Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231332e302f32342d3234203d3e20323038393439.roa
File: 3138352e3130302e3231332e302f32342d3234203d3e20323038393439.roa (raw, json)
Hash identifier: cLG8uW5Qw50EcOkRZ1O1FWGPojv+f/jMIbBXpQDAaxQ=
Subject key identifier: FD:C5:B5:64:CD:AC:DB:C1:41:94:D0:3F:09:58:DB:5C:43:45:C2:E3
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 789F34ED54A523582ADB664DAB20EACB9BC7274D
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231332e302f32342d3234203d3e20323038393439.roa
Signing time: Wed 09 Oct 2024 09:43:25 +0000
ROA not before: Wed 09 Oct 2024 09:38:25 +0000
ROA not after: Wed 08 Oct 2025 09:43:25 +0000
asID: 208949
IP address blocks: 185.100.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:9f:34:ed:54:a5:23:58:2a:db:66:4d:ab:20:ea:cb:9b:c7:27:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:25 2024 GMT
Not After : Oct 8 09:43:25 2025 GMT
Subject: CN=FDC5B564CDACDBC14194D03F0958DB5C4345C2E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:37:58:2f:9a:5b:91:13:43:d5:fb:50:73:73:
64:49:b7:0c:ed:c8:58:6e:1e:28:85:79:b3:dd:21:
1b:58:01:04:33:21:73:60:0f:d4:d8:33:b6:00:22:
f5:ae:ce:84:d6:06:b3:d5:3e:a4:b7:c4:ab:00:e8:
f8:39:34:14:4e:4f:dc:1d:21:44:ce:ba:22:ae:fa:
e3:e5:d6:f3:1e:cc:6b:a0:55:fe:05:b4:df:fe:b5:
c3:b5:41:94:8a:8b:05:12:22:e0:1c:8f:02:7c:87:
f5:d2:af:ac:39:6e:ae:b2:cc:1c:6e:2c:f5:2a:6b:
89:5d:fa:e3:d5:b7:c1:cd:fe:02:85:a7:2f:3b:5b:
12:b5:0a:ab:91:c1:00:77:29:78:86:7c:1f:fd:92:
28:53:98:de:9e:df:18:18:12:28:94:74:c5:ce:e0:
73:ac:76:53:13:d2:d9:92:47:be:5f:ff:a9:9e:07:
50:63:3f:3e:fc:a6:e6:27:49:65:d5:10:c6:d2:dc:
03:3a:17:e7:1b:b1:de:4d:81:5f:a5:fe:93:13:3f:
38:2e:e8:c6:69:fa:38:b0:5d:40:67:96:de:05:05:
ac:eb:b4:42:94:c6:98:a0:18:ed:e3:64:92:b7:ce:
98:20:72:97:cc:55:c8:52:b6:e9:cc:b8:61:9d:b4:
50:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:C5:B5:64:CD:AC:DB:C1:41:94:D0:3F:09:58:DB:5C:43:45:C2:E3
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231332e302f32342d3234203d3e20323038393439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.213.0/24
Signature Algorithm: sha256WithRSAEncryption
52:ab:fd:3a:1b:5e:5e:72:e1:48:69:22:a1:d0:2a:a2:a0:40:
b5:01:fc:84:67:8b:57:fd:7e:b8:69:5a:f0:ef:e6:c8:96:e4:
9a:8b:01:dc:b8:b9:a3:83:73:04:be:0e:f5:2b:2d:1d:f0:9f:
f2:fb:3f:cc:67:e7:f0:a7:fa:87:0e:74:4e:7e:14:a5:35:a6:
d4:31:bf:1d:5e:03:f5:9a:d8:ed:d1:b2:a0:01:73:fa:f5:4d:
62:dd:2a:aa:18:25:b6:67:c6:9d:f8:28:18:90:3b:cd:8b:ac:
27:2a:7a:5d:14:d3:e6:cc:0f:71:b3:ca:af:25:cd:9d:28:70:
df:0c:b3:91:d8:60:cf:c1:10:fd:5f:47:13:7b:ee:c2:7c:47:
9f:25:d0:af:26:2c:bf:98:dc:24:19:19:27:f6:80:2d:52:f6:
a2:fc:e1:12:65:5b:da:6c:28:c9:41:59:5e:a3:21:8d:0f:d4:
24:3c:1d:05:7e:6c:7a:9a:53:cd:93:d2:65:a7:e3:5d:cb:1a:
98:8a:a6:bc:8e:84:cd:37:07:6b:9d:d2:b6:38:50:04:a9:e8:
93:15:94:4a:cd:d2:20:9e:90:ee:b6:9b:fb:ee:2e:7f:d9:d7:
df:cd:ea:f1:2d:fb:2c:1d:b2:9b:79:2b:04:57:5f:8a:d5:b1:
18:86:e7:84
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUeJ807VSlI1gq22ZNqyDqy5vHJ00wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjVaFw0yNTEwMDgwOTQzMjVaMDMxMTAvBgNV
BAMTKEZEQzVCNTY0Q0RBQ0RCQzE0MTk0RDAzRjA5NThEQjVDNDM0NUMyRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqN1gvmluRE0PV+1Bzc2RJtwzt
yFhuHiiFebPdIRtYAQQzIXNgD9TYM7YAIvWuzoTWBrPVPqS3xKsA6Pg5NBROT9wd
IUTOuiKu+uPl1vMezGugVf4FtN/+tcO1QZSKiwUSIuAcjwJ8h/XSr6w5bq6yzBxu
LPUqa4ld+uPVt8HN/gKFpy87WxK1CquRwQB3KXiGfB/9kihTmN6e3xgYEiiUdMXO
4HOsdlMT0tmSR75f/6meB1BjPz78puYnSWXVEMbS3AM6F+cbsd5NgV+l/pMTPzgu
6MZp+jiwXUBnlt4FBazrtEKUxpigGO3jZJK3zpggcpfMVchStunMuGGdtFDVAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU/cW1ZM2s28FBlNA/CVjbXENFwuMwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzMTMwMzAyZTMy
MzEzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzODM5MzQzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALlk1TANBgkqhkiG9w0BAQsFAAOCAQEAUqv9OhteXnLhSGkiodAqoqBAtQH8
hGeLV/1+uGla8O/myJbkmosB3Li5o4NzBL4O9SstHfCf8vs/zGfn8Kf6hw50Tn4U
pTWm1DG/HV4D9ZrY7dGyoAFz+vVNYt0qqhgltmfGnfgoGJA7zYusJyp6XRTT5swP
cbPKryXNnShw3wyzkdhgz8EQ/V9HE3vuwnxHnyXQryYsv5jcJBkZJ/aALVL2ovzh
EmVb2mwoyUFZXqMhjQ/UJDwdBX5seppTzZPSZafjXcsamIqmvI6EzTcHa53StjhQ
BKnokxWUSs3SIJ6Q7rab++4uf9nX383q8S37LB2ym3krBFdfitWxGIbnhA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:14:19 2024 by rpki-client on console-ams.rpki-client.org