Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231362e302f32342d3234203d3e203230343733.roa
File: 38352e3233372e3231362e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: enjgELO7bH/R8QtnJPs9Kv3H0ihHOBe3GJgmteeu7Oc=
Subject key identifier: 41:36:28:6B:C3:EC:95:F5:5A:F1:B1:13:C9:D1:AD:35:92:7A:7E:E7
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 1DCDB9203BE04AD1CFB072811BA06989475AA4A9
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231362e302f32342d3234203d3e203230343733.roa
Signing time: Mon 06 May 2024 16:32:36 +0000
ROA not before: Mon 06 May 2024 16:27:36 +0000
ROA not after: Mon 05 May 2025 16:32:36 +0000
asID: 20473
IP address blocks: 85.237.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:cd:b9:20:3b:e0:4a:d1:cf:b0:72:81:1b:a0:69:89:47:5a:a4:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: May 6 16:27:36 2024 GMT
Not After : May 5 16:32:36 2025 GMT
Subject: CN=4136286BC3EC95F55AF1B113C9D1AD35927A7EE7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:fd:9d:5e:7c:3d:f2:a6:df:5a:f3:70:22:6d:
1f:64:bf:3a:90:10:37:1d:d1:96:11:02:9d:77:29:
40:54:07:ea:22:d2:be:76:d9:c3:d2:7a:1f:77:c2:
81:64:cb:c1:69:68:b5:98:74:f2:65:ff:9a:30:58:
09:f6:51:30:ea:54:c2:1e:10:4c:d6:74:91:af:6f:
a6:27:86:c8:86:45:4f:4c:b9:cb:26:de:fa:d5:fd:
4f:38:48:12:75:0b:bc:96:e3:63:9b:65:90:c8:c1:
5b:25:e6:d3:47:2e:bc:dd:1a:09:c0:06:d6:7e:ab:
ed:d0:17:c3:dd:25:da:48:2b:5c:dc:d9:a5:88:9e:
de:b1:c6:08:e1:f3:4c:21:e2:7d:40:86:60:87:72:
de:56:9f:a6:c5:78:ce:d2:e1:5d:56:22:b7:75:f8:
1f:22:54:44:51:b8:44:99:34:8d:17:1a:05:d6:3b:
ab:9e:2a:46:60:23:41:9d:ef:66:53:6a:6c:ec:05:
5c:7d:b6:8c:a9:2e:09:97:1b:e5:6e:24:c7:64:b5:
f2:f6:ca:74:ee:41:ce:54:74:15:af:6c:e6:00:aa:
b4:a2:92:db:d2:b6:d7:54:67:38:3f:cc:9c:23:3e:
1c:b5:0e:78:29:ab:40:41:ff:dd:f4:ff:5d:e9:6e:
50:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:36:28:6B:C3:EC:95:F5:5A:F1:B1:13:C9:D1:AD:35:92:7A:7E:E7
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231362e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.216.0/24
Signature Algorithm: sha256WithRSAEncryption
85:9c:a9:2c:6a:e6:51:42:45:74:a5:fa:a2:09:be:2c:ff:49:
5f:83:e5:6a:2e:a5:0d:70:0f:bd:92:20:20:29:f8:27:49:1d:
09:ce:d3:8f:f8:31:7d:6e:fd:e4:9f:da:3b:61:28:cb:89:48:
fa:51:3d:ef:a8:2a:e8:b2:fd:9b:ec:e4:aa:44:28:a4:3c:9c:
04:9d:89:3e:ef:e3:94:e6:bf:db:4f:96:ec:c4:57:c0:6a:cd:
9b:53:ae:f0:1e:27:ce:d4:19:a1:18:d8:bd:31:aa:a3:11:38:
0d:91:74:4f:69:48:73:f8:c0:69:a9:b8:f6:6c:1f:86:2a:59:
33:ac:6f:eb:e0:7d:55:fa:ce:d3:28:8d:d1:5c:18:ee:17:c7:
61:35:e1:9a:db:c4:5a:22:d6:e3:95:82:18:e6:4d:f8:0a:cc:
5f:c1:53:c6:da:3b:b0:57:cf:7f:1b:95:88:2a:26:f1:f9:7b:
6d:a3:83:e7:b0:a0:ed:f9:53:22:1c:36:7c:95:25:f4:2b:11:
58:2b:6e:0b:2a:c1:5f:4e:15:41:c2:e9:45:a8:7e:27:10:ef:
ff:5b:4b:9e:6d:99:95:15:f0:c7:2e:ad:0f:20:bc:ed:d9:b1:
d0:d8:aa:86:bf:51:13:06:f6:ea:e8:e2:14:4e:89:3f:6c:7c:
d2:91:94:52
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHc25IDvgStHPsHKBG6BpiUdapKkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDA1MDYxNjI3MzZaFw0yNTA1MDUxNjMyMzZaMDMxMTAvBgNV
BAMTKDQxMzYyODZCQzNFQzk1RjU1QUYxQjExM0M5RDFBRDM1OTI3QTdFRTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5/Z1efD3ypt9a83AibR9kvzqQ
EDcd0ZYRAp13KUBUB+oi0r522cPSeh93woFky8FpaLWYdPJl/5owWAn2UTDqVMIe
EEzWdJGvb6YnhsiGRU9Mucsm3vrV/U84SBJ1C7yW42ObZZDIwVsl5tNHLrzdGgnA
BtZ+q+3QF8PdJdpIK1zc2aWInt6xxgjh80wh4n1AhmCHct5Wn6bFeM7S4V1WIrd1
+B8iVERRuESZNI0XGgXWO6ueKkZgI0Gd72ZTamzsBVx9toypLgmXG+VuJMdktfL2
ynTuQc5UdBWvbOYAqrSiktvSttdUZzg/zJwjPhy1Dngpq0BB/930/13pblBdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUQTYoa8PslfVa8bETydGtNZJ6fucwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3YMA0GCSqGSIb3DQEBCwUAA4IBAQCFnKksauZRQkV0pfqiCb4s/0lfg+VqLqUN
cA+9kiAgKfgnSR0JztOP+DF9bv3kn9o7YSjLiUj6UT3vqCrosv2b7OSqRCikPJwE
nYk+7+OU5r/bT5bsxFfAas2bU67wHifO1BmhGNi9MaqjETgNkXRPaUhz+MBpqbj2
bB+GKlkzrG/r4H1V+s7TKI3RXBjuF8dhNeGa28RaItbjlYIY5k34CsxfwVPG2juw
V89/G5WIKibx+Xtto4PnsKDt+VMiHDZ8lSX0KxFYK24LKsFfThVBwulFqH4nEO//
W0uebZmVFfDHLq0PILzt2bHQ2KqGv1ETBvbq6OIUTok/bHzSkZRS
-----END CERTIFICATE-----
Generated at Sat Jun 1 15:05:11 2024 by rpki-client on console-fra.rpki-client.org