Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231342e302f32342d3234203d3e20323135313031.roa
File: 3138352e3130302e3231342e302f32342d3234203d3e20323135313031.roa (raw, json)
Hash identifier: gCEeGEqw3PIt2eeK9cWpDuswsNdlKxbCQDVBUkF8QRM=
Subject key identifier: 43:97:DE:D1:7A:F9:75:F0:00:19:B2:21:C5:5D:8B:5D:B8:C8:FB:AD
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 4BC4AB7FC69269086826A5DE654D378D9F4F9334
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231342e302f32342d3234203d3e20323135313031.roa
Signing time: Fri 19 Apr 2024 07:44:09 +0000
ROA not before: Fri 19 Apr 2024 07:39:09 +0000
ROA not after: Fri 18 Apr 2025 07:44:09 +0000
asID: 215101
IP address blocks: 185.100.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:c4:ab:7f:c6:92:69:08:68:26:a5:de:65:4d:37:8d:9f:4f:93:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Apr 19 07:39:09 2024 GMT
Not After : Apr 18 07:44:09 2025 GMT
Subject: CN=4397DED17AF975F00019B221C55D8B5DB8C8FBAD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8c:2b:79:05:de:ea:bb:6d:7c:2e:9e:f7:31:
04:f8:ef:08:9e:1c:6d:a4:54:23:04:6b:52:5b:06:
23:6e:5f:4a:78:c4:54:a7:03:6f:24:c0:68:3c:e1:
c9:0f:bb:a3:65:43:a7:87:a0:5d:8f:a4:0e:f2:30:
14:a9:5f:da:9b:ea:e5:ef:74:2c:44:db:e3:34:64:
02:b1:cd:05:c5:1d:27:e6:77:be:87:3b:d0:cb:e4:
e5:60:0e:b4:f2:0d:d2:09:05:e9:e6:92:9e:ae:07:
4c:5f:8b:99:d5:80:09:a1:fd:43:e7:89:f3:e6:15:
7a:24:78:ae:cf:81:d8:77:73:87:f8:54:52:f6:0d:
af:22:da:4d:e0:4d:13:e1:48:b7:ce:28:b4:a0:c7:
3f:49:cd:4e:ad:50:cd:4e:5c:54:34:49:e8:dd:eb:
b2:2b:3e:f8:8f:7f:fa:4d:fc:cc:ca:b4:b9:e8:f4:
24:af:33:83:4c:bc:fd:04:d6:1a:c3:3c:ac:d9:83:
89:51:62:4f:16:23:fa:55:54:b9:74:c9:dd:c7:c5:
a5:64:a7:d4:ae:6b:55:b1:ca:55:db:ca:3a:64:c1:
c0:25:51:c9:c1:90:51:27:b4:2b:9a:1d:e7:78:50:
b0:e4:b3:51:82:48:7f:c1:69:f8:ce:f8:d0:53:cb:
15:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:97:DE:D1:7A:F9:75:F0:00:19:B2:21:C5:5D:8B:5D:B8:C8:FB:AD
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231342e302f32342d3234203d3e20323135313031.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.214.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:5a:0d:f3:21:40:ed:ac:1c:d9:f5:7e:d2:07:92:11:dc:5c:
d2:38:81:c2:f1:ed:ca:6b:04:45:fc:0a:cb:30:62:68:2a:fe:
05:c5:17:1d:6f:dc:ad:17:a2:38:fe:59:62:d6:5a:cf:c5:5e:
90:dc:05:44:39:d3:33:e4:f7:e9:55:22:05:81:5f:46:df:68:
0f:82:e2:b0:71:ef:c7:dc:99:14:de:5a:ac:ee:a7:18:9f:42:
e3:d5:ac:27:b3:10:55:07:8a:8f:74:df:fb:64:c6:cb:a5:be:
39:89:f3:d6:34:ed:13:ad:9d:4a:fc:bc:80:6a:51:6e:e9:cb:
07:03:84:9b:d4:3c:50:2b:2d:12:e0:cf:32:50:6a:38:c1:c5:
37:aa:6b:78:5f:4c:00:35:07:8d:46:e3:1c:e9:e5:f2:f0:1b:
ee:6f:e2:25:b2:c6:45:6e:64:5f:3c:f3:62:c4:83:8b:82:28:
1c:27:c4:74:ec:c8:68:84:dc:af:da:25:c0:b6:74:08:b8:98:
46:7f:52:41:61:80:80:25:8f:b4:fb:d1:1b:fe:0a:5e:cf:bf:
3e:88:53:28:15:67:fa:ff:e7:b1:01:df:45:fa:7a:70:0b:66:
77:7a:69:be:53:e3:51:f9:d0:5d:df:60:5f:67:91:00:9c:93:
4a:99:26:6f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUS8Srf8aSaQhoJqXeZU03jZ9PkzQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDA0MTkwNzM5MDlaFw0yNTA0MTgwNzQ0MDlaMDMxMTAvBgNV
BAMTKDQzOTdERUQxN0FGOTc1RjAwMDE5QjIyMUM1NUQ4QjVEQjhDOEZCQUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChjCt5Bd7qu218Lp73MQT47wie
HG2kVCMEa1JbBiNuX0p4xFSnA28kwGg84ckPu6NlQ6eHoF2PpA7yMBSpX9qb6uXv
dCxE2+M0ZAKxzQXFHSfmd76HO9DL5OVgDrTyDdIJBenmkp6uB0xfi5nVgAmh/UPn
ifPmFXokeK7Pgdh3c4f4VFL2Da8i2k3gTRPhSLfOKLSgxz9JzU6tUM1OXFQ0Sejd
67IrPviPf/pN/MzKtLno9CSvM4NMvP0E1hrDPKzZg4lRYk8WI/pVVLl0yd3HxaVk
p9Sua1WxylXbyjpkwcAlUcnBkFEntCuaHed4ULDks1GCSH/BafjO+NBTyxUJAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUQ5fe0Xr5dfAAGbIhxV2LXbjI+60wHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzMTMwMzAyZTMy
MzEzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTMxMzAzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALlk1jANBgkqhkiG9w0BAQsFAAOCAQEAG1oN8yFA7awc2fV+0geSEdxc0jiB
wvHtymsERfwKyzBiaCr+BcUXHW/crReiOP5ZYtZaz8VekNwFRDnTM+T36VUiBYFf
Rt9oD4LisHHvx9yZFN5arO6nGJ9C49WsJ7MQVQeKj3Tf+2TGy6W+OYnz1jTtE62d
Svy8gGpRbunLBwOEm9Q8UCstEuDPMlBqOMHFN6preF9MADUHjUbjHOnl8vAb7m/i
JbLGRW5kXzzzYsSDi4IoHCfEdOzIaITcr9olwLZ0CLiYRn9SQWGAgCWPtPvRG/4K
Xs+/PohTKBVn+v/nsQHfRfp6cAtmd3ppvlPjUfnQXd9gX2eRAJyTSpkmbw==
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:45:24 2024 by rpki-client on console-fra.rpki-client.org