Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231382e302f32342d3234203d3e20323132363039.roa
File: 38352e3233372e3231382e302f32342d3234203d3e20323132363039.roa (raw, json)
Hash identifier: Ll5KJVGdD0flSJiBXcembOmVBV5PzuRcjGceC+X7LTo=
Subject key identifier: EC:8E:DF:D8:34:22:C7:7E:41:7D:A5:3F:9A:AA:B9:C6:B9:01:47:C6
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 2E4EC8554A130A1D5F271BD4EECD6648D61F1082
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231382e302f32342d3234203d3e20323132363039.roa
Signing time: Wed 09 Oct 2024 09:43:24 +0000
ROA not before: Wed 09 Oct 2024 09:38:24 +0000
ROA not after: Wed 08 Oct 2025 09:43:24 +0000
asID: 212609
IP address blocks: 85.237.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Dec 2024 16:33:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:4e:c8:55:4a:13:0a:1d:5f:27:1b:d4:ee:cd:66:48:d6:1f:10:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:24 2024 GMT
Not After : Oct 8 09:43:24 2025 GMT
Subject: CN=EC8EDFD83422C77E417DA53F9AAAB9C6B90147C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:24:8f:cb:f7:34:f2:4c:3a:d2:b0:b8:9e:c4:
e7:50:00:d4:6d:10:db:1c:86:5e:f8:68:bb:48:1c:
17:4c:ee:7c:01:fc:53:55:05:b7:fe:d3:fd:59:4e:
ce:69:b7:03:59:e9:1d:72:6f:2e:c8:35:6e:c0:ef:
72:a9:ba:94:c1:25:0f:e0:3a:ad:d8:bf:84:3c:01:
00:4c:80:84:e9:ef:a2:af:f6:c0:a7:98:ac:63:68:
26:13:82:06:11:cb:b7:95:18:60:23:83:e6:60:17:
a6:a9:08:5a:41:7e:32:8e:a4:96:fc:17:1c:1b:03:
2f:85:66:a9:d6:24:c6:cb:38:ce:dd:ed:91:9e:70:
54:a9:68:49:5a:b4:82:55:1d:c6:20:3e:6f:b0:55:
b4:cc:af:55:f3:1d:5e:f6:6e:fb:a1:1e:25:9e:87:
0d:ed:42:db:14:55:6b:d6:51:a3:96:bc:d0:0d:67:
ce:0b:a5:35:2c:5c:7c:7d:68:81:d4:dc:ac:a5:90:
95:20:01:0a:9d:a1:3d:60:24:df:b4:5a:1f:b1:c9:
6f:56:ba:8e:93:df:b5:09:d6:6c:4f:0a:fd:c5:54:
bd:05:74:dd:0b:89:13:db:18:ff:ac:86:b5:0f:81:
ed:78:55:92:f4:54:24:24:ef:c5:82:59:b0:48:2f:
5c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:8E:DF:D8:34:22:C7:7E:41:7D:A5:3F:9A:AA:B9:C6:B9:01:47:C6
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231382e302f32342d3234203d3e20323132363039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.218.0/24
Signature Algorithm: sha256WithRSAEncryption
52:90:87:b9:ed:cb:02:82:13:e7:58:fe:af:35:ad:f7:01:ce:
e3:54:16:f7:8b:c6:9d:93:88:f2:fa:53:e1:4e:db:23:69:2f:
94:62:6c:f4:58:cd:c0:87:28:65:24:94:7f:9c:c0:e9:3d:03:
ae:c2:5d:1c:15:ba:51:0b:89:d8:28:3c:86:08:4e:50:90:23:
03:d1:8e:58:00:f4:16:51:2c:a3:e2:41:15:6e:ca:65:7b:83:
6c:66:86:8d:f3:f8:39:34:ef:d1:2a:9b:ba:cf:3f:dd:42:dd:
c5:81:b5:25:df:63:41:cc:18:ce:5f:2c:bc:3a:bb:c6:52:c9:
f1:d7:5d:da:c5:ea:27:64:16:9c:65:2c:27:de:43:65:52:7b:
93:1b:78:ed:0a:cf:f9:64:d8:8c:74:5f:1e:f9:f0:31:c8:4d:
91:c0:bc:f9:c9:b3:e4:4a:e3:65:39:c7:0d:8c:23:ac:df:20:
a0:b0:5d:18:cd:18:bd:f5:37:ef:c9:75:35:ce:d5:a0:c6:0e:
09:93:2c:e2:60:ab:1b:28:33:fa:60:db:a8:3e:78:c5:c9:bc:
c6:d0:5c:04:13:34:3a:ce:f8:b6:d8:3b:0b:de:91:9e:9b:80:
ca:71:23:df:8d:5e:8a:29:bd:e8:83:5a:de:58:d7:16:82:83:
d7:98:5b:52
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULk7IVUoTCh1fJxvU7s1mSNYfEIIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjRaFw0yNTEwMDgwOTQzMjRaMDMxMTAvBgNV
BAMTKEVDOEVERkQ4MzQyMkM3N0U0MTdEQTUzRjlBQUFCOUM2QjkwMTQ3QzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuJI/L9zTyTDrSsLiexOdQANRt
ENschl74aLtIHBdM7nwB/FNVBbf+0/1ZTs5ptwNZ6R1yby7INW7A73KpupTBJQ/g
Oq3Yv4Q8AQBMgITp76Kv9sCnmKxjaCYTggYRy7eVGGAjg+ZgF6apCFpBfjKOpJb8
FxwbAy+FZqnWJMbLOM7d7ZGecFSpaElatIJVHcYgPm+wVbTMr1XzHV72bvuhHiWe
hw3tQtsUVWvWUaOWvNANZ84LpTUsXHx9aIHU3KylkJUgAQqdoT1gJN+0Wh+xyW9W
uo6T37UJ1mxPCv3FVL0FdN0LiRPbGP+shrUPge14VZL0VCQk78WCWbBIL1xNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU7I7f2DQix35BfaU/mqq5xrkBR8YwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzNjMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7dowDQYJKoZIhvcNAQELBQADggEBAFKQh7ntywKCE+dY/q81rfcBzuNUFveL
xp2TiPL6U+FO2yNpL5RibPRYzcCHKGUklH+cwOk9A67CXRwVulELidgoPIYITlCQ
IwPRjlgA9BZRLKPiQRVuymV7g2xmho3z+Dk079Eqm7rPP91C3cWBtSXfY0HMGM5f
LLw6u8ZSyfHXXdrF6idkFpxlLCfeQ2VSe5MbeO0Kz/lk2Ix0Xx758DHITZHAvPnJ
s+RK42U5xw2MI6zfIKCwXRjNGL31N+/JdTXO1aDGDgmTLOJgqxsoM/pg26g+eMXJ
vMbQXAQTNDrO+LbYOwvekZ6bgMpxI9+NXoopveiDWt5Y1xaCg9eYW1I=
-----END CERTIFICATE-----
Generated at Tue Dec 10 19:49:49 2024 by rpki-client on console-fra.rpki-client.org