Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234312e3233382e302f32332d3234203d3e20323037353934.roa
File: 3138352e3234312e3233382e302f32332d3234203d3e20323037353934.roa (raw, json)
Hash identifier: zfAz4NeaXuj1/6ZxwhgwRjMUzBfWUCQvGpd1qisCrlU=
Subject key identifier: 9B:82:03:A6:7D:99:1A:56:FB:59:6D:A3:7A:BF:8C:11:20:83:31:92
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 018B4A5124BC4760530A59F191AADC99DA99FC50
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234312e3233382e302f32332d3234203d3e20323037353934.roa
Signing time: Mon 26 Feb 2024 08:53:34 +0000
ROA not before: Mon 26 Feb 2024 08:48:34 +0000
ROA not after: Mon 24 Feb 2025 08:53:34 +0000
asID: 207594
IP address blocks: 185.241.238.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 20:24:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4a:51:24:bc:47:60:53:0a:59:f1:91:aa:dc:99:da:99:fc:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Feb 26 08:48:34 2024 GMT
Not After : Feb 24 08:53:34 2025 GMT
Subject: CN=9B8203A67D991A56FB596DA37ABF8C1120833192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:71:71:6f:74:b2:33:7b:df:7b:16:17:65:12:
6f:90:72:8d:dd:50:35:16:63:de:e8:18:43:b2:cb:
af:27:01:2a:02:24:33:7e:90:81:35:da:d3:c5:3c:
b7:c3:f6:65:2b:86:8b:51:ea:19:68:bd:49:04:0a:
17:23:07:14:41:90:3c:b5:88:7d:c5:b0:38:a5:9f:
31:56:0f:d1:3b:b7:07:18:b9:43:13:01:c9:79:a9:
c1:54:f3:eb:5f:1b:a4:d9:b8:66:60:0b:a2:45:c1:
76:34:ad:48:2c:80:92:2b:30:db:8f:2b:4f:0d:0c:
19:f8:66:23:1a:b4:2f:87:56:8b:8c:7c:75:5f:60:
18:c3:7f:8f:d8:20:4d:2f:85:11:00:23:46:48:58:
dc:e4:af:12:2c:6f:54:9b:0f:3d:37:a9:e2:0c:bc:
d5:74:13:86:2b:c7:c6:13:bd:9e:8b:f2:1d:c9:20:
2d:77:f4:63:45:c2:fd:6d:ec:d5:23:d3:5d:7c:d1:
eb:d0:95:70:e5:41:36:3d:59:1c:55:9f:71:70:e9:
96:ca:7d:ac:9d:ec:9a:02:33:a2:85:a3:3e:ca:97:
7e:33:48:67:b3:b4:b3:12:63:59:c1:a1:16:1b:6e:
03:cf:8d:77:d1:d3:8a:ef:12:2d:79:b7:3a:a0:e1:
f1:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:82:03:A6:7D:99:1A:56:FB:59:6D:A3:7A:BF:8C:11:20:83:31:92
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234312e3233382e302f32332d3234203d3e20323037353934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.238.0/23
Signature Algorithm: sha256WithRSAEncryption
74:3f:2e:a7:5f:92:28:89:e5:29:5c:fe:16:47:62:91:32:55:
77:84:ec:70:2e:a4:ff:c7:67:f3:e5:35:3f:29:7a:3e:f4:62:
5f:39:31:c3:eb:7e:08:37:38:47:cc:f9:56:03:c4:02:46:b1:
26:6d:d4:01:47:6f:ad:9b:a6:20:1b:ed:d5:c8:6f:2b:31:00:
d3:1d:d9:55:c1:b1:23:f6:dd:40:0c:bc:51:6a:18:86:64:1e:
18:db:7f:b1:24:5f:2c:bf:b3:bc:03:9d:df:42:35:5c:15:b7:
0f:06:f0:8d:66:8d:2f:8d:5b:c7:94:91:a7:57:77:7c:91:77:
20:b8:81:db:ba:53:8b:cd:2b:a6:c0:3e:cc:19:9e:60:d0:84:
36:c0:a6:6f:44:93:8b:95:d8:b1:2f:bf:e5:29:a1:e8:fe:87:
91:8b:b1:ee:f1:21:3c:97:98:59:72:5f:06:ec:06:11:77:94:
1a:da:6a:4e:2e:d6:d3:11:5a:09:e5:ee:45:d6:51:e6:f3:64:
40:d8:81:0b:4d:50:90:4a:e7:b3:6c:ed:84:3e:e3:50:d0:4b:
e9:5e:0d:4c:29:cd:a2:3f:ed:b1:18:3a:d7:9c:50:c0:bc:a0:
d7:ab:cd:4d:12:e8:c5:73:52:e0:70:48:01:7e:ab:39:d7:ef:
10:cf:bb:8d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUAYtKUSS8R2BTClnxkarcmdqZ/FAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDAyMjYwODQ4MzRaFw0yNTAyMjQwODUzMzRaMDMxMTAvBgNV
BAMTKDlCODIwM0E2N0Q5OTFBNTZGQjU5NkRBMzdBQkY4QzExMjA4MzMxOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6cXFvdLIze997FhdlEm+Qco3d
UDUWY97oGEOyy68nASoCJDN+kIE12tPFPLfD9mUrhotR6hlovUkEChcjBxRBkDy1
iH3FsDilnzFWD9E7twcYuUMTAcl5qcFU8+tfG6TZuGZgC6JFwXY0rUgsgJIrMNuP
K08NDBn4ZiMatC+HVouMfHVfYBjDf4/YIE0vhREAI0ZIWNzkrxIsb1SbDz03qeIM
vNV0E4Yrx8YTvZ6L8h3JIC139GNFwv1t7NUj01180evQlXDlQTY9WRxVn3Fw6ZbK
fayd7JoCM6KFoz7Kl34zSGeztLMSY1nBoRYbbgPPjXfR04rvEi15tzqg4fGNAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUm4IDpn2ZGlb7WW2jer+MESCDMZIwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjM0MzEyZTMy
MzMzODJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMyMzAzNzM1MzkzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAbnx7jANBgkqhkiG9w0BAQsFAAOCAQEAdD8up1+SKInlKVz+FkdikTJVd4Ts
cC6k/8dn8+U1Pyl6PvRiXzkxw+t+CDc4R8z5VgPEAkaxJm3UAUdvrZumIBvt1chv
KzEA0x3ZVcGxI/bdQAy8UWoYhmQeGNt/sSRfLL+zvAOd30I1XBW3DwbwjWaNL41b
x5SRp1d3fJF3ILiB27pTi80rpsA+zBmeYNCENsCmb0STi5XYsS+/5Smh6P6HkYux
7vEhPJeYWXJfBuwGEXeUGtpqTi7W0xFaCeXuRdZR5vNkQNiBC01QkErns2zthD7j
UNBL6V4NTCnNoj/tsRg615xQwLyg16vNTRLoxXNS4HBIAX6rOdfvEM+7jQ==
-----END CERTIFICATE-----
Generated at Wed Jun 26 03:15:00 2024 by rpki-client on console-ams.rpki-client.org