Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136342e3131302e302f32332d3233203d3e203437353833.roa
File: 3138352e3136342e3131302e302f32332d3233203d3e203437353833.roa (raw, json)
Hash identifier: AWC/dle3m6ml2SxJxTrAsViQd3ea3hdkb4DzL4uEQOU=
Subject key identifier: D3:69:ED:E5:EC:CD:8C:5E:A7:25:C5:C2:44:C9:EA:C3:AF:A8:45:B3
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 33747D3610175B7D712BE405AE561EB05592A734
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136342e3131302e302f32332d3233203d3e203437353833.roa
Signing time: Thu 23 May 2024 13:51:56 +0000
ROA not before: Thu 23 May 2024 13:46:56 +0000
ROA not after: Thu 22 May 2025 13:51:56 +0000
asID: 47583
IP address blocks: 185.164.110.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:74:7d:36:10:17:5b:7d:71:2b:e4:05:ae:56:1e:b0:55:92:a7:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: May 23 13:46:56 2024 GMT
Not After : May 22 13:51:56 2025 GMT
Subject: CN=D369EDE5ECCD8C5EA725C5C244C9EAC3AFA845B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9f:2a:44:62:15:b8:0e:99:ac:a6:6b:49:a4:
6e:44:c8:93:c4:f6:53:a4:06:ee:40:06:08:92:ac:
6f:12:81:42:67:d1:5e:70:2b:b7:97:5a:54:fe:0b:
e3:43:49:6c:95:14:a6:26:52:12:39:54:9a:34:c8:
7c:fe:f8:d5:1e:ea:68:ed:82:b5:26:1b:89:83:4d:
9f:c4:44:ad:18:d2:86:d9:df:cd:74:2a:36:fe:39:
0b:c9:6f:76:38:8f:20:00:0b:90:1c:df:40:4e:b3:
e3:f8:67:fc:b3:a7:fa:49:36:ff:83:ec:9a:63:38:
5b:84:6b:7b:44:d5:06:3b:3b:7d:4e:38:44:52:d5:
1a:6b:37:43:36:6e:bc:76:6a:5d:2d:8e:8a:8c:9e:
ac:c1:c8:40:cf:33:52:fa:3f:b6:77:37:f7:b7:00:
d1:e2:1e:36:48:4f:37:e1:3c:b8:2d:56:75:8e:9e:
df:16:42:39:81:9a:60:0c:fe:44:57:58:3d:2a:99:
50:d4:78:fd:f3:58:b0:9b:4b:be:5c:5f:f5:cc:00:
38:1f:8c:79:53:14:1a:25:41:39:53:45:af:d1:d9:
01:e0:b9:05:ae:7b:44:f3:76:fb:fc:2a:8c:c7:06:
23:9c:e2:d2:7d:22:c7:d8:00:53:95:e4:fb:07:10:
d3:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:69:ED:E5:EC:CD:8C:5E:A7:25:C5:C2:44:C9:EA:C3:AF:A8:45:B3
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136342e3131302e302f32332d3233203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.110.0/23
Signature Algorithm: sha256WithRSAEncryption
57:c1:77:93:7a:32:1a:00:21:33:55:36:ce:b2:6d:ff:d6:e5:
d0:d9:02:1a:9a:58:34:d8:61:5a:65:2d:b4:07:79:ee:1e:a7:
64:00:2b:8d:3b:f7:21:2f:ef:3e:3e:fb:0f:29:ea:94:86:c6:
c9:27:5b:0b:bd:c0:a0:96:6d:f0:1f:23:66:a6:9a:76:c4:4e:
d2:2c:67:b3:72:99:bf:49:01:8c:1d:24:82:e5:10:68:5b:f6:
b5:9a:6b:32:61:89:91:8b:42:07:c6:c0:ab:cb:61:4e:53:96:
ce:fa:28:99:29:ec:87:ca:7b:ee:85:ef:71:08:91:ea:69:5b:
71:18:65:98:64:01:d2:06:ef:3c:1d:b8:c4:16:b6:0f:79:df:
24:12:17:e5:c8:42:62:f1:e1:d8:d4:85:0d:96:cb:2b:44:e7:
b2:db:e4:2a:ec:1d:42:67:1a:da:67:40:95:54:47:30:93:95:
c8:23:93:c3:d0:bc:f8:0a:ed:13:4d:e8:2c:e4:c9:30:c6:cf:
3a:54:15:39:ef:2b:3c:2e:12:3a:c1:fd:5b:1a:52:35:9b:1a:
49:e5:f1:af:e9:6c:37:45:2d:6c:52:e8:e8:42:cf:33:80:91:
9e:a4:e6:f9:e8:71:7f:79:cc:35:58:0a:04:be:2a:63:38:23:
37:11:68:50
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUM3R9NhAXW31xK+QFrlYesFWSpzQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDA1MjMxMzQ2NTZaFw0yNTA1MjIxMzUxNTZaMDMxMTAvBgNV
BAMTKEQzNjlFREU1RUNDRDhDNUVBNzI1QzVDMjQ0QzlFQUMzQUZBODQ1QjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqnypEYhW4DpmspmtJpG5EyJPE
9lOkBu5ABgiSrG8SgUJn0V5wK7eXWlT+C+NDSWyVFKYmUhI5VJo0yHz++NUe6mjt
grUmG4mDTZ/ERK0Y0obZ3810Kjb+OQvJb3Y4jyAAC5Ac30BOs+P4Z/yzp/pJNv+D
7JpjOFuEa3tE1QY7O31OOERS1RprN0M2brx2al0tjoqMnqzByEDPM1L6P7Z3N/e3
ANHiHjZITzfhPLgtVnWOnt8WQjmBmmAM/kRXWD0qmVDUeP3zWLCbS75cX/XMADgf
jHlTFBolQTlTRa/R2QHguQWue0Tzdvv8KozHBiOc4tJ9IsfYAFOV5PsHENMvAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU02nt5ezNjF6nJcXCRMnqw6+oRbMwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
NDJlMzEzMTMwMmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzQzNzM1MzgzMy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAbmkbjANBgkqhkiG9w0BAQsFAAOCAQEAV8F3k3oyGgAhM1U2zrJt/9bl
0NkCGppYNNhhWmUttAd57h6nZAArjTv3IS/vPj77DynqlIbGySdbC73AoJZt8B8j
ZqaadsRO0ixns3KZv0kBjB0kguUQaFv2tZprMmGJkYtCB8bAq8thTlOWzvoomSns
h8p77oXvcQiR6mlbcRhlmGQB0gbvPB24xBa2D3nfJBIX5chCYvHh2NSFDZbLK0Tn
stvkKuwdQmca2mdAlVRHMJOVyCOTw9C8+ArtE03oLOTJMMbPOlQVOe8rPC4SOsH9
WxpSNZsaSeXxr+lsN0UtbFLo6ELPM4CRnqTm+ehxf3nMNVgKBL4qYzgjNxFoUA==
-----END CERTIFICATE-----
Generated at Thu Jun 13 13:10:49 2024 by rpki-client on console-ams.rpki-client.org