Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231342e3132362e302f32332d3234203d3e203437353833.roa
File: 3138352e3231342e3132362e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: UH0FAtLHDC/JNwbeXLaZUFdIWy/dBEzE9AcLe/9NUI8=
Subject key identifier: DE:A9:E8:CE:7F:D3:4B:84:45:EA:2D:72:EB:ED:F3:63:1C:D1:4D:E7
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 3389C3BBED79D8BD7DFF9B0E60D0E716B6957282
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231342e3132362e302f32332d3234203d3e203437353833.roa
Signing time: Mon 26 Feb 2024 08:53:34 +0000
ROA not before: Mon 26 Feb 2024 08:48:34 +0000
ROA not after: Mon 24 Feb 2025 08:53:34 +0000
asID: 47583
IP address blocks: 185.214.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:89:c3:bb:ed:79:d8:bd:7d:ff:9b:0e:60:d0:e7:16:b6:95:72:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Feb 26 08:48:34 2024 GMT
Not After : Feb 24 08:53:34 2025 GMT
Subject: CN=DEA9E8CE7FD34B8445EA2D72EBEDF3631CD14DE7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a3:e2:79:2c:4d:18:69:11:23:69:82:69:fc:
d7:96:f5:df:72:20:be:0b:61:d2:81:43:b3:e1:95:
b4:a7:68:3f:c5:56:4b:e2:3b:a1:4c:d5:ed:f4:56:
c8:c5:a5:4a:0f:c3:2b:2e:ec:4c:7f:15:04:f4:7d:
f8:a8:fa:cf:72:aa:5a:78:5d:3b:15:59:e9:28:cd:
fb:fc:8c:d4:16:9d:79:49:ee:62:be:a6:1f:96:f0:
f8:84:46:0c:8e:c8:07:80:62:1f:ce:d2:d1:d3:77:
e9:12:ad:19:f5:4a:e0:34:24:97:17:90:63:75:c2:
55:8e:9d:82:b6:59:9a:ad:08:8f:d8:7e:89:59:b5:
b8:b8:4b:2c:c0:71:80:0e:c4:e5:a1:e3:8c:c4:77:
ee:c1:2c:c4:a7:ed:eb:ab:b2:f1:9e:44:51:2a:bd:
d1:0d:3a:ce:e8:a6:f9:85:d9:ab:87:13:8e:c1:c9:
b4:2d:9b:91:3b:cf:18:31:a7:e5:50:be:9e:f5:f6:
09:6a:12:82:ea:52:cf:6a:26:e8:11:28:31:cb:c1:
6a:ed:32:4d:d8:8a:f7:f6:ae:d4:56:83:ef:7c:84:
a2:6a:b7:a8:68:4f:db:93:b3:9f:64:c2:ac:35:26:
6f:b3:f2:57:eb:61:7c:59:0f:bc:4d:f4:40:0b:d0:
42:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:A9:E8:CE:7F:D3:4B:84:45:EA:2D:72:EB:ED:F3:63:1C:D1:4D:E7
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231342e3132362e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.126.0/23
Signature Algorithm: sha256WithRSAEncryption
00:33:f2:d2:28:b1:76:5f:4d:11:f8:29:37:f5:ce:9f:30:6d:
a2:a7:21:af:3a:5a:8f:ae:5f:1a:55:a2:ee:e5:3b:8c:67:0c:
57:12:d0:17:66:2b:18:25:6e:76:b2:33:4c:5b:70:fc:0d:2b:
22:0b:4e:22:02:b2:56:a9:4d:ad:94:54:06:d6:eb:cd:a3:16:
03:fe:4e:f0:09:8f:9e:b4:06:56:71:b6:13:1b:7a:7a:fe:41:
77:89:1f:58:7d:4c:36:f9:be:7d:7d:4b:3a:9e:48:d7:39:28:
87:d2:f3:08:58:6d:d4:d3:79:67:1d:48:a4:12:5d:5d:54:65:
59:db:d9:6a:67:a7:bd:04:7f:17:25:e9:29:53:a2:85:01:11:
bc:f4:5c:b4:4f:25:ac:e4:43:2c:18:0b:85:e6:3d:bc:fa:36:
3a:0d:9b:2a:53:27:85:4c:42:2a:52:e7:bc:3e:38:13:fb:3d:
d7:75:0c:97:b5:f8:5a:84:06:33:6e:db:14:ae:1c:a6:6a:69:
29:d1:ee:9f:b1:b8:99:e4:9b:d0:e1:3a:7c:15:f5:70:0f:6a:
11:af:d6:bb:1f:42:93:fe:67:33:24:ed:1c:18:05:f2:39:bf:
f5:a9:a1:0a:a5:a1:14:48:8f:0e:75:8a:4f:0a:73:ca:60:e7:
9a:f6:e6:53
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUM4nDu+152L19/5sOYNDnFraVcoIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDAyMjYwODQ4MzRaFw0yNTAyMjQwODUzMzRaMDMxMTAvBgNV
BAMTKERFQTlFOENFN0ZEMzRCODQ0NUVBMkQ3MkVCRURGMzYzMUNEMTRERTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuo+J5LE0YaREjaYJp/NeW9d9y
IL4LYdKBQ7PhlbSnaD/FVkviO6FM1e30VsjFpUoPwysu7Ex/FQT0ffio+s9yqlp4
XTsVWekozfv8jNQWnXlJ7mK+ph+W8PiERgyOyAeAYh/O0tHTd+kSrRn1SuA0JJcX
kGN1wlWOnYK2WZqtCI/YfolZtbi4SyzAcYAOxOWh44zEd+7BLMSn7eursvGeRFEq
vdENOs7opvmF2auHE47BybQtm5E7zxgxp+VQvp719glqEoLqUs9qJugRKDHLwWrt
Mk3Yivf2rtRWg+98hKJqt6hoT9uTs59kwqw1Jm+z8lfrYXxZD7xN9EAL0EIPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU3qnozn/TS4RF6i1y6+3zYxzRTecwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjMxMzQyZTMx
MzIzNjJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG51n4wDQYJKoZIhvcNAQELBQADggEBAAAz8tIosXZfTRH4KTf1zp8wbaKnIa86
Wo+uXxpVou7lO4xnDFcS0BdmKxglbnayM0xbcPwNKyILTiICslapTa2UVAbW682j
FgP+TvAJj560BlZxthMbenr+QXeJH1h9TDb5vn19SzqeSNc5KIfS8whYbdTTeWcd
SKQSXV1UZVnb2Wpnp70Efxcl6SlTooUBEbz0XLRPJazkQywYC4XmPbz6NjoNmypT
J4VMQipS57w+OBP7Pdd1DJe1+FqEBjNu2xSuHKZqaSnR7p+xuJnkm9DhOnwV9XAP
ahGv1rsfQpP+ZzMk7RwYBfI5v/WpoQqloRRIjw51ik8Kc8pg55r25lM=
-----END CERTIFICATE-----
Generated at Sun Jun 2 00:32:14 2024 by rpki-client on console-ams.rpki-client.org