Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234312e3233362e302f32322d3232203d3e20323030303634.roa
File: 3138352e3234312e3233362e302f32322d3232203d3e20323030303634.roa (raw, json)
Hash identifier: UTHrzuSQOGgDT/Qx6ojqsPuEHH234tHN4vnsb77NJ68=
Subject key identifier: C4:6C:3C:1D:15:23:B8:20:BF:E2:F5:A3:07:27:7C:88:CF:AD:14:DE
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 1DBB8D2757F45CDE7A11CDB41A460796D3B49789
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234312e3233362e302f32322d3232203d3e20323030303634.roa
Signing time: Mon 26 Feb 2024 08:53:36 +0000
ROA not before: Mon 26 Feb 2024 08:48:36 +0000
ROA not after: Mon 24 Feb 2025 08:53:36 +0000
asID: 200064
IP address blocks: 185.241.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 21:31:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:bb:8d:27:57:f4:5c:de:7a:11:cd:b4:1a:46:07:96:d3:b4:97:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Feb 26 08:48:36 2024 GMT
Not After : Feb 24 08:53:36 2025 GMT
Subject: CN=C46C3C1D1523B820BFE2F5A307277C88CFAD14DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d0:cb:bd:00:37:db:c9:33:0f:a3:e0:68:c6:
bd:f1:f9:56:90:91:c9:f5:60:77:f8:c3:f4:34:21:
1e:e3:91:2f:e7:89:72:94:2a:0a:df:d7:ea:0f:fe:
f1:1a:13:9f:fc:7a:be:9b:0b:7d:81:00:da:b6:93:
dd:0d:ad:f2:55:fb:db:6c:30:f9:d2:66:09:4d:52:
86:ef:f1:a9:c9:76:3f:25:95:bf:04:a8:8f:b6:74:
9d:bf:a1:e4:51:95:9f:b6:d7:b2:15:05:d2:18:b8:
e1:0a:9b:71:85:72:aa:d7:33:35:a5:d1:3b:cf:1c:
12:eb:63:e1:1d:80:6a:c6:b7:a5:3e:c6:b2:63:2f:
38:6f:fe:99:14:18:d4:a3:06:48:91:fc:cf:20:43:
b0:0e:e2:6a:15:2b:44:a8:b8:f8:55:c3:60:58:ff:
c5:c9:54:d5:c6:d4:63:64:10:d0:11:48:66:aa:c2:
f1:c1:7b:24:e3:37:f5:5a:07:3a:d1:76:88:58:e5:
8a:75:6f:79:f8:00:87:f9:2e:2f:2f:8e:0e:e9:0f:
51:02:e8:40:44:71:ca:b2:b4:e4:0c:2b:d4:ea:1b:
23:21:dc:8c:1c:a9:1d:14:ce:3d:99:ce:68:65:98:
09:ff:bf:57:37:6c:cf:2e:7d:d8:b0:fc:94:cd:a4:
61:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:6C:3C:1D:15:23:B8:20:BF:E2:F5:A3:07:27:7C:88:CF:AD:14:DE
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234312e3233362e302f32322d3232203d3e20323030303634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.236.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:db:88:12:12:61:90:fe:1f:9b:b1:97:85:30:ab:50:9a:4d:
f3:c4:80:39:c1:3e:8b:b1:52:93:9e:fe:34:02:de:ec:8a:d8:
e6:fe:68:81:8c:c7:b8:c3:7f:a3:0e:67:15:be:27:1f:c6:16:
0e:8a:4a:29:15:23:4b:3c:43:da:b6:af:f2:98:3a:69:df:3b:
3b:46:dd:29:1e:d2:99:8a:ab:71:81:52:40:96:b5:21:59:f5:
a2:1d:4b:b1:81:21:0a:5a:f9:50:9c:38:ed:6c:04:5c:b4:9f:
20:26:7f:f4:19:4b:f1:bc:37:a7:fb:be:50:64:56:97:ee:46:
e7:d9:ea:0e:4f:fa:80:e5:ae:11:93:83:a9:ba:0b:88:06:63:
5a:84:ca:70:31:fc:e0:df:24:2d:d6:b4:55:c2:aa:a5:0d:88:
56:9a:78:1a:50:f7:a3:25:4f:db:33:db:f3:8d:82:59:f6:d6:
00:5c:c2:9b:ec:43:45:0a:ae:32:9a:1f:94:79:a9:46:0c:4d:
0a:d1:c1:a3:c5:fa:78:18:ee:ea:97:74:87:79:be:80:9a:2e:
83:45:12:a2:b2:3d:b2:92:40:78:b9:22:de:68:66:30:33:e6:
70:13:d0:e9:fe:b0:b0:6b:fd:4a:f1:b9:d5:fd:7b:ad:0f:f0:
0a:f5:a3:ab
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUHbuNJ1f0XN56Ec20GkYHltO0l4kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDAyMjYwODQ4MzZaFw0yNTAyMjQwODUzMzZaMDMxMTAvBgNV
BAMTKEM0NkMzQzFEMTUyM0I4MjBCRkUyRjVBMzA3Mjc3Qzg4Q0ZBRDE0REUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz0Mu9ADfbyTMPo+Boxr3x+VaQ
kcn1YHf4w/Q0IR7jkS/niXKUKgrf1+oP/vEaE5/8er6bC32BANq2k90NrfJV+9ts
MPnSZglNUobv8anJdj8llb8EqI+2dJ2/oeRRlZ+217IVBdIYuOEKm3GFcqrXMzWl
0TvPHBLrY+EdgGrGt6U+xrJjLzhv/pkUGNSjBkiR/M8gQ7AO4moVK0SouPhVw2BY
/8XJVNXG1GNkENARSGaqwvHBeyTjN/VaBzrRdohY5Yp1b3n4AIf5Li8vjg7pD1EC
6EBEccqytOQMK9TqGyMh3IwcqR0Uzj2ZzmhlmAn/v1c3bM8ufdiw/JTNpGGVAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUxGw8HRUjuCC/4vWjByd8iM+tFN4wHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjM0MzEyZTMy
MzMzNjJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzAzMDMwMzYzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEArnx7DANBgkqhkiG9w0BAQsFAAOCAQEApduIEhJhkP4fm7GXhTCrUJpN88SA
OcE+i7FSk57+NALe7IrY5v5ogYzHuMN/ow5nFb4nH8YWDopKKRUjSzxD2rav8pg6
ad87O0bdKR7SmYqrcYFSQJa1IVn1oh1LsYEhClr5UJw47WwEXLSfICZ/9BlL8bw3
p/u+UGRWl+5G59nqDk/6gOWuEZODqboLiAZjWoTKcDH84N8kLda0VcKqpQ2IVpp4
GlD3oyVP2zPb842CWfbWAFzCm+xDRQquMpoflHmpRgxNCtHBo8X6eBju6pd0h3m+
gJoug0USorI9spJAeLki3mhmMDPmcBPQ6f6wsGv9SvG51f17rQ/wCvWjqw==
-----END CERTIFICATE-----
Generated at Tue Jun 18 02:58:23 2024 by rpki-client on console-fra.rpki-client.org