Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3133392e32372e302f32342d3234203d3e20383334.roa
File: 3138352e3133392e32372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 6bKA9JmeoBeHewDfLXxXwyuzOb0h74T29JFd1f4kt3Q=
Subject key identifier: 35:8C:AB:5E:F7:48:60:A3:E8:0C:A0:89:FC:6B:A5:1B:55:47:1B:28
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 73D276242AC9A75560EA16760929A8B4DF499D43
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3133392e32372e302f32342d3234203d3e20383334.roa
Signing time: Thu 11 Apr 2024 00:02:01 +0000
ROA not before: Wed 10 Apr 2024 23:57:01 +0000
ROA not after: Thu 10 Apr 2025 00:02:01 +0000
asID: 834
IP address blocks: 185.139.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:d2:76:24:2a:c9:a7:55:60:ea:16:76:09:29:a8:b4:df:49:9d:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Apr 10 23:57:01 2024 GMT
Not After : Apr 10 00:02:01 2025 GMT
Subject: CN=358CAB5EF74860A3E80CA089FC6BA51B55471B28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:80:13:df:06:e0:96:21:68:c5:28:71:0f:44:
11:6e:1d:23:ae:6f:8c:34:ef:aa:31:30:a5:e6:71:
e0:48:f7:42:5b:c0:75:77:53:64:7d:25:b1:99:96:
6f:89:9a:18:b4:5d:bf:89:76:6c:de:80:e3:1b:a5:
51:d5:3d:30:1e:9a:03:ef:1d:23:f8:57:da:f0:34:
43:b9:24:fe:64:89:e5:d6:97:65:98:5b:0f:02:95:
78:5a:e4:7f:06:1e:51:40:b2:4b:45:ac:28:44:1e:
fc:e4:93:46:40:a7:d3:11:67:a5:4d:39:7b:4c:35:
13:52:0d:0b:9a:d6:c0:a2:26:48:79:5b:4f:98:4c:
5a:bb:8a:d2:49:80:1c:0a:6c:bd:fe:4a:d3:d2:74:
92:54:fc:29:03:5e:bf:26:5e:a2:fe:72:5d:4f:e5:
fe:f2:ff:62:cd:38:30:6b:f0:49:64:b4:d3:84:0d:
83:f5:4d:51:e9:2d:a3:b4:99:31:19:34:f1:1e:cb:
79:43:7c:c2:3b:9b:1c:22:7e:89:be:14:ea:db:8d:
6b:dd:7f:33:60:14:1a:07:09:a3:21:99:35:28:8c:
05:a5:78:ca:10:06:37:1e:6e:8c:7e:89:2a:e8:51:
f7:e9:9b:28:ff:7e:0d:e9:2c:de:df:7a:0e:a4:34:
0a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:8C:AB:5E:F7:48:60:A3:E8:0C:A0:89:FC:6B:A5:1B:55:47:1B:28
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3133392e32372e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.27.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:db:0c:89:ac:0c:e1:2a:89:16:b6:e8:98:4d:50:a1:e3:f2:
c1:61:32:7a:20:73:81:64:7d:ce:3f:fa:ff:35:c3:b8:16:0d:
99:0c:8a:5f:11:b9:11:f2:72:f6:c0:c9:b6:ff:15:88:98:17:
f8:34:95:d0:26:7e:5f:16:8b:7a:09:4d:c2:c2:9c:b6:fe:dc:
47:07:6f:61:21:04:bf:34:7c:24:33:d6:18:5d:5a:90:ca:5c:
ae:09:47:fd:6b:ff:bc:e2:31:c6:ed:df:98:65:49:bf:91:75:
08:51:35:a4:66:dc:45:f1:17:8b:e4:3d:75:6a:34:38:e5:ce:
cf:ff:67:bd:d4:fd:5e:91:c5:40:c3:12:e6:87:d1:04:e8:b4:
1f:21:71:b8:b6:53:d9:b6:ed:a9:39:f1:5b:9a:2b:98:9e:75:
48:ea:fc:c7:51:5f:b4:b7:65:1d:77:f4:62:00:d9:59:e2:b6:
e2:dd:56:9d:a7:bf:38:3b:4e:38:ae:fe:6f:79:45:ee:33:aa:
ba:5b:c9:00:41:1b:db:48:27:47:79:5e:ea:07:93:ae:fd:7e:
ef:a9:37:c5:e8:8b:69:b0:ad:95:da:12:b1:af:a2:1b:c8:c3:
6a:f5:6f:00:40:55:ab:58:7f:7e:4d:6b:36:8b:a3:23:9d:35:
7b:55:62:23
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUc9J2JCrJp1Vg6hZ2CSmotN9JnUMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDA0MTAyMzU3MDFaFw0yNTA0MTAwMDAyMDFaMDMxMTAvBgNV
BAMTKDM1OENBQjVFRjc0ODYwQTNFODBDQTA4OUZDNkJBNTFCNTU0NzFCMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcgBPfBuCWIWjFKHEPRBFuHSOu
b4w076oxMKXmceBI90JbwHV3U2R9JbGZlm+Jmhi0Xb+JdmzegOMbpVHVPTAemgPv
HSP4V9rwNEO5JP5kieXWl2WYWw8ClXha5H8GHlFAsktFrChEHvzkk0ZAp9MRZ6VN
OXtMNRNSDQua1sCiJkh5W0+YTFq7itJJgBwKbL3+StPSdJJU/CkDXr8mXqL+cl1P
5f7y/2LNODBr8ElktNOEDYP1TVHpLaO0mTEZNPEey3lDfMI7mxwifom+FOrbjWvd
fzNgFBoHCaMhmTUojAWleMoQBjcebox+iSroUffpmyj/fg3pLN7feg6kNArdAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUNYyrXvdIYKPoDKCJ/GulG1VHGygwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzMTMzMzkyZTMy
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5ixsw
DQYJKoZIhvcNAQELBQADggEBAD/bDImsDOEqiRa26JhNUKHj8sFhMnogc4Fkfc4/
+v81w7gWDZkMil8RuRHycvbAybb/FYiYF/g0ldAmfl8Wi3oJTcLCnLb+3EcHb2Eh
BL80fCQz1hhdWpDKXK4JR/1r/7ziMcbt35hlSb+RdQhRNaRm3EXxF4vkPXVqNDjl
zs//Z73U/V6RxUDDEuaH0QTotB8hcbi2U9m27ak58VuaK5iedUjq/MdRX7S3ZR13
9GIA2VnituLdVp2nvzg7Tjiu/m95Re4zqrpbyQBBG9tIJ0d5XuoHk679fu+pN8Xo
i2mwrZXaErGvohvIw2r1bwBAVatYf35NazaLoyOdNXtVYiM=
-----END CERTIFICATE-----
Generated at Thu May 2 07:17:10 2024 by rpki-client on console-ams.rpki-client.org