Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3232382e342e302f32322d3234203d3e20323034313730.roa
File: 3138352e3232382e342e302f32322d3234203d3e20323034313730.roa (raw, json)
Hash identifier: nMwzT4U5+BdMb/HSuCbcgFUM/2JFOVh7Tr4s/6HzDQE=
Subject key identifier: A6:29:9E:7B:B6:E1:55:38:41:8F:AC:2D:81:CF:62:86:08:84:B7:D7
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 5A6A11A565DEBA298AF9965715377D8497DDA18F
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3232382e342e302f32322d3234203d3e20323034313730.roa
Signing time: Mon 26 Feb 2024 08:53:35 +0000
ROA not before: Mon 26 Feb 2024 08:48:35 +0000
ROA not after: Mon 24 Feb 2025 08:53:35 +0000
asID: 204170
IP address blocks: 185.228.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:6a:11:a5:65:de:ba:29:8a:f9:96:57:15:37:7d:84:97:dd:a1:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Feb 26 08:48:35 2024 GMT
Not After : Feb 24 08:53:35 2025 GMT
Subject: CN=A6299E7BB6E15538418FAC2D81CF62860884B7D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:de:cf:1d:40:e4:c2:3b:51:4b:a2:68:b4:86:
01:ca:a9:d6:df:71:9b:33:dd:32:19:d0:db:41:08:
8c:5f:58:2e:b7:01:f2:ed:73:27:aa:7c:48:47:9d:
10:a8:3b:14:4c:6b:9f:28:fc:88:ad:5e:6d:6b:00:
a5:1c:84:8e:3c:76:99:e4:3d:f8:a6:3c:ae:4f:42:
4e:2d:48:3c:fe:c4:4d:c9:56:63:13:2f:6b:0f:1a:
6a:99:d5:ad:4c:78:54:bb:4a:cf:ba:1c:2a:2c:18:
9f:05:7e:4f:20:36:ff:01:2d:67:ce:95:ae:d9:e9:
a9:cb:09:09:e6:f8:11:2d:39:ea:9a:f1:46:c2:7c:
e5:38:33:a8:fc:93:18:99:c4:c1:1f:cc:ea:55:2b:
cf:e6:87:60:1a:c8:8f:f5:4b:5b:01:7a:6c:2c:f4:
d3:bb:20:af:7e:7e:16:04:20:dc:5f:1c:3a:28:05:
6f:77:21:17:90:ee:cc:37:a2:30:97:39:ff:bd:a3:
3d:24:b5:3c:e0:35:33:ff:6b:4c:d2:ae:b5:94:f0:
55:c5:91:00:53:32:6b:c0:f1:a8:c5:e0:cc:3f:b0:
80:f4:0c:91:ba:c0:71:7d:ca:1a:51:85:a1:16:a3:
3e:b5:e6:c4:71:98:ab:5b:73:09:a4:f9:1e:46:13:
21:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:29:9E:7B:B6:E1:55:38:41:8F:AC:2D:81:CF:62:86:08:84:B7:D7
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3232382e342e302f32322d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.4.0/22
Signature Algorithm: sha256WithRSAEncryption
33:ef:fe:85:31:32:63:14:47:f6:30:27:b8:d6:25:e3:af:c8:
92:63:92:eb:6c:6b:71:d1:61:f1:ab:1c:0b:11:96:ba:b1:c5:
38:33:f1:c4:63:8e:09:3d:c8:6b:6b:b6:0c:16:72:df:9c:5a:
28:88:ac:9c:da:38:bb:40:a5:39:5b:aa:01:24:b5:50:63:71:
6e:03:41:7f:3c:f1:ed:b4:c5:7d:62:8d:ff:2f:c0:db:c7:38:
76:1a:0b:04:a4:14:94:b1:85:f2:2d:17:9a:3d:50:1a:d4:c6:
bc:00:62:3d:cb:b4:a6:52:84:2f:88:28:36:4c:01:04:60:d3:
be:33:1e:1b:b8:a4:3b:d2:cc:85:1b:d1:49:45:11:33:62:07:
57:b3:95:ab:6b:80:6c:a9:47:96:aa:43:ca:3f:d5:55:0c:e6:
6f:f0:77:3d:f2:f6:1a:e0:16:e5:19:8d:ba:d4:49:cb:b0:ce:
b0:2c:90:9f:b1:d0:ed:69:c4:52:18:6d:98:2b:24:ff:92:f5:
c7:5d:66:60:fb:c1:1a:d7:c7:10:e4:91:be:2d:b6:0b:fa:87:
0d:61:a5:c0:31:4d:12:e7:98:68:5b:f4:d4:f1:53:ad:49:fe:
01:ff:a7:47:fb:53:26:be:b8:1b:94:b3:a5:45:52:2a:a4:a8:
1b:08:6e:f0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWmoRpWXeuimK+ZZXFTd9hJfdoY8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDAyMjYwODQ4MzVaFw0yNTAyMjQwODUzMzVaMDMxMTAvBgNV
BAMTKEE2Mjk5RTdCQjZFMTU1Mzg0MThGQUMyRDgxQ0Y2Mjg2MDg4NEI3RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw3s8dQOTCO1FLomi0hgHKqdbf
cZsz3TIZ0NtBCIxfWC63AfLtcyeqfEhHnRCoOxRMa58o/IitXm1rAKUchI48dpnk
PfimPK5PQk4tSDz+xE3JVmMTL2sPGmqZ1a1MeFS7Ss+6HCosGJ8Ffk8gNv8BLWfO
la7Z6anLCQnm+BEtOeqa8UbCfOU4M6j8kxiZxMEfzOpVK8/mh2AayI/1S1sBemws
9NO7IK9+fhYEINxfHDooBW93IReQ7sw3ojCXOf+9oz0ktTzgNTP/a0zSrrWU8FXF
kQBTMmvA8ajF4Mw/sID0DJG6wHF9yhpRhaEWoz615sRxmKtbcwmk+R5GEyHhAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUpimee7bhVThBj6wtgc9ihgiEt9cwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjMyMzgyZTM0
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzMDM0MzEzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
ueQEMA0GCSqGSIb3DQEBCwUAA4IBAQAz7/6FMTJjFEf2MCe41iXjr8iSY5LrbGtx
0WHxqxwLEZa6scU4M/HEY44JPchra7YMFnLfnFooiKyc2ji7QKU5W6oBJLVQY3Fu
A0F/PPHttMV9Yo3/L8Dbxzh2GgsEpBSUsYXyLReaPVAa1Ma8AGI9y7SmUoQviCg2
TAEEYNO+Mx4buKQ70syFG9FJRREzYgdXs5Wra4BsqUeWqkPKP9VVDOZv8Hc98vYa
4BblGY261EnLsM6wLJCfsdDtacRSGG2YKyT/kvXHXWZg+8Ea18cQ5JG+LbYL+ocN
YaXAMU0S55hoW/TU8VOtSf4B/6dH+1MmvrgblLOlRVIqpKgbCG7w
-----END CERTIFICATE-----
Generated at Sat Jun 1 10:34:56 2024 by rpki-client on console-fra.rpki-client.org