Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231362e302f32342d3234203d3e20323039323432.roa
File: 38352e3233372e3231362e302f32342d3234203d3e20323039323432.roa (raw, json)
Hash identifier: ttJr1CvqlGlgFU8WWqKybIIFXdj0j0UjtVhQ4FhW1WQ=
Subject key identifier: 5F:8F:2B:06:C9:ED:CD:C8:B1:B7:C1:11:03:15:35:2A:FA:AE:22:B9
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 7982C7375F37BCCB9DA3E246C7C511FE6115B023
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231362e302f32342d3234203d3e20323039323432.roa
Signing time: Wed 02 Oct 2024 07:05:42 +0000
ROA not before: Wed 02 Oct 2024 07:00:42 +0000
ROA not after: Wed 01 Oct 2025 07:05:42 +0000
asID: 209242
IP address blocks: 85.237.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:82:c7:37:5f:37:bc:cb:9d:a3:e2:46:c7:c5:11:fe:61:15:b0:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 2 07:00:42 2024 GMT
Not After : Oct 1 07:05:42 2025 GMT
Subject: CN=5F8F2B06C9EDCDC8B1B7C1110315352AFAAE22B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:40:6a:26:82:c8:d1:92:40:4e:80:75:57:b5:
1b:f8:7f:47:01:32:c3:ba:d0:96:3d:4a:04:4e:66:
5a:fd:15:82:dc:06:64:86:78:b5:95:ac:35:be:fe:
2f:3d:23:eb:fd:57:3d:36:40:9f:f9:52:25:5b:5f:
49:da:ff:b1:e0:db:76:1c:da:46:e6:fb:d1:79:4e:
35:d9:7d:c6:83:6c:39:02:ed:a4:5e:47:de:45:03:
2b:9a:7e:1e:b5:2f:18:c8:02:bf:70:cd:f7:50:4c:
dd:05:7a:c1:fc:80:4f:b2:5a:2f:6d:d4:9c:70:63:
c7:62:5d:79:7c:73:9b:02:77:e4:b0:0e:10:b3:ea:
be:18:c1:ed:e0:76:c0:b5:00:ec:5b:9d:29:6f:9a:
99:46:ec:46:b9:65:6b:c9:65:3a:e5:4a:e8:01:7b:
1d:8e:e3:92:3f:79:8a:34:4b:49:d2:e5:84:29:d5:
e2:36:04:f9:9a:39:76:29:b4:c5:4d:32:8f:e3:09:
d6:9a:7b:5d:58:ac:24:1b:08:f1:7f:58:e3:91:42:
01:e7:a4:2a:ca:e0:66:2e:bd:fc:2d:e6:a0:44:f4:
85:c7:09:b5:e3:85:b5:5f:58:4c:cf:f0:51:e2:d9:
b1:99:41:d2:19:cd:c1:86:98:c3:89:fd:98:11:d8:
d3:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:8F:2B:06:C9:ED:CD:C8:B1:B7:C1:11:03:15:35:2A:FA:AE:22:B9
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231362e302f32342d3234203d3e20323039323432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.216.0/24
Signature Algorithm: sha256WithRSAEncryption
20:91:3d:25:db:a3:54:ee:28:b6:61:4e:aa:87:3c:71:1c:17:
af:d7:ea:f5:d1:6c:cc:a3:13:9d:16:65:44:00:d5:5e:dd:52:
b9:82:04:e5:53:af:be:79:f6:bc:7a:62:2e:e3:78:d3:11:b0:
f0:97:cd:5c:1c:da:23:92:13:c6:7b:a0:7f:d3:e0:9b:05:00:
aa:0d:1d:c4:30:37:45:ae:7b:c2:9d:90:b5:5b:0a:e5:00:e1:
ae:be:7e:b7:7b:a8:1c:09:2b:d9:4b:c5:75:a5:9a:4b:8d:53:
94:29:08:f2:d0:5d:8f:50:9f:83:d8:08:6c:8b:2e:3c:b3:05:
69:e4:48:84:29:d6:99:49:c3:5c:e9:0e:9a:82:84:0d:b8:9a:
42:4d:39:2e:91:bc:c2:db:72:f1:36:cd:11:5c:ce:75:aa:de:
72:97:e8:47:73:54:94:57:23:c4:b1:56:2b:c5:1f:d6:a9:31:
23:e1:83:3e:4e:ce:b4:f3:bb:57:01:7b:8c:8b:7a:d6:66:1e:
ed:3f:87:b3:ef:77:69:ef:45:1d:92:14:fc:78:a0:b0:ec:1b:
50:0d:6f:1a:d8:3d:16:19:25:33:86:7d:c4:65:e6:6c:8a:e4:
53:dc:2a:dc:58:ff:31:06:62:1e:69:9d:77:9f:9d:5b:77:12:
1b:66:af:26
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeYLHN183vMudo+JGx8UR/mEVsCMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDIwNzAwNDJaFw0yNTEwMDEwNzA1NDJaMDMxMTAvBgNV
BAMTKDVGOEYyQjA2QzlFRENEQzhCMUI3QzExMTAzMTUzNTJBRkFBRTIyQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvQGomgsjRkkBOgHVXtRv4f0cB
MsO60JY9SgROZlr9FYLcBmSGeLWVrDW+/i89I+v9Vz02QJ/5UiVbX0na/7Hg23Yc
2kbm+9F5TjXZfcaDbDkC7aReR95FAyuafh61LxjIAr9wzfdQTN0FesH8gE+yWi9t
1JxwY8diXXl8c5sCd+SwDhCz6r4Ywe3gdsC1AOxbnSlvmplG7Ea5ZWvJZTrlSugB
ex2O45I/eYo0S0nS5YQp1eI2BPmaOXYptMVNMo/jCdaae11YrCQbCPF/WOORQgHn
pCrK4GYuvfwt5qBE9IXHCbXjhbVfWEzP8FHi2bGZQdIZzcGGmMOJ/ZgR2NNTAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUX48rBsntzcixt8ERAxU1KvquIrkwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzkzMjM0MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7dgwDQYJKoZIhvcNAQELBQADggEBACCRPSXbo1TuKLZhTqqHPHEcF6/X6vXR
bMyjE50WZUQA1V7dUrmCBOVTr7559rx6Yi7jeNMRsPCXzVwc2iOSE8Z7oH/T4JsF
AKoNHcQwN0Wue8KdkLVbCuUA4a6+frd7qBwJK9lLxXWlmkuNU5QpCPLQXY9Qn4PY
CGyLLjyzBWnkSIQp1plJw1zpDpqChA24mkJNOS6RvMLbcvE2zRFcznWq3nKX6Edz
VJRXI8SxVivFH9apMSPhgz5OzrTzu1cBe4yLetZmHu0/h7Pvd2nvRR2SFPx4oLDs
G1ANbxrYPRYZJTOGfcRl5myK5FPcKtxY/zEGYh5pnXefnVt3EhtmryY=
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org