Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231392e302f32342d3234203d3e20343030303339.roa
File: 38352e3233372e3231392e302f32342d3234203d3e20343030303339.roa (raw, json)
Hash identifier: iDEKWbuEHk0y0qn47DdG5vD0nCL2LCQ4BkuuXSPUgYc=
Subject key identifier: 8C:B5:5A:B2:33:7F:07:FA:2F:B9:4B:DE:50:14:9A:2D:2D:62:73:A5
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 2D22581584422F6CC30FF00254D94432DC04087F
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231392e302f32342d3234203d3e20343030303339.roa
Signing time: Wed 08 Nov 2023 09:24:22 +0000
ROA not before: Wed 08 Nov 2023 09:19:22 +0000
ROA not after: Wed 06 Nov 2024 09:24:22 +0000
asID: 400039
IP address blocks: 85.237.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:22:58:15:84:42:2f:6c:c3:0f:f0:02:54:d9:44:32:dc:04:08:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:19:22 2023 GMT
Not After : Nov 6 09:24:22 2024 GMT
Subject: CN=8CB55AB2337F07FA2FB94BDE50149A2D2D6273A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:56:c0:50:95:bc:44:d3:70:b2:7c:8e:46:df:
1b:1c:d4:0c:79:c7:23:b3:3c:8f:5f:47:14:7d:fb:
eb:18:47:4d:15:a1:7d:30:91:c8:72:6c:be:1c:a0:
9d:2a:06:6c:54:70:89:ea:47:4d:7e:d3:ad:41:6b:
6b:67:3d:f3:9e:c4:c4:b3:38:87:89:f4:b1:50:06:
26:a1:27:82:ae:e0:4e:3b:64:c3:a8:25:67:b9:51:
81:21:e2:1e:6b:8c:71:98:1e:d2:75:b1:55:b3:01:
62:8f:19:2e:4c:a0:7b:13:fb:2e:22:46:ea:81:ec:
71:60:ba:f4:53:e1:16:fa:06:ce:5d:5b:8d:ec:4e:
27:cd:1a:3b:e7:81:55:bf:59:49:5f:30:dc:3f:37:
25:7e:36:c8:12:fd:fa:5a:9e:28:5f:cd:83:38:f4:
7c:fd:23:e4:bc:dd:60:4c:da:3a:47:a3:57:1a:09:
d7:5a:47:d1:d3:ba:7e:4a:bc:31:95:05:e9:ea:2b:
3c:1c:f1:b8:45:a1:be:cf:f8:17:7b:30:21:96:58:
b2:35:45:85:3c:81:1d:3b:3d:10:3a:1a:05:84:65:
1f:ff:13:72:95:b0:e9:09:3e:a9:03:64:50:22:ac:
59:05:df:e0:58:5b:ed:d5:b1:05:17:0c:ba:5d:f5:
c0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:B5:5A:B2:33:7F:07:FA:2F:B9:4B:DE:50:14:9A:2D:2D:62:73:A5
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231392e302f32342d3234203d3e20343030303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.219.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:70:27:73:b8:d3:ab:53:b6:b2:18:0d:09:be:d5:10:21:53:
7f:9d:7c:bf:f5:d7:03:cc:47:48:2d:ca:85:09:9e:cb:91:ac:
1a:19:7c:72:ae:c8:2a:4a:a0:ab:93:3c:2a:19:86:34:fc:e4:
d5:1a:ba:24:69:3e:ef:22:a9:0d:46:3b:c1:06:96:e9:9f:48:
89:5a:6e:fd:48:2c:5f:f3:53:52:3b:4c:d7:27:c4:6b:98:bb:
fe:1a:d5:10:cb:d7:8d:4b:d2:84:64:3a:df:12:f9:f4:04:10:
0f:53:04:a3:39:b1:2c:70:38:43:6e:db:1e:68:ff:1e:a7:be:
52:02:cd:0f:ed:ec:ae:12:d7:d4:e7:a8:62:6e:d6:29:c4:5c:
9b:27:a7:81:43:ad:4b:d1:43:05:19:8e:d2:81:6e:16:8c:3a:
46:a0:7e:9f:fe:97:49:fe:7b:24:94:b7:13:8a:62:92:ae:0a:
e2:76:09:bf:ad:ed:34:ce:a6:17:31:14:cf:83:56:1c:f2:1b:
0c:e0:57:26:aa:6d:60:85:38:0b:63:5d:27:33:c0:dc:88:c8:
9e:b9:f5:24:d2:a9:77:a4:a1:42:9a:4e:13:11:cc:26:5e:01:
ef:d0:c8:73:32:96:0c:73:aa:39:e3:57:66:25:4e:0c:53:c8:
a6:65:42:2d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULSJYFYRCL2zDD/ACVNlEMtwECH8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE5MjJaFw0yNDExMDYwOTI0MjJaMDMxMTAvBgNV
BAMTKDhDQjU1QUIyMzM3RjA3RkEyRkI5NEJERTUwMTQ5QTJEMkQ2MjczQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4VsBQlbxE03CyfI5G3xsc1Ax5
xyOzPI9fRxR9++sYR00VoX0wkchybL4coJ0qBmxUcInqR01+061Ba2tnPfOexMSz
OIeJ9LFQBiahJ4Ku4E47ZMOoJWe5UYEh4h5rjHGYHtJ1sVWzAWKPGS5MoHsT+y4i
RuqB7HFguvRT4Rb6Bs5dW43sTifNGjvngVW/WUlfMNw/NyV+NsgS/fpanihfzYM4
9Hz9I+S83WBM2jpHo1caCddaR9HTun5KvDGVBenqKzwc8bhFob7P+Bd7MCGWWLI1
RYU8gR07PRA6GgWEZR//E3KVsOkJPqkDZFAirFkF3+BYW+3VsQUXDLpd9cANAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUjLVasjN/B/ovuUveUBSaLS1ic6UwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzAzMDMzMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7dswDQYJKoZIhvcNAQELBQADggEBAJtwJ3O406tTtrIYDQm+1RAhU3+dfL/1
1wPMR0gtyoUJnsuRrBoZfHKuyCpKoKuTPCoZhjT85NUauiRpPu8iqQ1GO8EGlumf
SIlabv1ILF/zU1I7TNcnxGuYu/4a1RDL141L0oRkOt8S+fQEEA9TBKM5sSxwOENu
2x5o/x6nvlICzQ/t7K4S19TnqGJu1inEXJsnp4FDrUvRQwUZjtKBbhaMOkagfp/+
l0n+eySUtxOKYpKuCuJ2Cb+t7TTOphcxFM+DVhzyGwzgVyaqbWCFOAtjXSczwNyI
yJ659STSqXekoUKaThMRzCZeAe/QyHMylgxzqjnjV2YlTgxTyKZlQi0=
-----END CERTIFICATE-----
Generated at Sun May 5 04:44:55 2024 by rpki-client on console-ams.rpki-client.org