Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3131312e3138392e302f32342d3234203d3e203631303934.roa
File: 3138352e3131312e3138392e302f32342d3234203d3e203631303934.roa (raw, json)
Hash identifier: WeJB2Y9EHAktT6F3opbzlIwR60Li2i6huAhlCxSc0DI=
Subject key identifier: 27:13:C2:16:5A:30:9A:FD:9E:B9:79:75:D5:B7:F2:00:81:DF:43:1A
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 1D6518FBAA46DE89AA8305B57C646D5E50611BE6
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3131312e3138392e302f32342d3234203d3e203631303934.roa
Signing time: Tue 05 Dec 2023 17:05:08 +0000
ROA not before: Tue 05 Dec 2023 17:00:08 +0000
ROA not after: Tue 03 Dec 2024 17:05:08 +0000
asID: 61094
IP address blocks: 185.111.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 11:16:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:65:18:fb:aa:46:de:89:aa:83:05:b5:7c:64:6d:5e:50:61:1b:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Dec 5 17:00:08 2023 GMT
Not After : Dec 3 17:05:08 2024 GMT
Subject: CN=2713C2165A309AFD9EB97975D5B7F20081DF431A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:41:9c:26:2a:5e:0e:e1:3e:52:f4:15:d6:e4:
2c:b7:0a:29:4d:ed:f3:61:0e:46:12:88:26:be:46:
a9:72:9a:32:30:25:4b:5d:d3:d1:e9:ec:49:4b:d2:
96:35:0c:3d:2d:b3:ed:18:10:70:53:62:43:a6:23:
3e:b5:28:e7:56:c7:4e:14:b1:26:2f:6a:a6:8d:60:
fe:2d:12:e2:f3:a5:37:91:c1:7a:e9:08:d5:c5:75:
72:ea:b4:3c:47:cc:5e:a4:1e:59:ac:65:87:14:e2:
b1:54:53:2f:6f:89:a0:7b:c7:2f:56:2c:eb:21:a5:
0b:7e:f2:87:80:a8:a6:e7:48:07:13:8e:c4:b7:04:
c0:4f:b5:81:3a:d5:7d:66:dd:d4:67:6f:d6:2a:d8:
b4:f8:79:f9:97:5f:54:1c:f9:a9:e2:66:a2:1f:14:
ed:b9:4a:01:70:d9:38:27:a7:97:c2:67:6f:d6:41:
d5:b2:6b:98:85:df:70:39:29:29:85:38:e6:e5:d1:
3d:53:e3:ed:d1:31:22:7e:8a:4b:ef:0b:82:26:19:
99:62:3b:8f:33:2e:84:ff:40:86:c2:91:17:b9:41:
4b:5f:6a:4f:48:6a:d5:d9:4e:4f:04:88:0e:de:69:
c4:74:cc:c8:8f:de:6c:67:52:68:4d:66:0e:d1:b9:
5a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:13:C2:16:5A:30:9A:FD:9E:B9:79:75:D5:B7:F2:00:81:DF:43:1A
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3131312e3138392e302f32342d3234203d3e203631303934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.189.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:44:6f:e7:c5:5e:af:52:b0:b6:c3:70:03:eb:f3:eb:cb:7b:
ad:16:9b:d2:4b:df:a4:61:85:a9:d4:bd:7b:3e:6f:94:78:92:
ff:6b:c1:91:95:33:43:3b:5e:7e:68:69:42:ca:17:93:d0:e9:
cc:bf:e7:ab:42:c8:5c:5b:72:ba:6b:e8:75:97:9c:47:f6:0c:
ea:14:2c:e7:03:f8:46:a2:fc:b4:1a:e0:1a:7c:15:86:ec:e0:
41:ac:7a:52:81:77:44:09:75:56:14:72:ac:44:0b:9a:c1:e3:
8c:33:07:98:32:e7:57:3e:93:50:67:bd:5a:ba:eb:b2:5c:16:
ac:e2:b4:d9:e5:01:03:f1:b5:d3:6a:05:9e:f5:10:04:c3:68:
a9:ae:95:e1:6e:21:b8:4a:52:cc:f2:a8:44:90:8a:0f:50:97:
eb:f2:e8:10:de:10:f3:34:80:a5:42:a3:3d:a0:dd:10:6e:64:
e2:41:70:8d:5c:6a:c9:13:3d:68:0e:50:6c:80:c7:2a:f5:e7:
0d:50:ce:68:66:2f:b1:18:6e:24:20:5d:32:c7:e3:1a:c3:91:
00:eb:d5:02:fb:ab:17:e3:17:ce:40:64:c8:5a:e3:54:fe:17:
50:b4:48:f2:05:ba:9a:1e:34:3c:00:5a:4f:45:30:be:5b:66:
fd:4c:c4:3d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHWUY+6pG3omqgwW1fGRtXlBhG+YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzEyMDUxNzAwMDhaFw0yNDEyMDMxNzA1MDhaMDMxMTAvBgNV
BAMTKDI3MTNDMjE2NUEzMDlBRkQ5RUI5Nzk3NUQ1QjdGMjAwODFERjQzMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnQZwmKl4O4T5S9BXW5Cy3CilN
7fNhDkYSiCa+RqlymjIwJUtd09Hp7ElL0pY1DD0ts+0YEHBTYkOmIz61KOdWx04U
sSYvaqaNYP4tEuLzpTeRwXrpCNXFdXLqtDxHzF6kHlmsZYcU4rFUUy9viaB7xy9W
LOshpQt+8oeAqKbnSAcTjsS3BMBPtYE61X1m3dRnb9Yq2LT4efmXX1Qc+aniZqIf
FO25SgFw2Tgnp5fCZ2/WQdWya5iF33A5KSmFOObl0T1T4+3RMSJ+ikvvC4ImGZli
O48zLoT/QIbCkRe5QUtfak9IatXZTk8EiA7eacR0zMiP3mxnUmhNZg7RuVqzAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUJxPCFlowmv2euXl11bfyAIHfQxowHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMTMxMzEyZTMx
MzgzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMDM5MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5b70wDQYJKoZIhvcNAQELBQADggEBAGxEb+fFXq9SsLbDcAPr8+vLe60Wm9JL
36RhhanUvXs+b5R4kv9rwZGVM0M7Xn5oaULKF5PQ6cy/56tCyFxbcrpr6HWXnEf2
DOoULOcD+Eai/LQa4Bp8FYbs4EGselKBd0QJdVYUcqxEC5rB44wzB5gy51c+k1Bn
vVq667JcFqzitNnlAQPxtdNqBZ71EATDaKmuleFuIbhKUszyqESQig9Ql+vy6BDe
EPM0gKVCoz2g3RBuZOJBcI1caskTPWgOUGyAxyr15w1QzmhmL7EYbiQgXTLH4xrD
kQDr1QL7qxfjF85AZMha41T+F1C0SPIFupoeNDwAWk9FML5bZv1MxD0=
-----END CERTIFICATE-----
Generated at Sat Jun 15 19:32:54 2024 by rpki-client on console-ams.rpki-client.org