Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232302e302f32342d3234203d3e203134343435.roa
File: 38352e3233372e3232302e302f32342d3234203d3e203134343435.roa (raw, json)
Hash identifier: uWDkEbz/LHUR3LvZw7lVUI6wUQPoHTpw0umCNtDx2SI=
Subject key identifier: B4:54:48:87:DB:57:25:17:1D:1F:B4:CD:0D:FA:F1:22:46:10:E3:D0
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 2E65309021F7C6934CDA366F0E9EC1A5EB420F24
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232302e302f32342d3234203d3e203134343435.roa
Signing time: Wed 09 Oct 2024 09:43:24 +0000
ROA not before: Wed 09 Oct 2024 09:38:24 +0000
ROA not after: Wed 08 Oct 2025 09:43:24 +0000
asID: 14445
IP address blocks: 85.237.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:65:30:90:21:f7:c6:93:4c:da:36:6f:0e:9e:c1:a5:eb:42:0f:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:24 2024 GMT
Not After : Oct 8 09:43:24 2025 GMT
Subject: CN=B4544887DB5725171D1FB4CD0DFAF1224610E3D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:0b:f3:16:91:fe:88:aa:ce:cf:f3:df:41:03:
91:9f:e2:6b:b7:45:d8:c6:63:77:bb:50:5b:d4:bd:
3d:93:05:c2:b7:af:59:21:42:7c:e8:14:12:33:ff:
19:4d:5d:bc:48:7f:cc:0b:1b:33:9f:0e:71:2d:f7:
ba:df:7c:39:30:54:72:5d:f0:82:16:61:62:64:fa:
1a:12:ee:74:5b:69:dc:af:15:41:64:06:0f:f8:65:
cb:6c:9a:12:8a:82:f1:0a:7e:8d:4c:81:74:52:c3:
89:77:24:62:18:9a:f2:08:d1:d2:27:49:a7:7b:13:
92:a6:67:80:d1:cc:b0:53:9d:00:1c:cd:53:a9:44:
13:9a:48:30:eb:72:7c:10:d9:76:6d:2a:bc:bc:0a:
51:0c:51:ba:07:62:cc:5d:ce:ab:c0:79:36:50:f6:
ce:8b:c4:bc:f7:b5:d3:50:c5:30:58:1e:e7:5c:fc:
89:87:1b:5c:fb:b0:d3:a9:bb:04:1d:59:a8:9a:f3:
1b:83:3d:2a:b6:ba:b7:04:79:d7:53:9a:c9:e4:40:
a8:89:71:a4:c5:5b:da:de:ef:c6:fb:8d:3c:45:2a:
23:f7:2f:b2:2e:9c:62:6a:78:48:17:94:53:60:f9:
c7:35:f5:9b:83:81:b6:e6:f6:37:6f:df:87:d2:9e:
18:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:54:48:87:DB:57:25:17:1D:1F:B4:CD:0D:FA:F1:22:46:10:E3:D0
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232302e302f32342d3234203d3e203134343435.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.220.0/24
Signature Algorithm: sha256WithRSAEncryption
38:77:51:23:48:57:0e:15:33:6c:14:62:a1:3d:a8:4a:a2:05:
32:86:d1:8c:07:44:9c:8a:20:35:fd:d5:b0:b3:b9:7c:c4:df:
1e:5a:0f:83:ce:44:21:24:ca:e8:55:dd:0b:c3:ea:63:1e:50:
b0:43:2a:db:1f:30:08:d1:e2:0a:30:58:51:20:59:9f:18:ef:
89:af:b2:01:69:ad:15:a1:d5:c8:94:ed:f9:91:46:3c:2d:1a:
4d:2c:86:47:f0:a0:bd:dd:3e:43:23:88:a5:a6:55:e5:e7:f6:
b2:69:67:20:a9:ce:95:b0:65:6d:5b:f3:45:0b:0d:8b:84:52:
a8:3f:2d:d4:83:5a:b4:75:54:ff:a7:6b:05:af:a9:e8:0b:7c:
23:20:0c:70:ab:ec:0d:8c:31:20:a2:61:32:2a:60:4f:ae:34:
29:a4:98:4e:0e:22:37:ff:e6:44:3d:e9:c7:6a:79:35:40:b0:
e7:59:3f:9a:98:fc:4e:95:4c:f8:6b:0b:eb:20:75:58:a1:14:
8e:36:6d:af:8a:00:27:83:09:de:c7:6d:05:48:35:05:aa:0d:
06:51:30:42:6d:c0:b7:f2:b7:01:fe:5d:2a:81:7d:77:4d:a3:
39:e2:28:5b:51:50:23:38:8f:a2:58:f3:96:d9:cf:3a:e7:5d:
18:db:b0:1d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULmUwkCH3xpNM2jZvDp7BpetCDyQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjRaFw0yNTEwMDgwOTQzMjRaMDMxMTAvBgNV
BAMTKEI0NTQ0ODg3REI1NzI1MTcxRDFGQjRDRDBERkFGMTIyNDYxMEUzRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWC/MWkf6Iqs7P899BA5Gf4mu3
RdjGY3e7UFvUvT2TBcK3r1khQnzoFBIz/xlNXbxIf8wLGzOfDnEt97rffDkwVHJd
8IIWYWJk+hoS7nRbadyvFUFkBg/4ZctsmhKKgvEKfo1MgXRSw4l3JGIYmvII0dIn
Sad7E5KmZ4DRzLBTnQAczVOpRBOaSDDrcnwQ2XZtKry8ClEMUboHYsxdzqvAeTZQ
9s6LxLz3tdNQxTBYHudc/ImHG1z7sNOpuwQdWaia8xuDPSq2urcEeddTmsnkQKiJ
caTFW9re78b7jTxFKiP3L7IunGJqeEgXlFNg+cc19ZuDgbbm9jdv34fSnhirAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUtFRIh9tXJRcdH7TNDfrxIkYQ49AwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMy
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzQzNDM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3cMA0GCSqGSIb3DQEBCwUAA4IBAQA4d1EjSFcOFTNsFGKhPahKogUyhtGMB0Sc
iiA1/dWws7l8xN8eWg+DzkQhJMroVd0Lw+pjHlCwQyrbHzAI0eIKMFhRIFmfGO+J
r7IBaa0VodXIlO35kUY8LRpNLIZH8KC93T5DI4ilplXl5/ayaWcgqc6VsGVtW/NF
Cw2LhFKoPy3Ug1q0dVT/p2sFr6noC3wjIAxwq+wNjDEgomEyKmBPrjQppJhODiI3
/+ZEPenHank1QLDnWT+amPxOlUz4awvrIHVYoRSONm2vigAngwnex20FSDUFqg0G
UTBCbcC38rcB/l0qgX13TaM54ihbUVAjOI+iWPOW2c86510Y27Ad
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org