Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3133312e302f32342d3234203d3e203135343139.roa
File: 38322e3134302e3133312e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: qupft+yfIDkLB2YnMTYFZT4P6Bv9II0x6lbxw2SsutA=
Subject key identifier: 18:7F:C1:57:3C:09:FB:E2:0D:8D:30:8A:64:FD:4D:71:51:16:B3:2C
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 282607C983A233ABDA7453B5EBE896711852F972
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3133312e302f32342d3234203d3e203135343139.roa
Signing time: Fri 07 Jun 2024 09:01:52 +0000
ROA not before: Fri 07 Jun 2024 08:56:52 +0000
ROA not after: Fri 06 Jun 2025 09:01:52 +0000
asID: 15419
IP address blocks: 82.140.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:26:07:c9:83:a2:33:ab:da:74:53:b5:eb:e8:96:71:18:52:f9:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jun 7 08:56:52 2024 GMT
Not After : Jun 6 09:01:52 2025 GMT
Subject: CN=187FC1573C09FBE20D8D308A64FD4D715116B32C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:8e:3d:b1:c3:5f:2e:0f:ba:92:21:90:1b:3f:
8a:e4:cb:dd:d1:f4:bb:64:e6:44:cb:ff:52:2f:0d:
87:de:7e:79:45:f1:82:d2:78:9f:89:5f:b0:4f:e0:
26:8d:fd:b7:61:9e:37:15:d8:36:a5:d3:e0:6e:c5:
9b:4b:f9:ed:12:91:2c:d5:27:dd:53:3f:59:c6:38:
88:d2:48:93:4b:dc:5b:0d:69:d5:37:39:4e:ef:f0:
0d:3f:87:47:cb:ce:82:a7:c1:16:6e:39:a3:85:48:
03:e5:99:9d:09:03:da:c9:e2:75:3a:94:2e:fd:8c:
1c:80:a5:c3:78:ce:64:13:be:4d:d4:1d:93:ce:45:
fa:8f:ab:62:f3:f3:f6:1e:51:99:92:81:53:17:b5:
a8:eb:bd:2c:6b:c0:4e:40:70:a2:cd:d2:66:6f:a2:
f3:18:ac:8b:b1:42:91:59:61:c2:26:9f:15:f5:ab:
62:f2:6e:e2:d7:28:1c:20:b1:9f:c3:f8:ec:04:e7:
42:de:3e:eb:42:8d:7b:32:40:59:18:92:7e:a4:f9:
07:f0:1b:2d:eb:8a:93:4a:60:3f:34:31:7d:bb:29:
62:84:10:3f:45:49:cb:ea:4e:b1:7d:9d:9a:ee:c8:
9f:3c:63:b3:44:1e:e4:56:c8:37:3f:09:2d:a1:04:
95:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:7F:C1:57:3C:09:FB:E2:0D:8D:30:8A:64:FD:4D:71:51:16:B3:2C
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3133312e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.131.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:2c:31:f5:b2:ec:fc:63:98:87:de:63:09:31:62:bd:33:db:
4f:de:9f:7a:43:0e:25:07:ea:80:1c:6e:dc:44:9a:78:fe:b9:
06:ec:8d:2d:49:b8:ad:c2:77:71:cc:49:e6:45:a1:5f:42:ea:
69:14:8d:03:d1:c1:b2:07:02:2b:51:d6:50:ab:54:0c:74:6e:
e2:84:4e:cd:15:93:08:69:33:50:31:57:83:56:b5:76:fa:12:
62:0b:b2:a0:e6:45:8e:df:15:0c:4d:36:e9:d2:6c:2f:6d:8d:
84:21:54:f6:a0:09:eb:15:cb:1f:a6:ae:e1:71:f8:57:e0:d5:
73:e7:4f:cc:bb:0b:ee:65:fe:f5:44:18:6e:84:03:09:4e:45:
ec:e8:f8:dd:02:e7:21:45:ff:5f:de:25:9b:63:23:d8:47:c3:
eb:a4:6b:db:47:3b:93:b1:58:b1:5f:c2:61:c8:0a:49:59:94:
19:10:34:fb:25:0d:a9:5f:f6:56:6d:44:6a:d8:42:95:72:2c:
58:fb:11:62:da:9b:dd:08:7a:f4:fb:37:6b:b6:49:02:bc:e6:
ca:ee:b5:42:df:14:7d:54:84:e7:a3:e6:32:1a:1d:ba:02:fa:
a5:2d:b4:ec:7a:06:77:50:f3:67:3e:85:e6:24:12:d7:8c:16:
b9:32:95:80
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKCYHyYOiM6vadFO16+iWcRhS+XIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNDA2MDcwODU2NTJaFw0yNTA2MDYwOTAxNTJaMDMxMTAvBgNV
BAMTKDE4N0ZDMTU3M0MwOUZCRTIwRDhEMzA4QTY0RkQ0RDcxNTExNkIzMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhjj2xw18uD7qSIZAbP4rky93R
9Ltk5kTL/1IvDYfefnlF8YLSeJ+JX7BP4CaN/bdhnjcV2Dal0+BuxZtL+e0SkSzV
J91TP1nGOIjSSJNL3FsNadU3OU7v8A0/h0fLzoKnwRZuOaOFSAPlmZ0JA9rJ4nU6
lC79jByApcN4zmQTvk3UHZPORfqPq2Lz8/YeUZmSgVMXtajrvSxrwE5AcKLN0mZv
ovMYrIuxQpFZYcImnxX1q2LybuLXKBwgsZ/D+OwE50LePutCjXsyQFkYkn6k+Qfw
Gy3ripNKYD80MX27KWKEED9FScvqTrF9nZruyJ88Y7NEHuRWyDc/CS2hBJXVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUGH/BVzwJ++INjTCKZP1NcVEWsywwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzMjJlMzEzNDMwMmUzMTMz
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzQzMTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UoyDMA0GCSqGSIb3DQEBCwUAA4IBAQBfLDH1suz8Y5iH3mMJMWK9M9tP3p96Qw4l
B+qAHG7cRJp4/rkG7I0tSbitwndxzEnmRaFfQuppFI0D0cGyBwIrUdZQq1QMdG7i
hE7NFZMIaTNQMVeDVrV2+hJiC7Kg5kWO3xUMTTbp0mwvbY2EIVT2oAnrFcsfpq7h
cfhX4NVz50/MuwvuZf71RBhuhAMJTkXs6PjdAuchRf9f3iWbYyPYR8PrpGvbRzuT
sVixX8JhyApJWZQZEDT7JQ2pX/ZWbURq2EKVcixY+xFi2pvdCHr0+zdrtkkCvObK
7rVC3xR9VITno+YyGh26AvqlLbTsegZ3UPNnPoXmJBLXjBa5MpWA
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:50 2024 by rpki-client on console-fra.rpki-client.org