Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231322e302f32342d3234203d3e20313430363431.roa
File: 3138352e3130302e3231322e302f32342d3234203d3e20313430363431.roa (raw, json)
Hash identifier: sEfzhvTJvUkL/Zg7p/Nfcmm04vz4j+KVcFMdT49kzKs=
Subject key identifier: 91:60:CC:68:16:55:AD:FB:F8:BC:51:11:FB:14:6D:47:85:78:12:73
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 2C90356C4BF399C64E71C509A0E2FFFDE2DDE138
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231322e302f32342d3234203d3e20313430363431.roa
Signing time: Wed 09 Oct 2024 09:43:23 +0000
ROA not before: Wed 09 Oct 2024 09:38:23 +0000
ROA not after: Wed 08 Oct 2025 09:43:23 +0000
asID: 140641
IP address blocks: 185.100.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:90:35:6c:4b:f3:99:c6:4e:71:c5:09:a0:e2:ff:fd:e2:dd:e1:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:23 2024 GMT
Not After : Oct 8 09:43:23 2025 GMT
Subject: CN=9160CC681655ADFBF8BC5111FB146D4785781273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:42:63:bc:19:11:73:4f:e8:a2:8c:1c:46:6c:
90:1d:76:71:0d:71:a2:d3:ca:c6:fa:83:7c:55:c3:
3f:a9:62:a2:5a:db:02:a4:0e:05:d0:64:5b:d7:40:
99:49:5c:7d:24:70:49:76:d2:ce:0c:2a:56:c8:d2:
d3:c9:e5:32:7b:3c:d1:7f:77:fe:4a:d0:b9:51:fd:
66:82:73:dd:67:80:ec:51:d1:bf:9e:58:4d:a9:3e:
56:3e:69:00:5b:9e:ea:0d:e1:8b:da:a3:05:a4:55:
53:94:62:02:e1:b5:79:77:5a:c2:87:ef:07:ad:27:
6c:91:33:e9:98:24:36:11:9e:9a:e0:e7:6b:fe:bf:
a4:21:a8:af:5f:6b:5a:18:45:ba:5c:c2:5a:f8:d6:
c6:34:de:ba:b2:37:8f:cc:0b:ed:a3:2c:d8:5d:80:
95:72:55:ef:b4:eb:42:7a:bf:40:f8:3d:8e:da:42:
0d:e0:be:e0:b6:c0:39:16:81:10:37:86:f2:4b:04:
8c:ef:54:b3:c5:36:78:9e:ef:2f:db:38:47:7e:3b:
b1:b8:cc:56:4a:82:c7:7c:aa:16:f4:91:e8:83:5e:
24:d3:db:f1:07:c8:ed:83:85:74:14:94:4c:4e:76:
5c:1e:be:69:46:44:df:91:5b:15:d3:04:36:6c:8c:
61:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:60:CC:68:16:55:AD:FB:F8:BC:51:11:FB:14:6D:47:85:78:12:73
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231322e302f32342d3234203d3e20313430363431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.212.0/24
Signature Algorithm: sha256WithRSAEncryption
50:82:1d:b1:74:4c:e7:fc:ef:89:a9:95:72:39:8e:c8:af:c7:
08:74:82:ee:53:82:33:c1:28:8d:c5:a9:67:1e:6d:94:31:27:
2a:2b:cc:98:f6:2f:52:f9:9a:b1:bf:e8:f1:d2:1f:b5:f5:f5:
32:85:78:f3:9a:4c:37:99:1b:c0:40:ff:1a:10:d7:73:aa:22:
c5:b2:db:fa:42:17:7c:2d:62:61:7e:87:d4:68:4d:ea:54:15:
b4:e6:f4:2f:a6:c1:19:a2:e3:35:17:e2:54:c9:d7:dd:5b:7d:
ba:85:c8:00:e0:70:97:e0:7f:86:1a:e3:fb:d7:af:39:26:8e:
39:f4:23:16:21:75:ce:0a:6e:cf:75:54:35:47:a3:c2:09:48:
fe:19:4b:a8:28:3a:10:95:f5:b0:80:32:2f:07:a0:5f:26:ab:
30:22:dd:4c:01:ed:34:13:28:b8:2b:c9:02:bb:9a:9f:dd:22:
b1:34:4f:ac:22:cf:e2:54:29:1d:c1:c6:72:9e:26:4b:37:b1:
51:eb:ae:23:b6:57:4a:63:41:93:fb:08:61:30:7a:e3:2d:01:
a7:2c:2d:f7:25:f1:5a:2a:4c:74:45:7d:71:78:98:aa:51:f8:
58:82:72:b6:80:f3:70:f9:45:eb:61:aa:07:30:ff:3e:02:02:
d1:d8:55:f7
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIULJA1bEvzmcZOccUJoOL//eLd4TgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjNaFw0yNTEwMDgwOTQzMjNaMDMxMTAvBgNV
BAMTKDkxNjBDQzY4MTY1NUFERkJGOEJDNTExMUZCMTQ2RDQ3ODU3ODEyNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkQmO8GRFzT+iijBxGbJAddnEN
caLTysb6g3xVwz+pYqJa2wKkDgXQZFvXQJlJXH0kcEl20s4MKlbI0tPJ5TJ7PNF/
d/5K0LlR/WaCc91ngOxR0b+eWE2pPlY+aQBbnuoN4YvaowWkVVOUYgLhtXl3WsKH
7wetJ2yRM+mYJDYRnprg52v+v6QhqK9fa1oYRbpcwlr41sY03rqyN4/MC+2jLNhd
gJVyVe+060J6v0D4PY7aQg3gvuC2wDkWgRA3hvJLBIzvVLPFNnie7y/bOEd+O7G4
zFZKgsd8qhb0keiDXiTT2/EHyO2DhXQUlExOdlwevmlGRN+RWxXTBDZsjGEpAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUkWDMaBZVrfv4vFER+xRtR4V4EnMwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzMTMwMzAyZTMy
MzEzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzMDM2MzQzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALlk1DANBgkqhkiG9w0BAQsFAAOCAQEAUIIdsXRM5/zviamVcjmOyK/HCHSC
7lOCM8EojcWpZx5tlDEnKivMmPYvUvmasb/o8dIftfX1MoV485pMN5kbwED/GhDX
c6oixbLb+kIXfC1iYX6H1GhN6lQVtOb0L6bBGaLjNRfiVMnX3Vt9uoXIAOBwl+B/
hhrj+9evOSaOOfQjFiF1zgpuz3VUNUejwglI/hlLqCg6EJX1sIAyLwegXyarMCLd
TAHtNBMouCvJAruan90isTRPrCLP4lQpHcHGcp4mSzexUeuuI7ZXSmNBk/sIYTB6
4y0Bpywt9yXxWipMdEV9cXiYqlH4WIJytoDzcPlF62GqBzD/PgIC0dhV9w==
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org