Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3133392e32352e302f32342d3234203d3e20323030303838.roa
File: 3138352e3133392e32352e302f32342d3234203d3e20323030303838.roa (raw, json)
Hash identifier: Af0uHQDOH/kHYL+l1Jf/8ezyEDLgCBBJ+7FgfJToCeA=
Subject key identifier: 99:C9:DB:15:BC:A1:22:96:08:AA:05:9C:57:D4:7A:DC:32:1A:25:A9
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 733272C78FA5EE11D93529E49967E96761029227
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3133392e32352e302f32342d3234203d3e20323030303838.roa
Signing time: Mon 14 Oct 2024 07:43:25 +0000
ROA not before: Mon 14 Oct 2024 07:38:25 +0000
ROA not after: Mon 13 Oct 2025 07:43:25 +0000
asID: 200088
IP address blocks: 185.139.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:32:72:c7:8f:a5:ee:11:d9:35:29:e4:99:67:e9:67:61:02:92:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 14 07:38:25 2024 GMT
Not After : Oct 13 07:43:25 2025 GMT
Subject: CN=99C9DB15BCA1229608AA059C57D47ADC321A25A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:05:23:78:d2:bc:be:b8:3a:6c:c0:a5:f7:67:
7a:e1:54:d7:f7:0b:1b:35:7d:47:7b:fe:2c:af:9f:
44:2a:c6:84:a8:64:14:f9:b9:20:f9:22:fd:e3:f1:
52:51:64:55:66:83:e5:64:b7:91:2a:5b:11:6e:bb:
d9:02:79:f2:fd:ee:94:d7:6c:7a:29:fc:82:77:ae:
bf:63:37:56:74:af:a6:c8:fe:26:f2:46:91:88:7b:
99:ef:2b:af:1e:ad:cc:7e:6a:1f:9b:b6:02:cc:e8:
b7:5a:7f:9b:24:de:0c:b1:8d:3e:82:bd:20:ef:3b:
ac:a5:41:46:3d:f9:02:a4:5e:76:f0:9d:ec:1a:fd:
7c:d1:0b:21:a2:4b:85:6b:36:c5:7a:4c:06:96:45:
34:c7:51:d0:f2:b2:b0:66:3a:e7:85:58:67:52:dd:
85:cd:34:09:87:ba:b7:4d:0b:e0:d4:f8:50:ed:dc:
28:b1:51:31:e0:c6:5e:84:8b:e4:81:94:f7:54:45:
f9:c3:34:c3:67:51:b0:48:04:9e:6a:60:02:11:e9:
3c:ee:71:31:49:ca:29:b6:23:d2:7b:c7:db:e5:9a:
b1:c8:11:1a:92:b8:ed:bd:1e:4a:f6:3f:c2:c0:dc:
ca:8c:18:8f:cb:9c:60:f4:6f:c6:64:d7:1a:65:f0:
ce:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:C9:DB:15:BC:A1:22:96:08:AA:05:9C:57:D4:7A:DC:32:1A:25:A9
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3133392e32352e302f32342d3234203d3e20323030303838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.25.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:33:f5:e0:bc:f0:7c:09:e5:66:e7:ca:32:97:02:69:10:50:
d1:98:5e:a7:63:fc:60:da:8b:2f:e6:da:fe:47:e9:7b:cd:31:
da:b4:5b:46:96:87:c8:24:35:a5:e0:7d:22:1c:d8:be:66:08:
10:91:50:2f:55:4e:14:ea:6e:97:2c:b8:0a:cb:06:85:71:32:
fc:39:b8:63:22:ac:21:51:8d:3d:1b:94:23:8e:c5:ac:20:24:
e4:6a:db:4b:b7:1d:23:c1:f9:04:04:44:22:5e:de:68:90:0b:
e8:d9:a6:cf:f4:f8:a3:03:f5:2c:5e:b4:21:a0:18:48:c7:5c:
24:29:93:3d:95:f6:e4:62:55:d5:e8:c4:a4:34:95:4a:46:fa:
0e:f8:dc:9e:cc:99:65:e3:cc:20:73:e9:f4:23:c2:20:c8:49:
54:04:aa:84:6a:36:51:31:49:06:c6:ce:80:23:0d:54:2b:3c:
c8:06:f9:8b:9a:eb:34:03:11:3c:fd:93:99:23:b3:28:14:86:
cb:42:4a:86:7a:ff:ae:47:a1:62:dd:c3:9b:4d:c0:22:ab:0e:
df:95:70:b2:e6:b8:d6:0c:54:53:3f:c1:22:68:08:db:4f:b9:
02:fd:d7:54:17:b6:c3:d7:45:1e:fa:a5:7c:36:fe:f1:f8:44:
01:6c:7b:41
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUczJyx4+l7hHZNSnkmWfpZ2ECkicwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMTQwNzM4MjVaFw0yNTEwMTMwNzQzMjVaMDMxMTAvBgNV
BAMTKDk5QzlEQjE1QkNBMTIyOTYwOEFBMDU5QzU3RDQ3QURDMzIxQTI1QTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtBSN40ry+uDpswKX3Z3rhVNf3
Cxs1fUd7/iyvn0QqxoSoZBT5uSD5Iv3j8VJRZFVmg+Vkt5EqWxFuu9kCefL97pTX
bHop/IJ3rr9jN1Z0r6bI/ibyRpGIe5nvK68ercx+ah+btgLM6Ldaf5sk3gyxjT6C
vSDvO6ylQUY9+QKkXnbwnewa/XzRCyGiS4VrNsV6TAaWRTTHUdDysrBmOueFWGdS
3YXNNAmHurdNC+DU+FDt3CixUTHgxl6Ei+SBlPdURfnDNMNnUbBIBJ5qYAIR6Tzu
cTFJyim2I9J7x9vlmrHIERqSuO29Hkr2P8LA3MqMGI/LnGD0b8Zk1xpl8M5pAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUmcnbFbyhIpYIqgWcV9R63DIaJakwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzMTMzMzkyZTMy
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzAzMDM4Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5ixkwDQYJKoZIhvcNAQELBQADggEBAE8z9eC88HwJ5WbnyjKXAmkQUNGYXqdj
/GDaiy/m2v5H6XvNMdq0W0aWh8gkNaXgfSIc2L5mCBCRUC9VThTqbpcsuArLBoVx
Mvw5uGMirCFRjT0blCOOxawgJORq20u3HSPB+QQERCJe3miQC+jZps/0+KMD9Sxe
tCGgGEjHXCQpkz2V9uRiVdXoxKQ0lUpG+g743J7MmWXjzCBz6fQjwiDISVQEqoRq
NlExSQbGzoAjDVQrPMgG+Yua6zQDETz9k5kjsygUhstCSoZ6/65HoWLdw5tNwCKr
Dt+VcLLmuNYMVFM/wSJoCNtPuQL911QXtsPXRR76pXw2/vH4RAFse0E=
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:14:20 2024 by rpki-client on console-ams.rpki-client.org