Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231392e302f32342d3234203d3e20343030303339.roa
File: 38352e3233372e3231392e302f32342d3234203d3e20343030303339.roa (raw, json)
Hash identifier: SHlFDZRrtBrOEuS1q5OO1ruIaoclfew9L9U8MBbuYYw=
Subject key identifier: 8B:BB:AF:37:B4:BD:80:BD:4D:E5:89:90:AF:76:52:1D:72:D7:68:F1
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 70C8BF433F8497B8AB1C7B2F5FC574E175B48CA4
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231392e302f32342d3234203d3e20343030303339.roa
Signing time: Wed 09 Oct 2024 09:43:23 +0000
ROA not before: Wed 09 Oct 2024 09:38:23 +0000
ROA not after: Wed 08 Oct 2025 09:43:23 +0000
asID: 400039
IP address blocks: 85.237.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 13:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:c8:bf:43:3f:84:97:b8:ab:1c:7b:2f:5f:c5:74:e1:75:b4:8c:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:23 2024 GMT
Not After : Oct 8 09:43:23 2025 GMT
Subject: CN=8BBBAF37B4BD80BD4DE58990AF76521D72D768F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8b:39:9b:5a:0d:3f:09:f5:83:5b:f9:e3:78:
d8:b9:86:84:96:58:f0:f0:4a:46:e8:73:a2:9d:49:
59:56:12:5d:98:77:7e:2c:f0:bc:97:4c:8e:8f:2a:
94:e0:f6:89:58:78:84:7d:58:3b:e9:eb:3c:00:e6:
6a:78:42:9d:8c:2f:ed:dd:6d:01:08:0f:df:d1:0e:
92:fe:a8:ab:40:78:de:e1:c5:33:1f:06:fe:17:66:
a1:bf:77:59:a3:43:0b:3c:97:b5:6a:d2:c7:5e:3f:
b7:04:a4:a6:bd:81:88:73:a7:c8:c2:fd:64:93:ac:
65:33:0c:29:7f:fb:e3:fe:2c:ca:1d:46:43:ef:35:
79:3c:ef:1a:0c:bb:88:9a:c1:09:20:91:15:0c:95:
1a:15:5a:42:ca:31:2e:92:24:7b:46:e5:88:5b:ab:
4f:c5:1d:7d:8a:32:02:7e:e9:43:47:17:d4:ae:c0:
b3:48:e8:69:82:dc:88:6f:c3:8e:8e:aa:cf:84:69:
b5:a6:51:b1:76:ad:c1:b5:35:43:3c:20:85:7a:14:
13:39:25:f3:b9:9f:4f:04:14:70:46:a3:15:bc:07:
86:c1:a6:f8:39:ab:69:45:1d:a0:4d:74:58:8c:4d:
73:a4:8f:59:61:53:2f:12:d0:ea:1b:79:7b:22:3a:
81:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:BB:AF:37:B4:BD:80:BD:4D:E5:89:90:AF:76:52:1D:72:D7:68:F1
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231392e302f32342d3234203d3e20343030303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.219.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:46:e1:72:64:81:f1:00:b8:02:ed:96:fc:4f:5b:42:3e:f9:
5f:dc:e3:f3:28:d3:f2:42:b2:1e:bb:b6:67:26:30:73:7f:6d:
79:bb:7b:79:5c:60:80:47:1c:a3:9d:6e:d2:c2:96:75:01:7e:
b3:95:7b:ea:1c:9a:a9:30:bb:1c:9d:f1:10:c6:35:5a:d1:f5:
45:13:f9:a7:80:60:22:60:8a:ee:d5:b8:75:c4:77:ef:0a:4f:
81:6f:93:c9:7d:78:60:85:ad:08:b5:a4:8b:22:a8:23:aa:d7:
52:68:a7:ce:79:b7:ba:03:2c:2c:86:aa:ac:73:48:30:1e:91:
57:c1:0f:2d:f0:2f:c8:02:71:0c:91:2d:f3:4c:67:25:86:10:
71:7f:7a:fe:c2:b1:cb:79:07:50:9e:14:16:86:f8:9c:96:1a:
3f:98:0a:f0:f9:14:26:e8:5a:f0:69:2b:80:e1:5d:b8:d5:64:
38:d5:88:f7:3d:6c:24:7c:be:eb:43:01:d2:60:69:a9:14:89:
ee:9d:85:e5:2a:39:9a:53:35:58:af:63:f8:ef:b1:80:32:79:
c3:a2:68:c2:24:74:83:f6:c7:45:df:9f:08:aa:2c:04:77:19:
dd:7a:42:a5:70:3d:c2:82:b5:7e:56:25:d8:af:bb:01:d3:d6:
82:35:61:ee
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcMi/Qz+El7irHHsvX8V04XW0jKQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjNaFw0yNTEwMDgwOTQzMjNaMDMxMTAvBgNV
BAMTKDhCQkJBRjM3QjRCRDgwQkQ0REU1ODk5MEFGNzY1MjFENzJENzY4RjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7izmbWg0/CfWDW/njeNi5hoSW
WPDwSkboc6KdSVlWEl2Yd34s8LyXTI6PKpTg9olYeIR9WDvp6zwA5mp4Qp2ML+3d
bQEID9/RDpL+qKtAeN7hxTMfBv4XZqG/d1mjQws8l7Vq0sdeP7cEpKa9gYhzp8jC
/WSTrGUzDCl/++P+LModRkPvNXk87xoMu4iawQkgkRUMlRoVWkLKMS6SJHtG5Yhb
q0/FHX2KMgJ+6UNHF9SuwLNI6GmC3Ihvw46Oqs+EabWmUbF2rcG1NUM8IIV6FBM5
JfO5n08EFHBGoxW8B4bBpvg5q2lFHaBNdFiMTXOkj1lhUy8S0OobeXsiOoE7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUi7uvN7S9gL1N5YmQr3ZSHXLXaPEwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzAzMDMzMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7dswDQYJKoZIhvcNAQELBQADggEBAB9G4XJkgfEAuALtlvxPW0I++V/c4/Mo
0/JCsh67tmcmMHN/bXm7e3lcYIBHHKOdbtLClnUBfrOVe+ocmqkwuxyd8RDGNVrR
9UUT+aeAYCJgiu7VuHXEd+8KT4Fvk8l9eGCFrQi1pIsiqCOq11Jop855t7oDLCyG
qqxzSDAekVfBDy3wL8gCcQyRLfNMZyWGEHF/ev7Csct5B1CeFBaG+JyWGj+YCvD5
FCboWvBpK4DhXbjVZDjViPc9bCR8vutDAdJgaakUie6dheUqOZpTNVivY/jvsYAy
ecOiaMIkdIP2x0XfnwiqLAR3Gd16QqVwPcKCtX5WJdivuwHT1oI1Ye4=
-----END CERTIFICATE-----
Generated at Sat Sep 6 00:18:25 2025 by rpki-client