Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232322e302f32342d3234203d3e203534323532.roa
File: 38352e3233372e3232322e302f32342d3234203d3e203534323532.roa (raw, json)
Hash identifier: gw2S4ukL2X1uwNXknS+zfoG35ZdTeynM+zXt/yLeR4w=
Subject key identifier: 8A:E6:D9:EA:97:E4:DF:B1:62:81:D2:85:9D:80:74:93:5E:0E:5B:E2
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 6D8268A4DFAAC4522F78E5A3C54740FDD7E3630B
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232322e302f32342d3234203d3e203534323532.roa
Signing time: Fri 08 Mar 2024 05:59:47 +0000
ROA not before: Fri 08 Mar 2024 05:54:47 +0000
ROA not after: Fri 07 Mar 2025 05:59:47 +0000
asID: 54252
IP address blocks: 85.237.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:82:68:a4:df:aa:c4:52:2f:78:e5:a3:c5:47:40:fd:d7:e3:63:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Mar 8 05:54:47 2024 GMT
Not After : Mar 7 05:59:47 2025 GMT
Subject: CN=8AE6D9EA97E4DFB16281D2859D8074935E0E5BE2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e1:c0:9b:f4:02:45:0a:81:09:13:86:0c:cd:
30:59:36:fc:b1:1a:14:b5:b5:cd:88:5c:97:32:1b:
76:9b:e5:c9:95:e6:7d:ea:01:d7:0f:c0:c9:b0:51:
24:51:5c:5b:c8:b0:1c:39:42:43:26:4f:3d:32:bf:
62:19:ea:ca:2f:f7:2e:9f:7f:8c:91:16:5c:21:43:
46:3c:e6:92:de:52:0b:4c:bb:7e:ae:c5:62:d3:e0:
1c:fd:bf:d1:45:c6:c1:b9:8b:6f:79:5f:3f:92:77:
df:80:d2:40:43:4f:c4:7f:c5:98:34:36:77:e0:8b:
89:e5:94:0f:c2:d9:a4:ca:85:4f:dd:08:77:96:03:
8a:83:55:65:23:70:ae:a8:49:83:2e:71:b5:65:bd:
53:80:f5:5b:a6:c9:a2:7a:dc:6d:d1:6d:dd:75:99:
e1:bf:c2:ea:d7:2b:22:ab:96:55:d5:8f:d1:55:a0:
ca:ff:25:c2:54:18:f2:22:f5:b0:66:cd:63:a2:04:
86:7c:b5:a7:dc:6c:4e:dd:5b:36:36:ef:3c:0a:86:
29:43:bb:54:01:4b:c4:d3:ef:d5:3c:fe:aa:32:2b:
cc:65:42:52:fd:0b:15:f4:1f:ac:00:ff:c1:9f:91:
7b:4d:4c:f2:c8:8a:68:40:30:3e:33:00:b9:42:36:
74:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:E6:D9:EA:97:E4:DF:B1:62:81:D2:85:9D:80:74:93:5E:0E:5B:E2
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232322e302f32342d3234203d3e203534323532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.222.0/24
Signature Algorithm: sha256WithRSAEncryption
27:45:ee:d4:2c:6d:30:9e:08:df:73:ae:11:6c:b0:95:61:7c:
90:06:ef:20:32:af:26:6e:d7:7a:db:ba:8d:4d:3d:e0:a2:20:
81:5e:5b:2c:36:51:85:8f:88:22:0f:a6:35:42:03:95:ff:36:
66:b2:fb:ed:d4:29:ef:9a:e7:5a:e0:98:50:d0:e6:79:66:4e:
6e:37:a5:2a:80:58:d0:93:f0:50:8f:cc:9e:c6:10:21:5c:45:
ed:9f:b3:94:1f:56:f3:9f:73:f0:81:39:39:9a:09:19:89:69:
ca:fd:41:0e:cd:58:23:1c:d0:54:69:a7:d5:a7:c5:af:33:85:
26:4c:33:08:b8:bb:2f:f3:04:1d:43:85:14:88:24:c9:55:f2:
54:43:df:6c:7d:db:84:5e:bf:e0:73:49:a3:85:7b:09:23:ad:
3c:0b:41:1f:03:37:e3:df:bc:40:30:b5:f6:98:4d:44:87:30:
b4:5a:70:b6:ac:42:9d:56:43:04:84:c2:a1:ec:39:f5:d5:77:
a8:38:12:68:39:c0:26:c9:22:6d:7d:2e:b1:49:fb:f8:c1:fc:
d1:ea:37:3c:6e:f4:56:86:80:8f:d2:c9:46:9b:cd:82:b6:34:
5c:7a:10:45:db:53:59:a0:fc:0f:19:0d:b5:78:c5:af:24:ec:
6e:81:ea:b7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbYJopN+qxFIveOWjxUdA/dfjYwswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDAzMDgwNTU0NDdaFw0yNTAzMDcwNTU5NDdaMDMxMTAvBgNV
BAMTKDhBRTZEOUVBOTdFNERGQjE2MjgxRDI4NTlEODA3NDkzNUUwRTVCRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ4cCb9AJFCoEJE4YMzTBZNvyx
GhS1tc2IXJcyG3ab5cmV5n3qAdcPwMmwUSRRXFvIsBw5QkMmTz0yv2IZ6sov9y6f
f4yRFlwhQ0Y85pLeUgtMu36uxWLT4Bz9v9FFxsG5i295Xz+Sd9+A0kBDT8R/xZg0
Nnfgi4nllA/C2aTKhU/dCHeWA4qDVWUjcK6oSYMucbVlvVOA9VumyaJ63G3Rbd11
meG/wurXKyKrllXVj9FVoMr/JcJUGPIi9bBmzWOiBIZ8tafcbE7dWzY27zwKhilD
u1QBS8TT79U8/qoyK8xlQlL9CxX0H6wA/8GfkXtNTPLIimhAMD4zALlCNnQdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUiubZ6pfk37FigdKFnYB0k14OW+IwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMy
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM0MzIzNTMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3eMA0GCSqGSIb3DQEBCwUAA4IBAQAnRe7ULG0wngjfc64RbLCVYXyQBu8gMq8m
btd627qNTT3goiCBXlssNlGFj4giD6Y1QgOV/zZmsvvt1Cnvmuda4JhQ0OZ5Zk5u
N6UqgFjQk/BQj8yexhAhXEXtn7OUH1bzn3PwgTk5mgkZiWnK/UEOzVgjHNBUaafV
p8WvM4UmTDMIuLsv8wQdQ4UUiCTJVfJUQ99sfduEXr/gc0mjhXsJI608C0EfAzfj
37xAMLX2mE1EhzC0WnC2rEKdVkMEhMKh7Dn11XeoOBJoOcAmySJtfS6xSfv4wfzR
6jc8bvRWhoCP0slGm82CtjRcehBF21NZoPwPGQ21eMWvJOxugeq3
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:50 2024 by rpki-client on console-fra.rpki-client.org