Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3137362e3232372e3234332e302f32342d3234203d3e20313437303439.roa
File: 3137362e3232372e3234332e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: oEe82j3NF72Mig8Ld4BlpMXRmpqR9ZMRvl6gPw9q2cU=
Subject key identifier: 44:18:79:0F:71:8F:F9:9E:3B:88:A4:B9:53:9C:54:0B:95:17:ED:7D
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 721FB55C2B83290CBED6C38CB12C40534629717C
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3137362e3232372e3234332e302f32342d3234203d3e20313437303439.roa
Signing time: Mon 26 Feb 2024 08:53:42 +0000
ROA not before: Mon 26 Feb 2024 08:48:42 +0000
ROA not after: Mon 24 Feb 2025 08:53:42 +0000
asID: 147049
IP address blocks: 176.227.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:1f:b5:5c:2b:83:29:0c:be:d6:c3:8c:b1:2c:40:53:46:29:71:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Feb 26 08:48:42 2024 GMT
Not After : Feb 24 08:53:42 2025 GMT
Subject: CN=4418790F718FF99E3B88A4B9539C540B9517ED7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ae:0b:6f:7b:b4:90:2e:9e:ae:e9:15:a4:1b:
33:60:54:09:93:9f:ab:6f:33:2d:3a:2e:5b:d3:0f:
69:62:a2:ab:fe:c9:ad:14:3a:bd:82:ee:79:2f:a6:
a1:cc:e2:f7:2f:0d:8f:dd:b4:8e:6e:e2:c2:7a:2e:
a0:d3:1b:26:36:03:6f:d2:b7:79:45:74:e9:45:d1:
c2:03:bc:d8:40:73:8f:d0:35:ca:56:a7:d7:0f:88:
ef:9b:ce:c8:df:b5:5f:6e:6c:58:a3:7d:29:8c:a8:
99:10:b7:1c:42:95:21:bc:cb:d8:bf:ac:28:5b:61:
09:3c:9a:25:16:66:08:0c:e6:51:f3:fa:65:12:e8:
5c:92:d0:7b:31:84:2e:45:0c:e2:28:6d:24:bf:1f:
08:63:70:2c:4d:56:2b:a0:f4:b9:23:1a:f6:ff:e5:
3d:fa:bc:3d:15:8f:c7:24:bc:28:5e:f9:0a:7f:13:
58:5e:64:b2:a1:8f:97:00:fd:18:63:a4:de:3a:17:
fa:34:22:97:28:f8:d1:91:b3:3e:3b:91:ac:7e:fe:
17:24:e0:18:e6:32:8a:7f:21:9d:e5:18:43:05:4e:
96:48:21:06:18:3a:f3:8d:1c:6e:87:0a:eb:62:25:
5c:3a:22:82:92:82:92:3e:fb:6f:c2:68:d5:37:4c:
84:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:18:79:0F:71:8F:F9:9E:3B:88:A4:B9:53:9C:54:0B:95:17:ED:7D
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3137362e3232372e3234332e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.227.243.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:b6:03:1b:e3:a4:bf:52:61:74:36:18:3b:ed:f2:50:f8:9e:
7d:18:37:81:c9:a2:0c:3d:0e:72:0d:ac:14:40:ac:d5:93:cb:
e5:f9:78:32:88:d0:db:95:6b:ee:e7:8c:fe:b4:88:67:40:44:
70:fc:20:d9:39:d4:9e:7e:a0:0a:56:d6:ed:5e:33:db:97:88:
23:a4:da:70:1d:0f:d1:9c:25:b6:d0:da:07:a1:33:76:c3:52:
12:11:1e:b0:39:86:0e:99:73:18:b9:c6:8a:01:06:0f:7b:dd:
dc:7d:84:69:ad:58:7b:a5:57:56:92:6a:4c:a3:93:93:7c:58:
4b:4a:e6:53:79:8b:15:c6:45:f2:86:4e:23:b7:e0:20:e5:05:
1d:e0:38:b5:eb:66:a1:43:ba:24:b6:cf:79:ed:a2:30:f1:03:
e1:8e:f5:d9:79:78:9d:79:50:05:69:7e:af:e1:ad:8f:b1:89:
37:d7:8e:5f:a8:bc:db:53:ff:39:8a:79:77:10:d2:5b:97:08:
7b:96:73:8f:a2:5b:4e:67:f0:13:03:01:1c:38:17:1c:7c:cf:
f5:bd:0b:d0:ec:fb:ba:e7:82:27:11:a0:fe:2b:65:71:f4:7c:
7c:03:d4:d4:46:c2:a0:37:8f:6c:ae:4e:09:50:f6:a1:aa:f5:
83:70:76:5f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUch+1XCuDKQy+1sOMsSxAU0YpcXwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDAyMjYwODQ4NDJaFw0yNTAyMjQwODUzNDJaMDMxMTAvBgNV
BAMTKDQ0MTg3OTBGNzE4RkY5OUUzQjg4QTRCOTUzOUM1NDBCOTUxN0VEN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDArgtve7SQLp6u6RWkGzNgVAmT
n6tvMy06LlvTD2lioqv+ya0UOr2C7nkvpqHM4vcvDY/dtI5u4sJ6LqDTGyY2A2/S
t3lFdOlF0cIDvNhAc4/QNcpWp9cPiO+bzsjftV9ubFijfSmMqJkQtxxClSG8y9i/
rChbYQk8miUWZggM5lHz+mUS6FyS0HsxhC5FDOIobSS/HwhjcCxNViug9LkjGvb/
5T36vD0Vj8ckvChe+Qp/E1heZLKhj5cA/RhjpN46F/o0Ipco+NGRsz47kax+/hck
4BjmMop/IZ3lGEMFTpZIIQYYOvONHG6HCutiJVw6IoKSgpI++2/CaNU3TISfAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQURBh5D3GP+Z47iKS5U5xUC5UX7X0wHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzNzM2MmUzMjMyMzcyZTMy
MzQzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNzMwMzQzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALDj8zANBgkqhkiG9w0BAQsFAAOCAQEAOrYDG+Okv1JhdDYYO+3yUPiefRg3
gcmiDD0Ocg2sFECs1ZPL5fl4MojQ25Vr7ueM/rSIZ0BEcPwg2TnUnn6gClbW7V4z
25eII6TacB0P0ZwlttDaB6EzdsNSEhEesDmGDplzGLnGigEGD3vd3H2Eaa1Ye6VX
VpJqTKOTk3xYS0rmU3mLFcZF8oZOI7fgIOUFHeA4tetmoUO6JLbPee2iMPED4Y71
2Xl4nXlQBWl+r+Gtj7GJN9eOX6i821P/OYp5dxDSW5cIe5Zzj6JbTmfwEwMBHDgX
HHzP9b0L0Oz7uueCJxGg/itlcfR8fAPU1EbCoDePbK5OCVD2oar1g3B2Xw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 10:22:32 2024 by rpki-client on console-ams.rpki-client.org