4:bc:a4:df:10:4f:ff:1f:34:35:30:28:
d0:01:6c:31:f3:bf:74:ec:07:00:76:4d:b2:86:bf:a3:ee:4c:
bf:bf:91:dd:c3:2c:46:52:3d:a7:cf:5a:32:ac:5a:eb:87:6b:
4e:fd:f3:b8:13:9f:52:0e:1c:07:43:2b:7c:8c:40:1a:9b:ab:
ac:2e:84:cf:19:18:6d:cb:b1:45:35:6d:0e:21:61:4c:db:0e:
fd:1f:db:38:44:7c:63:60:24:78:3d:d2:4a:09:8b:a3:84:dd:
23:87:8c:a8:9b:9f:bf:89:50:17:82:44:cf:9e:0d:7f:b1:3f:
34:6b:59:49
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUMAQuGA0yTTBpXtWU70dWduzErQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDA0MjQxMzAwMDFaFw0yNTA0MjMxMzA1MDFaMDMxMTAvBgNV
BAMTKDU5OUM4N0U5NzU0N0Y1M0VBQTU5NDU3M0NGNUVCNUZCOTc0QjNCNzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0A5g/Tks8DqLCil0+MtIH6oIW
dNogarLlsUO/iOgnOB8UwSiHFKmpt1goIRU9Z5VlhMXE8iGRUNRrb2WnZoTjOq9I
0qDfFJttKrkC+WhGycN++iGr7xQIz3rcrgtBd5m2rHBltT8yeBRXK/HRN9UwrHyA
x04oEq/v7HepKkWNc9AukNuFDsctE919uBmN7JNgB2bgSUkMgVsaVmGzg8y5e8YK
d1RHj/QFotBxS426uGUT76BM83KX5D6SqYTSvcRdWBwhkR9stJyLdEyKSmfwAP/l
aRR2U6jnho61K3/QuTC9dO9axXnqlGo1amBTK9VqF6EJCttupX1u0T0+xKtNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUWZyH6XVH9T6qWUVzz161+5dLO3gwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzAzMDMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7dcwDQYJKoZIhvcNAQELBQADggEBAFVXflCKX9h927ynMUST2vNVthOcF11a
SGPfnEVtsUqbKaj1if27qwyxHAZVPfFU9WhBcRYqoHHXZZTSZ7NqCc98SimhcVds
EtEzQZQQyLgsKKzFnT7yDNLz8XJfTOUqBHATmpb2KZ/jNcKfQ0c6NLzt50tZxhhT
uDglA1zMOFSsqFkro/S8pN8QT/8fNDUwKNABbDHzv3TsBwB2TbKGv6PuTL+/kd3D
LEZSPafPWjKsWuuHa07987gTn1IOHAdDK3yMQBqbq6wuhM8ZGG3LsUU1bQ4hYUzb
Dv0f2zhEfGNgJHg90koJi6OE3SOHjKibn7+JUBeCRM+eDX+xPzRrWUk=
-----END CERTIFICATE-----
Generated at Fri May 17 12:28:22 2024 by rpki-client on console-ams.rpki-client.org