Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3232392e3131342e302f32332d3234203d3e203437353833.roa
File: 3138352e3232392e3131342e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: z4GtUHtOBsYnvEENTV5QboJlsMom6RS4wCmGhM8EfHQ=
Subject key identifier: F8:0C:EF:E6:C9:3E:62:D7:B3:D2:DE:3E:59:28:0D:36:E4:9A:32:33
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 31D4577D22E262265EF7409541A5960B509FFE4F
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3232392e3131342e302f32332d3234203d3e203437353833.roa
Signing time: Mon 26 Feb 2024 08:53:37 +0000
ROA not before: Mon 26 Feb 2024 08:48:37 +0000
ROA not after: Mon 24 Feb 2025 08:53:37 +0000
asID: 47583
IP address blocks: 185.229.114.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:d4:57:7d:22:e2:62:26:5e:f7:40:95:41:a5:96:0b:50:9f:fe:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Feb 26 08:48:37 2024 GMT
Not After : Feb 24 08:53:37 2025 GMT
Subject: CN=F80CEFE6C93E62D7B3D2DE3E59280D36E49A3233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:72:fa:eb:2c:92:b5:f6:6c:7a:54:73:fc:fc:
7e:13:46:c6:05:17:1c:ea:83:93:45:87:65:12:cc:
47:b4:01:90:dd:08:2d:3d:c0:e9:fb:3b:f2:67:74:
3f:f2:7e:ae:b6:ba:11:90:e9:a1:90:19:3a:ba:e1:
bd:13:dc:c1:17:b8:bf:82:6b:39:a5:2a:9a:2b:87:
8e:50:6d:dd:69:35:37:e8:cb:2b:50:5d:6b:8a:13:
bf:d0:b6:8c:d5:e0:c2:76:9c:2a:0b:ea:f7:c5:e0:
41:80:c9:93:63:72:b5:35:a0:23:90:b3:29:ed:6d:
6a:12:04:38:af:ed:aa:61:01:39:e6:1f:9c:0a:5d:
f6:39:35:32:b7:12:e2:09:56:57:4c:4f:da:86:fa:
0b:4e:ab:79:d3:52:da:5f:f5:0f:47:d6:fb:c8:13:
4d:21:2e:19:5a:dd:2f:69:6d:3f:5e:da:32:49:1e:
ca:c4:c2:d2:50:7e:73:c0:54:78:2d:fb:ec:6e:dd:
17:03:5b:6d:c3:00:04:3a:63:ec:d8:d4:b3:0c:0a:
95:85:9b:f8:58:27:22:56:95:1f:a1:99:08:61:42:
fa:86:dc:2d:e9:f9:50:82:2c:9e:98:3e:1b:b0:7d:
56:43:44:f3:21:b8:52:3e:11:58:85:82:c2:c7:da:
1b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:0C:EF:E6:C9:3E:62:D7:B3:D2:DE:3E:59:28:0D:36:E4:9A:32:33
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3232392e3131342e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.114.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:18:01:b0:b5:93:a8:af:00:80:3d:c2:87:16:6f:bb:ba:a3:
22:2e:b2:b5:aa:2f:07:cc:3a:1d:a3:dd:bf:49:2c:e1:19:ef:
d4:b6:7d:3e:76:62:67:8f:23:e7:a4:f5:7f:2b:36:97:94:9e:
68:57:e5:23:c2:33:5e:4c:3c:3d:79:be:0d:71:65:1a:90:1a:
c8:ee:50:e2:4b:d1:34:b8:21:7c:36:3b:1c:79:2c:04:e6:d5:
43:c2:47:56:bd:e9:1c:86:e9:6d:d0:72:17:b5:6e:64:7c:04:
7e:5b:d0:a2:aa:be:24:f3:97:16:84:e0:b8:40:59:c4:1b:28:
b6:05:2b:19:00:d8:67:4c:5e:4b:21:cb:d8:22:ff:81:6b:d4:
42:4f:0e:88:8d:f6:02:9f:f2:db:5f:82:ba:99:1c:fa:db:ef:
2a:8e:de:f1:65:0a:49:bc:33:ec:5c:8d:a0:04:46:5a:d2:41:
06:67:8f:17:45:d6:4a:8e:57:e3:bd:22:bb:92:ae:76:6e:60:
a8:d4:d9:b6:50:b4:b5:ee:f9:91:83:8d:81:6f:4e:5d:eb:61:
67:e0:23:c5:06:68:47:c5:ac:e2:e3:33:43:f5:71:33:e5:1d:
02:fd:48:47:4d:76:f3:37:38:c5:f8:f2:82:b6:69:d7:c6:5c:
7a:06:b2:c2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMdRXfSLiYiZe90CVQaWWC1Cf/k8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDAyMjYwODQ4MzdaFw0yNTAyMjQwODUzMzdaMDMxMTAvBgNV
BAMTKEY4MENFRkU2QzkzRTYyRDdCM0QyREUzRTU5MjgwRDM2RTQ5QTMyMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDocvrrLJK19mx6VHP8/H4TRsYF
Fxzqg5NFh2USzEe0AZDdCC09wOn7O/JndD/yfq62uhGQ6aGQGTq64b0T3MEXuL+C
azmlKporh45Qbd1pNTfoyytQXWuKE7/QtozV4MJ2nCoL6vfF4EGAyZNjcrU1oCOQ
syntbWoSBDiv7aphATnmH5wKXfY5NTK3EuIJVldMT9qG+gtOq3nTUtpf9Q9H1vvI
E00hLhla3S9pbT9e2jJJHsrEwtJQfnPAVHgt++xu3RcDW23DAAQ6Y+zY1LMMCpWF
m/hYJyJWlR+hmQhhQvqG3C3p+VCCLJ6YPhuwfVZDRPMhuFI+EViFgsLH2htxAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU+Azv5sk+Ytez0t4+WSgNNuSaMjMwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjMyMzkyZTMx
MzEzNDJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG55XIwDQYJKoZIhvcNAQELBQADggEBAG0YAbC1k6ivAIA9wocWb7u6oyIusrWq
LwfMOh2j3b9JLOEZ79S2fT52YmePI+ek9X8rNpeUnmhX5SPCM15MPD15vg1xZRqQ
GsjuUOJL0TS4IXw2Oxx5LATm1UPCR1a96RyG6W3Qche1bmR8BH5b0KKqviTzlxaE
4LhAWcQbKLYFKxkA2GdMXkshy9gi/4Fr1EJPDoiN9gKf8ttfgrqZHPrb7yqO3vFl
Ckm8M+xcjaAERlrSQQZnjxdF1kqOV+O9IruSrnZuYKjU2bZQtLXu+ZGDjYFvTl3r
YWfgI8UGaEfFrOLjM0P1cTPlHQL9SEdNdvM3OMX48oK2adfGXHoGssI=
-----END CERTIFICATE-----
Generated at Sun Jun 2 00:32:14 2024 by rpki-client on console-ams.rpki-client.org