Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231372e302f32342d3234203d3e20323036353035.roa
File: 38352e3233372e3231372e302f32342d3234203d3e20323036353035.roa (raw, json)
Hash identifier: Juy8fY4NTCzDeYL/fTznPya7Glu1oK1MqKEaE06m5ZQ=
Subject key identifier: 3A:52:D3:48:B1:82:12:0F:85:54:C0:2E:93:3B:C1:36:F8:A8:AA:A5
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 7F3BB56ED3C93B51EEC596BC8AEE5C255DBA4C20
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231372e302f32342d3234203d3e20323036353035.roa
Signing time: Wed 09 Oct 2024 09:43:24 +0000
ROA not before: Wed 09 Oct 2024 09:38:24 +0000
ROA not after: Wed 08 Oct 2025 09:43:24 +0000
asID: 206505
IP address blocks: 85.237.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:3b:b5:6e:d3:c9:3b:51:ee:c5:96:bc:8a:ee:5c:25:5d:ba:4c:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:24 2024 GMT
Not After : Oct 8 09:43:24 2025 GMT
Subject: CN=3A52D348B182120F8554C02E933BC136F8A8AAA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:5e:ca:1d:41:8d:e4:a3:93:e0:0f:fc:9e:ab:
85:4a:e5:82:19:c9:2e:84:39:36:a5:8c:ed:15:7f:
9c:f7:eb:eb:c6:86:d3:7c:90:74:04:ea:1e:56:64:
a8:ef:10:d1:37:29:76:61:e9:4f:77:44:ce:88:78:
10:04:37:94:0f:3a:ba:0b:fd:a0:e1:1f:97:cf:83:
0e:b2:11:9e:dc:1f:b4:00:3f:c7:11:02:5d:85:75:
f5:2e:23:9d:c9:c8:fc:f2:ce:0e:5b:82:dd:3f:c2:
f1:83:da:9b:7a:f3:40:f7:04:6f:fb:97:f5:5f:d7:
67:9a:91:df:de:0e:14:02:86:a6:57:f9:66:c3:46:
40:16:9c:3d:42:3f:5e:15:d8:00:2f:e3:8e:64:45:
15:2d:e8:b5:36:bf:09:b5:24:e8:76:03:93:a5:17:
d5:79:b3:44:22:82:e3:22:e7:85:dd:a0:a8:f3:0a:
17:31:45:8c:ab:93:cf:14:de:96:82:c8:2d:29:83:
3e:01:cc:a3:6f:d2:f6:22:23:15:24:de:b1:b1:16:
58:8b:67:41:ee:c6:d7:c1:16:57:e2:41:f4:b9:f2:
f8:2a:eb:e8:d1:0e:aa:de:2c:48:b0:ce:fa:cc:06:
bf:3c:90:a9:ff:28:81:d5:e3:61:f8:bc:bb:2d:71:
70:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:52:D3:48:B1:82:12:0F:85:54:C0:2E:93:3B:C1:36:F8:A8:AA:A5
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231372e302f32342d3234203d3e20323036353035.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.217.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:b4:35:7b:a6:ce:53:7d:00:26:37:f2:5b:93:55:ea:f8:95:
04:4b:34:0a:05:db:a3:a7:84:e1:23:02:c5:73:d3:6e:69:98:
99:13:51:d7:58:4c:e5:23:1c:84:cf:4c:2f:a8:91:9b:02:15:
18:16:50:a6:96:44:dc:d0:1e:a3:95:60:57:65:e0:4d:50:cf:
67:ae:d9:00:38:0e:f6:bd:74:13:44:53:4b:0b:5b:0b:c8:f3:
bc:04:64:72:ad:1e:b9:59:5d:63:c8:c5:1b:82:84:7d:f2:b2:
6e:7f:bd:75:b7:33:1b:21:c1:c7:50:41:13:18:2c:08:74:97:
e4:d4:cd:5e:82:31:10:79:43:78:d9:ca:7c:f8:c1:d8:08:0e:
f1:c0:59:ba:0d:81:25:13:78:82:f8:b7:13:9d:01:34:00:ba:
e9:87:c9:ec:e7:57:a5:46:86:14:74:c1:33:f7:20:5b:e0:c6:
a9:94:c6:df:ec:54:e7:ab:ce:59:1a:77:4d:da:47:cb:88:e8:
15:e3:3c:b0:2e:d6:72:1a:62:53:c3:22:72:8c:53:fd:e2:12:
c7:b7:b0:a7:ec:42:79:5d:9b:2f:44:00:e5:d8:8c:5a:74:df:
1b:14:57:dc:c1:9e:fa:66:a4:3b:2f:f3:09:56:48:c2:80:30:
89:07:35:90
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfzu1btPJO1HuxZa8iu5cJV26TCAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjRaFw0yNTEwMDgwOTQzMjRaMDMxMTAvBgNV
BAMTKDNBNTJEMzQ4QjE4MjEyMEY4NTU0QzAyRTkzM0JDMTM2RjhBOEFBQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaXsodQY3ko5PgD/yeq4VK5YIZ
yS6EOTaljO0Vf5z36+vGhtN8kHQE6h5WZKjvENE3KXZh6U93RM6IeBAEN5QPOroL
/aDhH5fPgw6yEZ7cH7QAP8cRAl2FdfUuI53JyPzyzg5bgt0/wvGD2pt680D3BG/7
l/Vf12eakd/eDhQChqZX+WbDRkAWnD1CP14V2AAv445kRRUt6LU2vwm1JOh2A5Ol
F9V5s0QiguMi54XdoKjzChcxRYyrk88U3paCyC0pgz4BzKNv0vYiIxUk3rGxFliL
Z0HuxtfBFlfiQfS58vgq6+jRDqreLEiwzvrMBr88kKn/KIHV42H4vLstcXBBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUOlLTSLGCEg+FVMAukzvBNvioqqUwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzNTMwMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7dkwDQYJKoZIhvcNAQELBQADggEBAF60NXumzlN9ACY38luTVer4lQRLNAoF
26OnhOEjAsVz025pmJkTUddYTOUjHITPTC+okZsCFRgWUKaWRNzQHqOVYFdl4E1Q
z2eu2QA4Dva9dBNEU0sLWwvI87wEZHKtHrlZXWPIxRuChH3ysm5/vXW3MxshwcdQ
QRMYLAh0l+TUzV6CMRB5Q3jZynz4wdgIDvHAWboNgSUTeIL4txOdATQAuumHyezn
V6VGhhR0wTP3IFvgxqmUxt/sVOerzlkad03aR8uI6BXjPLAu1nIaYlPDInKMU/3i
Ese3sKfsQnldmy9EAOXYjFp03xsUV9zBnvpmpDsv8wlWSMKAMIkHNZA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 07:03:45 2024 by rpki-client on console-fra.rpki-client.org