Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231352e302f32342d3234203d3e20323036343436.roa
File: 3138352e3130302e3231352e302f32342d3234203d3e20323036343436.roa (raw, json)
Hash identifier: e9HkyexKJBEVGQ7V7rGetUWbpHpl0rWEed3SBPgbpIM=
Subject key identifier: 6D:EF:D5:69:03:75:5B:65:B0:CF:EC:86:F2:49:48:F9:61:92:BE:64
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 60534199AA9D20C4F2CF38E8944852D48B636A81
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231352e302f32342d3234203d3e20323036343436.roa
Signing time: Thu 11 Apr 2024 16:22:11 +0000
ROA not before: Thu 11 Apr 2024 16:17:11 +0000
ROA not after: Thu 10 Apr 2025 16:22:11 +0000
asID: 206446
IP address blocks: 185.100.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:53:41:99:aa:9d:20:c4:f2:cf:38:e8:94:48:52:d4:8b:63:6a:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Apr 11 16:17:11 2024 GMT
Not After : Apr 10 16:22:11 2025 GMT
Subject: CN=6DEFD56903755B65B0CFEC86F24948F96192BE64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d6:20:a2:e8:ee:f9:34:7c:29:ba:62:d1:8b:
d4:83:d3:d1:d2:b9:66:a8:95:9c:a9:be:7d:7a:af:
68:14:73:74:17:ab:86:eb:bb:47:5c:cc:9f:1b:61:
55:3a:32:e7:62:58:53:14:b9:68:a2:df:04:13:b8:
86:a8:71:f6:e7:31:2b:fb:9b:8d:cf:2b:58:05:81:
ef:54:5a:4d:15:01:19:4b:67:b1:f3:e8:09:a7:f1:
b8:2e:50:d5:63:6d:71:16:70:91:ab:43:70:cd:99:
b0:87:cc:54:f2:97:63:bd:40:c3:19:55:7f:11:0f:
6c:da:9c:ca:5c:a8:51:89:a6:3e:1b:c6:09:1f:1d:
a7:3a:24:fe:3f:7d:a4:a6:8e:17:5c:a7:5f:01:4d:
9a:6e:be:05:20:21:6e:eb:f4:ac:27:4b:12:ce:1a:
83:c8:fb:01:06:07:d7:d3:e3:8d:aa:f1:68:db:8d:
1e:63:9b:d9:ad:7d:34:22:dc:ee:27:10:72:af:c9:
ca:57:84:3b:11:02:43:e5:37:80:4c:0f:ad:17:9a:
3c:e1:f4:8d:ae:de:88:4a:2f:ba:0f:36:dc:4f:de:
8a:f2:50:2f:54:26:1f:84:f4:7d:9d:3a:b1:75:e9:
76:62:09:c4:80:73:2d:e0:2d:ae:b4:c9:e3:bc:2b:
17:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:EF:D5:69:03:75:5B:65:B0:CF:EC:86:F2:49:48:F9:61:92:BE:64
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231352e302f32342d3234203d3e20323036343436.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.215.0/24
Signature Algorithm: sha256WithRSAEncryption
29:f3:eb:af:f5:02:e2:5d:04:73:7c:34:2b:f7:45:3e:59:96:
aa:9c:27:d5:27:27:68:89:27:36:7b:f5:1b:ff:be:b5:8f:0e:
ca:99:24:c1:85:6f:24:9f:6d:04:43:31:83:da:c1:f0:03:df:
d8:f4:3d:9a:96:08:0e:2a:a1:ec:f9:8d:95:22:64:4b:a7:fc:
f3:3f:1c:be:60:d0:6c:e2:f1:b7:fc:b7:3e:d2:a2:d6:0c:3f:
69:17:12:bc:e2:0a:82:05:d2:47:b3:6f:57:0b:e4:63:19:5e:
a0:69:56:34:97:dc:1a:36:c1:f5:e8:8d:d5:d5:60:31:52:e1:
87:f9:8d:4b:95:c1:31:58:70:f2:40:b6:9b:d8:ae:07:a6:10:
5c:80:52:13:9b:16:c7:6e:f8:1b:5c:8a:ae:8a:e8:72:ca:91:
20:f7:b6:29:52:a3:20:55:8a:37:73:ca:1f:69:62:3e:6b:3a:
80:17:87:eb:59:a6:fa:b6:95:6d:38:7c:39:54:f5:ec:e8:24:
3e:90:2a:2b:e4:68:ed:b5:48:ba:58:8e:90:eb:f7:b8:77:a0:
e4:b2:67:67:77:9a:c9:90:52:6b:e0:45:9f:9b:03:cf:33:dd:
c0:79:ef:df:2c:18:ef:4e:a0:f2:04:9b:fb:a3:e0:87:88:23:
d2:6e:e1:85
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUYFNBmaqdIMTyzzjolEhS1ItjaoEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDA0MTExNjE3MTFaFw0yNTA0MTAxNjIyMTFaMDMxMTAvBgNV
BAMTKDZERUZENTY5MDM3NTVCNjVCMENGRUM4NkYyNDk0OEY5NjE5MkJFNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA1iCi6O75NHwpumLRi9SD09HS
uWaolZypvn16r2gUc3QXq4bru0dczJ8bYVU6MudiWFMUuWii3wQTuIaocfbnMSv7
m43PK1gFge9UWk0VARlLZ7Hz6Amn8bguUNVjbXEWcJGrQ3DNmbCHzFTyl2O9QMMZ
VX8RD2zanMpcqFGJpj4bxgkfHac6JP4/faSmjhdcp18BTZpuvgUgIW7r9KwnSxLO
GoPI+wEGB9fT442q8WjbjR5jm9mtfTQi3O4nEHKvycpXhDsRAkPlN4BMD60Xmjzh
9I2u3ohKL7oPNtxP3oryUC9UJh+E9H2dOrF16XZiCcSAcy3gLa60yeO8KxdtAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUbe/VaQN1W2Wwz+yG8klI+WGSvmQwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzMTMwMzAyZTMy
MzEzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNjM0MzQzNi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALlk1zANBgkqhkiG9w0BAQsFAAOCAQEAKfPrr/UC4l0Ec3w0K/dFPlmWqpwn
1ScnaIknNnv1G/++tY8OypkkwYVvJJ9tBEMxg9rB8APf2PQ9mpYIDiqh7PmNlSJk
S6f88z8cvmDQbOLxt/y3PtKi1gw/aRcSvOIKggXSR7NvVwvkYxleoGlWNJfcGjbB
9eiN1dVgMVLhh/mNS5XBMVhw8kC2m9iuB6YQXIBSE5sWx274G1yKrorocsqRIPe2
KVKjIFWKN3PKH2liPms6gBeH61mm+raVbTh8OVT17OgkPpAqK+Ro7bVIuliOkOv3
uHeg5LJnZ3eayZBSa+BFn5sDzzPdwHnv3ywY706g8gSb+6Pgh4gj0m7hhQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:50 2024 by rpki-client on console-fra.rpki-client.org