Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231382e302f32342d3234203d3e20323132363039.roa
File: 38352e3233372e3231382e302f32342d3234203d3e20323132363039.roa (raw, json)
Hash identifier: qvQ0YN9l/Ot9215qABMuSRJeROK9DNeqdQgRRpZvgSA=
Subject key identifier: 36:0A:45:8B:4D:BC:7E:34:1D:81:39:40:76:31:E5:5F:67:83:33:95
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 2C493B65A646AB81425C591D0CB64B63F1D67F0D
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231382e302f32342d3234203d3e20323132363039.roa
Signing time: Wed 08 Nov 2023 09:24:01 +0000
ROA not before: Wed 08 Nov 2023 09:19:01 +0000
ROA not after: Wed 06 Nov 2024 09:24:01 +0000
asID: 212609
IP address blocks: 85.237.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 13:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:49:3b:65:a6:46:ab:81:42:5c:59:1d:0c:b6:4b:63:f1:d6:7f:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:19:01 2023 GMT
Not After : Nov 6 09:24:01 2024 GMT
Subject: CN=360A458B4DBC7E341D8139407631E55F67833395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:3d:09:c5:48:f6:44:b4:02:04:ca:27:4c:c8:
ce:19:6a:8d:c6:c7:d9:7e:66:f7:04:15:d0:46:f3:
c1:46:ac:f7:c5:4d:60:b7:65:ad:97:f5:2b:b7:89:
93:b0:45:46:3a:90:99:89:6a:18:0c:22:fb:f1:4b:
bb:90:c0:ac:9d:9e:ec:ef:dd:82:c8:8d:0a:d1:72:
49:fd:2a:c6:60:40:e7:f6:91:62:c0:18:85:28:2c:
76:11:84:36:3c:12:a2:a8:75:48:9b:8e:3b:66:15:
9e:f3:ca:4f:6c:a9:ad:40:64:22:32:4f:8b:9d:29:
2d:1c:a2:d0:ee:f5:6b:46:f2:63:1c:52:66:f7:3c:
37:b8:42:86:d0:82:e4:f3:d3:2c:54:08:8d:89:f7:
c0:c2:d6:f3:83:d4:47:81:35:f2:8a:61:52:70:f7:
c8:e5:14:4b:00:a6:a5:c4:d1:d2:d6:b7:9d:17:f7:
46:90:50:ee:52:1f:1d:8a:7c:a6:b8:bf:be:36:cd:
a7:bd:cd:1c:6c:ca:3c:9c:aa:19:6c:1f:03:c6:41:
e9:47:34:42:b3:0c:8c:f1:c7:48:d5:d5:18:68:39:
e6:bc:40:85:39:0e:f9:f6:98:81:87:e5:4b:c7:ef:
4b:6a:03:2b:2b:d4:7c:06:67:30:9e:91:e2:53:b5:
08:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:0A:45:8B:4D:BC:7E:34:1D:81:39:40:76:31:E5:5F:67:83:33:95
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231382e302f32342d3234203d3e20323132363039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.218.0/24
Signature Algorithm: sha256WithRSAEncryption
51:dd:6e:09:60:da:49:d5:b0:80:12:33:54:3e:a9:ec:54:86:
22:03:a2:35:ac:9b:84:cd:6b:35:fe:32:47:2c:1f:e9:7f:df:
fb:68:0f:9a:db:61:2a:71:73:47:64:20:ec:94:40:55:43:46:
47:36:e2:30:d3:ae:84:b1:95:86:6a:56:f9:9c:9f:5b:cb:30:
58:fb:f5:a3:ca:32:83:06:09:69:c8:7a:21:f7:ee:fc:07:dc:
86:31:a6:4c:8c:5a:48:12:49:de:66:55:71:4b:c1:5c:11:04:
7b:38:ae:2c:bc:f6:e8:34:08:a2:12:77:e5:3c:7c:48:92:1b:
02:9e:72:ef:c4:e2:3b:8d:1a:8d:b2:0a:76:eb:d2:46:dc:5e:
34:95:a4:7a:d3:05:e6:d8:45:39:3d:e0:2d:04:06:f8:83:a4:
4c:e6:63:ce:48:eb:bb:84:ad:e9:b4:a7:60:2e:56:8e:e6:02:
3f:b1:57:e6:c1:2a:71:a2:fc:9e:e9:9a:2d:60:72:a3:b4:2b:
9d:7d:04:8c:91:74:43:e0:b4:7c:02:5b:7f:17:28:14:26:01:
2d:1a:94:fc:11:19:dc:1c:ca:e7:64:a8:00:52:fe:4f:8f:71:
6c:35:67:9f:b2:69:de:37:17:43:b2:3c:b7:6b:ea:dc:13:6f:
71:8e:1f:d9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULEk7ZaZGq4FCXFkdDLZLY/HWfw0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE5MDFaFw0yNDExMDYwOTI0MDFaMDMxMTAvBgNV
BAMTKDM2MEE0NThCNERCQzdFMzQxRDgxMzk0MDc2MzFFNTVGNjc4MzMzOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNPQnFSPZEtAIEyidMyM4Zao3G
x9l+ZvcEFdBG88FGrPfFTWC3Za2X9Su3iZOwRUY6kJmJahgMIvvxS7uQwKydnuzv
3YLIjQrRckn9KsZgQOf2kWLAGIUoLHYRhDY8EqKodUibjjtmFZ7zyk9sqa1AZCIy
T4udKS0cotDu9WtG8mMcUmb3PDe4QobQguTz0yxUCI2J98DC1vOD1EeBNfKKYVJw
98jlFEsApqXE0dLWt50X90aQUO5SHx2KfKa4v742zae9zRxsyjycqhlsHwPGQelH
NEKzDIzxx0jV1RhoOea8QIU5Dvn2mIGH5UvH70tqAysr1HwGZzCekeJTtQhrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUNgpFi028fjQdgTlAdjHlX2eDM5UwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzNjMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7dowDQYJKoZIhvcNAQELBQADggEBAFHdbglg2knVsIASM1Q+qexUhiIDojWs
m4TNazX+MkcsH+l/3/toD5rbYSpxc0dkIOyUQFVDRkc24jDTroSxlYZqVvmcn1vL
MFj79aPKMoMGCWnIeiH37vwH3IYxpkyMWkgSSd5mVXFLwVwRBHs4riy89ug0CKIS
d+U8fEiSGwKecu/E4juNGo2yCnbr0kbcXjSVpHrTBebYRTk94C0EBviDpEzmY85I
67uErem0p2AuVo7mAj+xV+bBKnGi/J7pmi1gcqO0K519BIyRdEPgtHwCW38XKBQm
AS0alPwRGdwcyudkqABS/k+PcWw1Z5+yad43F0OyPLdr6twTb3GOH9k=
-----END CERTIFICATE-----
Generated at Sun May 19 18:41:22 2024 by rpki-client on console-ams.rpki-client.org