Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3139362e32322e302f32342d3234203d3e20323132323338.roa
File: 3138352e3139362e32322e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: HvaHlMpO0SGz+y7c0tAbqbSifB5FTkuA61aV5WimSUc=
Subject key identifier: 58:F2:6C:00:E4:A7:F7:55:57:4D:29:44:67:6B:E2:29:0F:C4:D5:4B
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 78711AA5A3B996284BBE03A61587BDF610EC47BF
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3139362e32322e302f32342d3234203d3e20323132323338.roa
Signing time: Fri 14 Jun 2024 09:09:57 +0000
ROA not before: Fri 14 Jun 2024 09:04:57 +0000
ROA not after: Fri 13 Jun 2025 09:09:57 +0000
asID: 212238
IP address blocks: 185.196.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 08:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:71:1a:a5:a3:b9:96:28:4b:be:03:a6:15:87:bd:f6:10:ec:47:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Jun 14 09:04:57 2024 GMT
Not After : Jun 13 09:09:57 2025 GMT
Subject: CN=58F26C00E4A7F755574D2944676BE2290FC4D54B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:91:a4:82:02:01:5e:86:b7:5f:1c:3a:7c:09:
69:13:f0:eb:fe:33:ad:e1:77:63:f6:e8:7d:fa:f6:
8f:f9:40:57:76:a4:72:34:14:1d:b7:f4:89:9e:09:
6f:3e:e9:b4:af:de:13:5b:8e:9c:b1:6c:9e:72:8d:
4c:b7:c0:d7:1d:ed:c8:fe:84:66:8e:69:e4:55:b0:
b7:2f:3d:8a:d7:1d:04:c7:7e:34:42:4b:e4:93:e2:
2b:b0:17:00:b3:da:9a:f8:74:74:ba:98:63:97:2d:
4b:6c:b8:c6:b6:20:f1:b9:7d:95:fe:28:87:82:17:
00:e3:d9:1f:5c:c2:f1:09:94:3e:79:3b:47:e8:d9:
90:c3:eb:bf:2d:df:e9:d2:a0:e1:79:57:67:af:b2:
51:1d:3b:a1:d9:14:29:93:ea:bd:a4:5a:dc:cf:66:
80:1b:8e:b1:4f:cd:17:a0:64:3c:9a:e0:d0:d7:a5:
c1:b7:f6:97:d4:7c:15:96:f2:d7:14:79:c8:75:a4:
da:25:1d:09:ce:7a:40:e6:2b:63:00:f3:0b:85:65:
9c:fc:db:7f:4d:5c:7f:b0:9c:4e:3b:5a:0c:71:3b:
be:ac:f5:d8:61:22:69:c0:09:9f:6f:ef:36:3a:76:
0d:1f:90:71:0c:22:f9:bb:35:91:fa:05:ec:9b:b0:
a6:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:F2:6C:00:E4:A7:F7:55:57:4D:29:44:67:6B:E2:29:0F:C4:D5:4B
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3139362e32322e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.22.0/24
Signature Algorithm: sha256WithRSAEncryption
65:a7:a8:26:b0:fc:62:eb:21:22:80:fe:f8:83:ce:0f:24:87:
cd:69:43:03:35:2f:54:98:8c:fc:19:b4:79:4c:0f:12:8b:d8:
10:26:d0:4e:b5:21:e2:6e:83:13:1e:2e:2a:d2:58:00:db:59:
34:a5:4a:51:d0:9a:e0:cb:18:70:51:e4:2e:e0:55:f5:cc:47:
c6:a0:34:80:38:9d:3d:30:de:90:f9:28:c6:b7:eb:af:c9:66:
95:8c:3a:28:51:6e:02:e2:be:f5:cb:79:10:f7:a0:4b:ef:2a:
b3:cd:da:7c:8b:c8:03:74:e1:2c:f7:8d:7d:e9:81:86:e0:7a:
43:ef:43:04:79:1c:02:7a:4e:d8:73:c2:87:04:21:a1:06:79:
eb:ad:c1:a7:cb:f1:fe:2d:93:79:cb:a1:28:09:0d:e4:ac:08:
e0:9a:fc:cb:be:76:d1:71:87:99:63:fc:41:5a:1f:0b:df:21:
7b:63:84:92:b5:3b:ef:63:06:44:5f:84:a4:e6:b6:a6:64:c8:
9e:fc:d8:35:fa:9b:e0:b0:dd:07:19:2e:ea:4d:34:0a:66:ec:
5c:03:96:a4:81:01:c3:22:39:5b:b8:70:8b:dd:e7:7d:15:81:
d3:fe:1c:f0:6c:71:92:db:c1:45:df:ee:72:7a:73:b4:8f:aa:
f5:f6:a0:0d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeHEapaO5lihLvgOmFYe99hDsR78wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDA2MTQwOTA0NTdaFw0yNTA2MTMwOTA5NTdaMDMxMTAvBgNV
BAMTKDU4RjI2QzAwRTRBN0Y3NTU1NzREMjk0NDY3NkJFMjI5MEZDNEQ1NEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdkaSCAgFehrdfHDp8CWkT8Ov+
M63hd2P26H369o/5QFd2pHI0FB239ImeCW8+6bSv3hNbjpyxbJ5yjUy3wNcd7cj+
hGaOaeRVsLcvPYrXHQTHfjRCS+ST4iuwFwCz2pr4dHS6mGOXLUtsuMa2IPG5fZX+
KIeCFwDj2R9cwvEJlD55O0fo2ZDD678t3+nSoOF5V2evslEdO6HZFCmT6r2kWtzP
ZoAbjrFPzRegZDya4NDXpcG39pfUfBWW8tcUech1pNolHQnOekDmK2MA8wuFZZz8
239NXH+wnE47WgxxO76s9dhhImnACZ9v7zY6dg0fkHEMIvm7NZH6BeybsKZJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUWPJsAOSn91VXTSlEZ2viKQ/E1UswHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMTM5MzYyZTMy
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5xBYwDQYJKoZIhvcNAQELBQADggEBAGWnqCaw/GLrISKA/viDzg8kh81pQwM1
L1SYjPwZtHlMDxKL2BAm0E61IeJugxMeLirSWADbWTSlSlHQmuDLGHBR5C7gVfXM
R8agNIA4nT0w3pD5KMa366/JZpWMOihRbgLivvXLeRD3oEvvKrPN2nyLyAN04Sz3
jX3pgYbgekPvQwR5HAJ6TthzwocEIaEGeeutwafL8f4tk3nLoSgJDeSsCOCa/Mu+
dtFxh5lj/EFaHwvfIXtjhJK1O+9jBkRfhKTmtqZkyJ782DX6m+Cw3QcZLupNNApm
7FwDlqSBAcMiOVu4cIvd530VgdP+HPBscZLbwUXf7nJ6c7SPqvX2oA0=
-----END CERTIFICATE-----
Generated at Fri Jun 28 11:22:56 2024 by rpki-client on console-fra.rpki-client.org