Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230322e302f32342d3234203d3e20323130303330.roa
File: 3138352e3232392e3230322e302f32342d3234203d3e20323130303330.roa (raw, json)
Hash identifier: UABDTXTWp8foWVTBYxxIWEuae7LAbLk9s44nxTvRACo=
Subject key identifier: D4:54:79:3D:BA:57:8F:46:FE:F9:F3:24:88:F1:6B:91:9F:24:6E:8E
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 45ED477B7B01C4949B5B1D93E8AC7F84A25FB244
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230322e302f32342d3234203d3e20323130303330.roa
Signing time: Fri 08 Mar 2024 18:57:16 +0000
ROA not before: Fri 08 Mar 2024 18:52:16 +0000
ROA not after: Fri 07 Mar 2025 18:57:16 +0000
asID: 210030
IP address blocks: 185.229.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:ed:47:7b:7b:01:c4:94:9b:5b:1d:93:e8:ac:7f:84:a2:5f:b2:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Mar 8 18:52:16 2024 GMT
Not After : Mar 7 18:57:16 2025 GMT
Subject: CN=D454793DBA578F46FEF9F32488F16B919F246E8E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8f:e5:13:4f:cd:1d:c7:6c:a0:32:5f:5a:d7:
2c:7f:1a:96:91:15:44:72:01:34:49:2d:23:17:62:
e5:ee:e6:b5:89:10:46:13:06:27:99:9d:a0:9a:3d:
fc:89:3c:64:ea:12:1e:63:54:c4:5a:46:37:d7:a4:
c0:5a:bf:6a:7e:49:45:c3:eb:76:1e:f1:7d:f8:9a:
3d:76:be:a8:12:f4:fa:ae:20:f4:ae:a9:19:13:4f:
7b:95:af:c4:55:78:17:95:2f:7c:d0:a6:db:95:00:
7d:fa:5b:a4:07:7b:a6:9b:46:4a:45:e5:fb:6b:b3:
2f:db:d5:e5:bd:a2:07:a5:51:27:49:90:27:7d:3f:
a6:72:4c:93:a2:d2:62:8a:60:95:30:a4:3c:b7:35:
9a:8c:7a:bf:9c:a2:1a:d3:19:b4:19:54:c2:df:1a:
e6:62:8e:b5:fe:20:cb:6c:9e:57:64:8a:2d:01:dd:
07:94:f2:3b:97:bb:4f:3b:5d:15:3c:42:9b:e7:24:
b1:04:bc:9b:e7:ec:39:3d:e5:dc:ee:fa:2b:4f:c2:
84:2b:34:b1:5c:9c:83:10:cb:00:b9:ae:a4:bb:f2:
26:b9:25:71:85:df:c7:29:e9:26:e1:dd:16:69:3a:
49:fe:82:69:cf:47:b7:57:f6:61:d2:b0:ef:85:46:
a0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:54:79:3D:BA:57:8F:46:FE:F9:F3:24:88:F1:6B:91:9F:24:6E:8E
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230322e302f32342d3234203d3e20323130303330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.202.0/24
Signature Algorithm: sha256WithRSAEncryption
41:8f:f7:0b:96:3b:cf:6e:8a:3f:02:a8:8d:0c:a9:0c:6e:62:
f4:98:5a:44:07:46:6c:e8:de:7b:de:3f:d7:1f:f3:8b:88:2e:
a6:2b:ff:37:c7:9f:34:5f:85:d0:41:f2:e1:8f:19:32:61:e3:
6e:f2:9a:8d:5a:49:c6:66:83:1c:cb:8d:b4:6e:e7:99:bf:e8:
b8:fb:b1:15:62:67:5a:c4:bf:bb:52:69:82:25:a2:ab:92:39:
37:34:1a:7d:5e:87:f1:6e:a3:c9:eb:0e:89:af:b7:61:11:09:
17:d0:cb:a3:91:8d:5e:d6:47:4c:cb:d1:a9:1b:db:b2:b2:47:
98:a5:76:b2:f7:3e:a2:9f:20:61:00:69:cb:2f:07:82:95:40:
0b:4f:7d:8f:2f:0a:dd:33:77:aa:24:3b:bb:90:8b:4a:b4:1d:
8e:b6:f0:12:6a:54:ca:f9:4a:3a:8d:22:a0:79:c2:f2:ae:70:
a4:fc:40:3b:60:07:28:5b:be:0c:4f:4a:51:f4:34:ca:47:2a:
57:90:19:6d:0b:ca:e4:84:46:54:a7:e1:d6:08:99:ba:7d:aa:
cd:0b:bd:b0:a6:3f:96:8b:82:42:a8:b0:c8:8c:18:b6:a0:57:
34:be:7f:87:04:d7:76:94:33:88:84:97:cc:a9:66:c6:52:48:
82:cf:29:e9
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIURe1He3sBxJSbWx2T6Kx/hKJfskQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNDAzMDgxODUyMTZaFw0yNTAzMDcxODU3MTZaMDMxMTAvBgNV
BAMTKEQ0NTQ3OTNEQkE1NzhGNDZGRUY5RjMyNDg4RjE2QjkxOUYyNDZFOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPj+UTT80dx2ygMl9a1yx/GpaR
FURyATRJLSMXYuXu5rWJEEYTBieZnaCaPfyJPGTqEh5jVMRaRjfXpMBav2p+SUXD
63Ye8X34mj12vqgS9PquIPSuqRkTT3uVr8RVeBeVL3zQptuVAH36W6QHe6abRkpF
5ftrsy/b1eW9ogelUSdJkCd9P6ZyTJOi0mKKYJUwpDy3NZqMer+cohrTGbQZVMLf
GuZijrX+IMtsnldkii0B3QeU8juXu087XRU8QpvnJLEEvJvn7Dk95dzu+itPwoQr
NLFcnIMQywC5rqS78ia5JXGF38cp6Sbh3RZpOkn+gmnPR7dX9mHSsO+FRqA/AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU1FR5PbpXj0b++fMkiPFrkZ8kbo4wHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMyMzkyZTMy
MzAzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMDMwMzMzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnlyjANBgkqhkiG9w0BAQsFAAOCAQEAQY/3C5Y7z26KPwKojQypDG5i9Jha
RAdGbOjee94/1x/zi4gupiv/N8efNF+F0EHy4Y8ZMmHjbvKajVpJxmaDHMuNtG7n
mb/ouPuxFWJnWsS/u1JpgiWiq5I5NzQafV6H8W6jyesOia+3YREJF9DLo5GNXtZH
TMvRqRvbsrJHmKV2svc+op8gYQBpyy8HgpVAC099jy8K3TN3qiQ7u5CLSrQdjrbw
EmpUyvlKOo0ioHnC8q5wpPxAO2AHKFu+DE9KUfQ0ykcqV5AZbQvK5IRGVKfh1giZ
un2qzQu9sKY/louCQqiwyIwYtqBXNL5/hwTXdpQziISXzKlmxlJIgs8p6Q==
-----END CERTIFICATE-----
Generated at Tue Jun 25 12:07:55 2024 by rpki-client on console-fra.rpki-client.org