Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231372e302f32342d3234203d3e20323036353035.roa
File: 38352e3233372e3231372e302f32342d3234203d3e20323036353035.roa (raw, json)
Hash identifier: JFxN1f4bsZgpvi77dqdYuleL0ZtySuenxCNb2uIBrRA=
Subject key identifier: BD:9E:67:BD:C9:D6:FF:EE:E3:87:24:88:98:AE:F1:8E:BC:A5:AD:71
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 43EE036DACFEA664CD0B389C75DFDDC80A66177A
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231372e302f32342d3234203d3e20323036353035.roa
Signing time: Wed 08 Nov 2023 09:23:25 +0000
ROA not before: Wed 08 Nov 2023 09:18:25 +0000
ROA not after: Wed 06 Nov 2024 09:23:25 +0000
asID: 206505
IP address blocks: 85.237.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 15 May 2024 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:ee:03:6d:ac:fe:a6:64:cd:0b:38:9c:75:df:dd:c8:0a:66:17:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:18:25 2023 GMT
Not After : Nov 6 09:23:25 2024 GMT
Subject: CN=BD9E67BDC9D6FFEEE387248898AEF18EBCA5AD71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:20:a6:52:54:91:79:ba:f6:6a:ec:2a:4e:62:
ad:7f:6f:04:d4:9b:5d:c6:12:aa:5c:30:43:44:b1:
a6:75:1a:9f:42:59:6a:1b:05:3e:13:83:bc:4c:7f:
10:49:45:43:42:d7:35:48:ca:a8:dd:d5:fb:d9:6a:
dc:e5:ea:61:a9:62:87:58:58:0c:53:02:b1:35:7c:
ef:8c:ea:0c:43:9d:7a:1f:5b:4f:a7:bf:db:f6:c5:
ac:0b:1f:8a:4c:6c:57:d6:b6:cb:31:46:15:67:6a:
25:c3:4e:8d:9e:2d:4b:2e:49:9e:da:a3:b2:f9:50:
c2:0f:40:f0:64:43:6f:67:24:c9:a0:fc:9a:78:ad:
ee:b9:6b:e4:a0:92:08:ae:37:ed:e5:5d:4d:ee:2b:
06:b8:b7:34:06:3a:54:e2:81:35:21:18:1b:2d:63:
d7:7d:3f:a6:60:96:a0:97:56:a3:f9:df:b9:c6:9c:
f3:5f:37:16:9f:77:e1:5f:78:20:02:2e:a9:dd:c6:
10:c7:ed:7d:58:5c:17:4a:48:03:2f:33:52:71:5d:
5c:98:42:6b:32:3e:22:34:00:76:b8:a3:0e:28:af:
20:16:58:a3:1d:b2:1b:b4:06:f4:39:29:ec:a7:65:
cd:3b:ae:e4:5c:b8:78:92:34:dc:b9:e9:65:23:d5:
d9:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:9E:67:BD:C9:D6:FF:EE:E3:87:24:88:98:AE:F1:8E:BC:A5:AD:71
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231372e302f32342d3234203d3e20323036353035.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.217.0/24
Signature Algorithm: sha256WithRSAEncryption
42:d2:9f:3a:10:18:f1:0d:31:c7:14:84:55:82:68:18:e5:29:
b0:08:9a:10:1c:5c:5d:78:b7:51:53:a6:a2:57:64:73:72:83:
fd:1f:c5:b0:fd:e2:41:dd:af:ad:a2:69:63:f5:f9:ab:cb:f3:
93:f5:da:dc:e5:d8:15:cd:b3:e5:05:91:69:ee:15:e6:77:cc:
e1:6c:52:17:75:f6:0a:ae:dd:58:6d:5e:d9:dd:6d:11:20:2a:
ec:03:2c:51:38:dc:da:af:84:f2:14:0b:6d:7c:03:2a:00:b8:
b8:dd:47:c7:e3:12:21:6f:e4:9d:bd:29:2d:ce:5a:96:3f:21:
b0:d3:a9:b5:95:67:e0:7b:40:ac:9b:18:e0:c4:6c:66:7e:87:
02:01:d8:2e:54:8b:7d:cc:d8:c0:f6:03:5e:16:d9:63:fd:b0:
93:55:db:ef:84:b9:c2:05:d0:e4:e3:83:e1:7f:6d:08:60:a2:
04:5b:78:f7:0c:6f:fc:cd:8a:a5:7f:2d:4d:e8:6d:68:f5:7c:
c7:96:a8:42:41:7c:16:38:a4:c3:90:67:2f:d5:a0:e6:6c:00:
76:d9:d8:57:c2:23:a6:0f:9d:c4:44:a5:9c:af:8f:41:b6:9d:
2f:4c:f4:e6:8a:35:db:01:31:a9:7e:a5:cb:a0:fe:40:34:68:
41:e4:72:0e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQ+4Dbaz+pmTNCzicdd/dyApmF3owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE4MjVaFw0yNDExMDYwOTIzMjVaMDMxMTAvBgNV
BAMTKEJEOUU2N0JEQzlENkZGRUVFMzg3MjQ4ODk4QUVGMThFQkNBNUFENzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFIKZSVJF5uvZq7CpOYq1/bwTU
m13GEqpcMENEsaZ1Gp9CWWobBT4Tg7xMfxBJRUNC1zVIyqjd1fvZatzl6mGpYodY
WAxTArE1fO+M6gxDnXofW0+nv9v2xawLH4pMbFfWtssxRhVnaiXDTo2eLUsuSZ7a
o7L5UMIPQPBkQ29nJMmg/Jp4re65a+SgkgiuN+3lXU3uKwa4tzQGOlTigTUhGBst
Y9d9P6ZglqCXVqP537nGnPNfNxafd+FfeCACLqndxhDH7X1YXBdKSAMvM1JxXVyY
QmsyPiI0AHa4ow4oryAWWKMdshu0BvQ5KeynZc07ruRcuHiSNNy56WUj1dktAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUvZ5nvcnW/+7jhySImK7xjrylrXEwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzNTMwMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7dkwDQYJKoZIhvcNAQELBQADggEBAELSnzoQGPENMccUhFWCaBjlKbAImhAc
XF14t1FTpqJXZHNyg/0fxbD94kHdr62iaWP1+avL85P12tzl2BXNs+UFkWnuFeZ3
zOFsUhd19gqu3VhtXtndbREgKuwDLFE43NqvhPIUC218AyoAuLjdR8fjEiFv5J29
KS3OWpY/IbDTqbWVZ+B7QKybGODEbGZ+hwIB2C5Ui33M2MD2A14W2WP9sJNV2++E
ucIF0OTjg+F/bQhgogRbePcMb/zNiqV/LU3obWj1fMeWqEJBfBY4pMOQZy/VoOZs
AHbZ2FfCI6YPncREpZyvj0G2nS9M9OaKNdsBMal+pcug/kA0aEHkcg4=
-----END CERTIFICATE-----
Generated at Wed May 15 04:43:01 2024 by rpki-client on console-ams.rpki-client.org