Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203434373731.roa
File: 3138352e3134392e3135332e302f32342d3234203d3e203434373731.roa (raw, json)
Hash identifier: ce0p5l8EbnIlkfTcKoQYlCwW/M5epxY2k2J2uChkpXk=
Subject key identifier: 3D:8D:7F:04:DA:DC:80:AE:E8:F3:80:3E:6D:EA:63:18:F8:D4:3F:36
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 4AF0855B04BA624899C09E8D2D4027D4B1F4A4AB
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203434373731.roa
Signing time: Fri 07 Jun 2024 09:01:54 +0000
ROA not before: Fri 07 Jun 2024 08:56:54 +0000
ROA not after: Fri 06 Jun 2025 09:01:54 +0000
asID: 44771
IP address blocks: 185.149.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:f0:85:5b:04:ba:62:48:99:c0:9e:8d:2d:40:27:d4:b1:f4:a4:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jun 7 08:56:54 2024 GMT
Not After : Jun 6 09:01:54 2025 GMT
Subject: CN=3D8D7F04DADC80AEE8F3803E6DEA6318F8D43F36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8a:94:5e:0f:3c:bb:4b:82:8c:8f:e5:d0:b2:
1d:62:f6:9b:f9:75:76:32:15:d4:2b:7f:ba:49:d1:
e9:2b:af:7a:bf:5b:ab:cd:07:fc:cf:82:9e:e2:93:
36:88:4c:76:aa:e4:1f:5f:e6:ba:de:02:89:62:27:
f6:a9:58:99:2a:60:74:81:a2:c8:e8:ab:36:ff:3d:
41:67:44:44:64:37:4a:0b:d5:f4:d3:8e:3e:24:f5:
00:67:de:a5:29:81:41:03:78:78:3c:8e:3b:9e:69:
d7:c2:ab:c3:20:7a:b9:2f:bd:32:62:51:fd:a2:f8:
be:e3:38:5f:a5:11:28:92:5b:9e:07:17:3a:24:cc:
4d:9c:58:b0:bd:d6:39:8f:ed:62:94:75:f8:2a:e7:
84:88:b8:d1:30:d7:0b:b5:b5:1e:7b:5a:30:34:d6:
cf:e5:ce:f2:98:0d:cf:ad:68:33:c1:0e:26:ee:0d:
93:21:84:4f:bc:25:d1:1b:19:51:80:12:7d:cf:92:
a6:1f:98:fb:10:e3:de:98:e0:dd:28:17:ea:ff:2b:
ee:13:b2:03:f0:11:1a:03:9a:3b:40:63:44:d1:6c:
16:0e:af:cc:77:73:52:39:03:4a:cd:8f:ff:8c:16:
58:3c:ed:8b:65:f5:6d:f6:09:bb:3f:07:be:1c:93:
b2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8D:7F:04:DA:DC:80:AE:E8:F3:80:3E:6D:EA:63:18:F8:D4:3F:36
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203434373731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.153.0/24
Signature Algorithm: sha256WithRSAEncryption
62:81:a0:20:c6:ed:2c:34:26:b6:3e:d5:86:e2:aa:da:bc:7e:
00:5b:ea:1d:c0:05:17:04:41:3e:54:d1:17:cc:ce:8b:63:73:
24:4f:6d:17:99:41:da:29:86:f9:37:13:14:f3:d2:9d:98:de:
42:b9:fe:aa:88:29:63:86:79:3d:33:1f:1a:20:84:76:8c:d4:
23:c8:8a:96:e8:ab:9a:dd:e3:ac:e0:1a:89:93:05:72:3b:62:
16:fb:75:fb:0e:b0:a9:8a:a3:c2:ff:4e:26:a7:df:b2:74:92:
ea:0b:d7:ba:a1:b0:29:a6:c3:1d:8b:9f:4e:0b:2b:dd:b7:44:
97:7a:a7:30:19:d5:0e:46:93:82:56:c8:d6:82:18:33:b4:9e:
be:d4:b7:ee:10:ad:52:ff:f5:1f:0e:45:88:55:64:ab:5f:e0:
e5:48:b8:1e:e9:56:9c:5f:4a:3d:51:3a:41:5a:5d:af:ac:47:
39:a8:24:5f:18:6c:12:8e:aa:8e:3a:d5:c1:8e:a4:5e:dd:6e:
dc:a2:54:4a:0c:ef:56:38:49:cf:30:9f:e2:99:7c:b4:d6:0c:
98:2e:19:3d:dc:e2:1c:2a:71:8a:9b:c9:1a:e4:73:de:2b:4d:
f0:e2:97:bd:ae:a4:93:65:4b:a0:d9:d7:73:4f:c1:08:49:3a:
4b:f3:45:28
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSvCFWwS6YkiZwJ6NLUAn1LH0pKswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNDA2MDcwODU2NTRaFw0yNTA2MDYwOTAxNTRaMDMxMTAvBgNV
BAMTKDNEOEQ3RjA0REFEQzgwQUVFOEYzODAzRTZERUE2MzE4RjhENDNGMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFipReDzy7S4KMj+XQsh1i9pv5
dXYyFdQrf7pJ0ekrr3q/W6vNB/zPgp7ikzaITHaq5B9f5rreAoliJ/apWJkqYHSB
osjoqzb/PUFnRERkN0oL1fTTjj4k9QBn3qUpgUEDeHg8jjueadfCq8MgerkvvTJi
Uf2i+L7jOF+lESiSW54HFzokzE2cWLC91jmP7WKUdfgq54SIuNEw1wu1tR57WjA0
1s/lzvKYDc+taDPBDibuDZMhhE+8JdEbGVGAEn3PkqYfmPsQ496Y4N0oF+r/K+4T
sgPwERoDmjtAY0TRbBYOr8x3c1I5A0rNj/+MFlg87Ytl9W32Cbs/B74ck7L1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPY1/BNrcgK7o84A+bepjGPjUPzYwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzEzODM1MmUzMTM0MzkyZTMx
MzUzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzQzNzM3MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5lZkwDQYJKoZIhvcNAQELBQADggEBAGKBoCDG7Sw0JrY+1Ybiqtq8fgBb6h3A
BRcEQT5U0RfMzotjcyRPbReZQdophvk3ExTz0p2Y3kK5/qqIKWOGeT0zHxoghHaM
1CPIipboq5rd46zgGomTBXI7Yhb7dfsOsKmKo8L/Tian37J0kuoL17qhsCmmwx2L
n04LK923RJd6pzAZ1Q5Gk4JWyNaCGDO0nr7Ut+4QrVL/9R8ORYhVZKtf4OVIuB7p
VpxfSj1ROkFaXa+sRzmoJF8YbBKOqo461cGOpF7dbtyiVEoM71Y4Sc8wn+KZfLTW
DJguGT3c4hwqcYqbyRrkc94rTfDil72upJNlS6DZ13NPwQhJOkvzRSg=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:50 2024 by rpki-client on console-fra.rpki-client.org