Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232302e302f32342d3234203d3e203134343435.roa
File: 38352e3233372e3232302e302f32342d3234203d3e203134343435.roa (raw, json)
Hash identifier: 9malZ46HFJMjXzYGxuF+snc0G66jBh3QxkwMmdF6x2o=
Subject key identifier: 10:C0:91:ED:97:9F:65:CD:F4:BF:DB:87:79:BF:6C:43:4F:56:D1:07
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 43A840A5EABAC9769AD642EB1C3B69391EFD3946
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232302e302f32342d3234203d3e203134343435.roa
Signing time: Wed 08 Nov 2023 09:21:06 +0000
ROA not before: Wed 08 Nov 2023 09:16:06 +0000
ROA not after: Wed 06 Nov 2024 09:21:06 +0000
asID: 14445
IP address blocks: 85.237.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 14:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:a8:40:a5:ea:ba:c9:76:9a:d6:42:eb:1c:3b:69:39:1e:fd:39:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:16:06 2023 GMT
Not After : Nov 6 09:21:06 2024 GMT
Subject: CN=10C091ED979F65CDF4BFDB8779BF6C434F56D107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ca:fb:ca:68:ac:4d:00:41:32:5e:d6:2e:51:
5a:c1:bf:b5:14:48:74:4f:f8:59:96:9e:7f:9b:de:
da:66:cd:64:05:72:0d:8b:64:70:d1:fb:13:92:21:
59:c3:64:8a:62:06:be:ed:40:7e:dd:d4:86:d0:6e:
a6:a5:37:c1:0e:1f:c1:be:e8:75:cc:58:36:b1:0b:
0f:ae:37:8e:81:80:45:d5:2e:e8:46:cc:6e:6d:a2:
fc:a2:5e:01:72:da:f5:9d:cf:f4:1f:04:dd:6c:cc:
b4:12:39:33:ce:a1:71:ec:62:22:ce:55:ec:28:1c:
72:8a:dc:20:69:1f:ab:ab:b3:fe:3b:09:d1:7d:04:
77:b9:63:ae:0f:6a:c9:79:fe:02:ce:db:b3:2c:25:
24:e0:e0:f3:17:1a:51:55:5f:bc:5f:29:b3:4c:bf:
39:7e:d2:59:3c:7d:28:fd:ec:8a:88:5d:21:9b:27:
9c:57:a4:12:45:7d:a2:38:40:46:2d:4c:31:fd:cb:
8a:60:df:fb:b2:3d:72:93:81:3e:65:0e:97:9e:7d:
5a:37:30:57:ee:03:49:5f:f5:93:97:b8:f9:2a:6d:
b7:71:8e:30:af:70:45:a5:4c:42:56:33:9d:35:28:
73:d3:43:0a:54:3c:df:82:a4:a6:02:4a:19:fa:4f:
d9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:C0:91:ED:97:9F:65:CD:F4:BF:DB:87:79:BF:6C:43:4F:56:D1:07
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232302e302f32342d3234203d3e203134343435.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.220.0/24
Signature Algorithm: sha256WithRSAEncryption
41:cc:2c:e6:a2:31:61:7f:5c:05:6e:0a:05:5f:e1:bf:01:21:
15:5b:15:9b:85:43:68:0e:30:c2:2f:cc:cc:0d:94:2e:81:35:
83:2f:19:86:88:6f:81:82:77:41:07:8a:ad:bc:ce:a1:c9:a1:
90:11:9d:ef:d7:58:e6:14:80:5f:b2:60:6f:cb:b0:e5:64:b3:
4e:de:b7:6d:fd:84:ae:95:8d:b9:7c:4b:b1:8c:aa:6f:5c:67:
03:7a:a7:20:5d:80:59:b7:d2:f9:ac:6d:dd:2a:90:4a:31:e3:
c5:d6:97:49:e1:8e:51:6b:5c:e1:6f:4e:32:7e:b3:be:48:7e:
2c:97:8e:91:32:31:84:73:d2:ec:01:18:d0:80:74:f1:af:b2:
d9:db:bb:b7:38:11:f0:cf:d9:25:e0:18:88:58:60:5d:3a:74:
74:26:6f:31:a7:fc:4f:cf:e6:92:f3:bf:4c:82:e5:f4:2f:0d:
a2:26:f6:35:24:6f:e6:e5:a8:76:e4:b6:46:6e:00:7b:eb:ef:
f5:0b:3f:03:19:5b:c6:b3:5a:24:d5:3b:e6:b7:d2:d7:45:ce:
e4:3f:2c:2a:36:7d:ce:fe:47:44:ce:58:9c:f9:50:32:b0:c1:
52:e4:00:f1:69:a3:20:75:ac:6b:aa:1a:9e:23:e7:b8:8a:9b:
4c:41:ca:88
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQ6hApeq6yXaa1kLrHDtpOR79OUYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE2MDZaFw0yNDExMDYwOTIxMDZaMDMxMTAvBgNV
BAMTKDEwQzA5MUVEOTc5RjY1Q0RGNEJGREI4Nzc5QkY2QzQzNEY1NkQxMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTyvvKaKxNAEEyXtYuUVrBv7UU
SHRP+FmWnn+b3tpmzWQFcg2LZHDR+xOSIVnDZIpiBr7tQH7d1IbQbqalN8EOH8G+
6HXMWDaxCw+uN46BgEXVLuhGzG5tovyiXgFy2vWdz/QfBN1szLQSOTPOoXHsYiLO
VewoHHKK3CBpH6urs/47CdF9BHe5Y64Pasl5/gLO27MsJSTg4PMXGlFVX7xfKbNM
vzl+0lk8fSj97IqIXSGbJ5xXpBJFfaI4QEYtTDH9y4pg3/uyPXKTgT5lDpeefVo3
MFfuA0lf9ZOXuPkqbbdxjjCvcEWlTEJWM501KHPTQwpUPN+CpKYCShn6T9kpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUEMCR7ZefZc30v9uHeb9sQ09W0QcwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMy
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzQzNDM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3cMA0GCSqGSIb3DQEBCwUAA4IBAQBBzCzmojFhf1wFbgoFX+G/ASEVWxWbhUNo
DjDCL8zMDZQugTWDLxmGiG+BgndBB4qtvM6hyaGQEZ3v11jmFIBfsmBvy7DlZLNO
3rdt/YSulY25fEuxjKpvXGcDeqcgXYBZt9L5rG3dKpBKMePF1pdJ4Y5Ra1zhb04y
frO+SH4sl46RMjGEc9LsARjQgHTxr7LZ27u3OBHwz9kl4BiIWGBdOnR0Jm8xp/xP
z+aS879MguX0Lw2iJvY1JG/m5ah25LZGbgB76+/1Cz8DGVvGs1ok1Tvmt9LXRc7k
PywqNn3O/kdEzlic+VAysMFS5ADxaaMgdaxrqhqeI+e4iptMQcqI
-----END CERTIFICATE-----
Generated at Thu May 16 17:48:53 2024 by rpki-client on console-fra.rpki-client.org