Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3231322e3131332e302f32342d3234203d3e20323036353035.roa
File: 3138352e3231322e3131332e302f32342d3234203d3e20323036353035.roa (raw, json)
Hash identifier: zwHVrDRCE/+c/NRFnSwddjxd7NWCvyh8dWrfFH2NoEo=
Subject key identifier: 99:B1:A9:BC:3A:F0:77:4A:10:A1:6E:62:68:D1:F1:8E:79:86:88:1C
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 3C4E4D844A6E940CB80CDABAFC77CEC99E0A815D
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3231322e3131332e302f32342d3234203d3e20323036353035.roa
Signing time: Tue 26 Sep 2023 02:02:10 +0000
ROA not before: Tue 26 Sep 2023 01:57:10 +0000
ROA not after: Tue 24 Sep 2024 02:02:10 +0000
asID: 206505
IP address blocks: 185.212.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:4e:4d:84:4a:6e:94:0c:b8:0c:da:ba:fc:77:ce:c9:9e:0a:81:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Sep 26 01:57:10 2023 GMT
Not After : Sep 24 02:02:10 2024 GMT
Subject: CN=99B1A9BC3AF0774A10A16E6268D1F18E7986881C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8c:cb:49:58:5f:24:61:2d:cd:58:6b:eb:30:
3f:01:4d:80:84:7d:8b:c0:df:58:55:68:86:77:e4:
53:bb:0d:37:4c:4d:82:e0:50:97:5b:a3:12:b6:19:
38:19:56:dc:69:7c:4a:63:11:cd:f8:22:6f:e9:16:
77:71:c4:7f:39:62:29:11:1e:29:0e:ad:a9:e3:20:
a3:95:da:0a:db:65:b4:3f:af:15:0e:c6:6c:f1:6f:
ec:9f:be:da:c4:3f:27:36:9a:3c:e1:0f:04:7a:06:
13:23:58:a7:8a:68:60:97:84:e2:36:80:73:da:93:
db:b6:39:54:4b:7a:a4:cc:1e:d0:d7:2b:a1:4c:14:
a2:fc:46:fc:13:eb:52:fa:5b:c3:67:51:8d:a6:4e:
f4:d5:8b:19:f6:13:d8:7f:64:58:66:d3:c3:f2:b4:
77:23:57:56:6c:f9:80:44:b0:26:6b:ad:2d:47:d9:
96:e0:5f:bd:d6:d9:03:5f:d5:bd:6c:f2:53:7c:8c:
77:d8:0d:c4:ed:26:03:b5:93:54:1a:a7:13:77:de:
68:a9:57:9a:29:f4:06:1b:87:70:0f:e8:78:6a:4f:
e3:dc:8c:c0:e8:6b:d5:d9:c0:ac:18:cc:01:c1:a8:
05:b6:2f:f9:19:48:0e:8a:3f:7b:53:5b:f2:0d:28:
bd:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B1:A9:BC:3A:F0:77:4A:10:A1:6E:62:68:D1:F1:8E:79:86:88:1C
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3231322e3131332e302f32342d3234203d3e20323036353035.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.113.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:c0:e7:af:7e:cf:e3:aa:a1:f0:87:7d:50:9d:dc:a6:1a:06:
01:a0:42:4f:83:3e:b0:b7:9c:f3:2b:ab:3e:37:d0:ef:d7:97:
71:04:af:c5:7e:2d:03:4e:5a:29:65:ed:55:2e:27:20:96:9c:
5c:d5:c3:19:c6:33:f7:af:08:99:38:f9:3b:ed:e7:65:83:fe:
19:d8:02:1e:13:aa:db:84:29:23:8d:75:ed:3f:2f:ee:d8:a6:
79:f0:d9:54:a9:41:57:cc:19:42:5a:d4:64:66:87:83:5d:6e:
cf:c2:e9:6b:f5:ff:79:8d:0d:48:5e:e3:a2:a4:50:76:b6:b1:
af:b7:22:06:ae:85:ca:23:16:23:50:59:9f:95:5e:8c:bf:89:
70:8e:c0:44:fe:b1:d6:41:c5:44:ce:8d:18:38:cb:61:a2:a9:
53:97:a8:5c:b3:5f:bd:0d:1c:31:b1:5b:cf:02:46:c0:dc:c4:
bb:d9:7c:9c:80:8c:20:c0:9c:54:34:42:7b:61:d7:8e:75:c5:
f1:c9:29:38:39:81:16:c4:da:69:fd:92:e8:1e:89:34:82:39:
88:da:11:83:a7:c4:ca:b7:ba:12:10:47:43:75:e9:b5:5b:a6:
42:15:29:72:a8:4c:a3:d0:71:a0:0d:44:ba:66:ca:27:50:58:
04:2d:37:2f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUPE5NhEpulAy4DNq6/HfOyZ4KgV0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yMzA5MjYwMTU3MTBaFw0yNDA5MjQwMjAyMTBaMDMxMTAvBgNV
BAMTKDk5QjFBOUJDM0FGMDc3NEExMEExNkU2MjY4RDFGMThFNzk4Njg4MUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpjMtJWF8kYS3NWGvrMD8BTYCE
fYvA31hVaIZ35FO7DTdMTYLgUJdboxK2GTgZVtxpfEpjEc34Im/pFndxxH85YikR
HikOranjIKOV2grbZbQ/rxUOxmzxb+yfvtrEPyc2mjzhDwR6BhMjWKeKaGCXhOI2
gHPak9u2OVRLeqTMHtDXK6FMFKL8RvwT61L6W8NnUY2mTvTVixn2E9h/ZFhm08Py
tHcjV1Zs+YBEsCZrrS1H2ZbgX73W2QNf1b1s8lN8jHfYDcTtJgO1k1QapxN33mip
V5op9AYbh3AP6HhqT+PcjMDoa9XZwKwYzAHBqAW2L/kZSA6KP3tTW/INKL2hAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUmbGpvDrwd0oQoW5iaNHxjnmGiBwwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzODM1MmUzMjMxMzIyZTMx
MzEzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNjM1MzAzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnUcTANBgkqhkiG9w0BAQsFAAOCAQEAesDnr37P46qh8Id9UJ3cphoGAaBC
T4M+sLec8yurPjfQ79eXcQSvxX4tA05aKWXtVS4nIJacXNXDGcYz968ImTj5O+3n
ZYP+GdgCHhOq24QpI4117T8v7timefDZVKlBV8wZQlrUZGaHg11uz8Lpa/X/eY0N
SF7joqRQdraxr7ciBq6FyiMWI1BZn5VejL+JcI7ARP6x1kHFRM6NGDjLYaKpU5eo
XLNfvQ0cMbFbzwJGwNzEu9l8nICMIMCcVDRCe2HXjnXF8ckpODmBFsTaaf2S6B6J
NII5iNoRg6fEyre6EhBHQ3XptVumQhUpcqhMo9BxoA1EumbKJ1BYBC03Lw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:04:29 2024 by rpki-client on console-ams.rpki-client.org