
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e38392e37362e302f32342d3234203d3e203536353430.roa
File: 3138352e38392e37362e302f32342d3234203d3e203536353430.roa (raw, json)
Hash identifier: Vy9226mSM/m221E8dEmvw0RcqE1S0tSWMupGKaxLfTM=
Subject key identifier: 05:AE:72:6E:57:FF:D7:8D:4F:75:13:7C:B4:5A:34:43:FD:F1:AB:A2
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 1DB4350C21A5CF38E0538F927C8A2A95E74F6BC0
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e38392e37362e302f32342d3234203d3e203536353430.roa
Signing time: Tue 28 Jan 2025 00:53:52 +0000
ROA not before: Tue 28 Jan 2025 00:48:52 +0000
ROA not after: Tue 27 Jan 2026 00:53:52 +0000
asID: 56540
IP address blocks: 185.89.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Feb 2025 05:53:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:b4:35:0c:21:a5:cf:38:e0:53:8f:92:7c:8a:2a:95:e7:4f:6b:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Jan 28 00:48:52 2025 GMT
Not After : Jan 27 00:53:52 2026 GMT
Subject: CN=05AE726E57FFD78D4F75137CB45A3443FDF1ABA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:62:3e:98:b4:04:99:54:bb:90:c1:4a:d1:2a:
de:ea:96:a1:30:45:3f:43:b2:1e:4e:5a:7e:53:fc:
e4:d5:79:bf:17:29:ec:1f:7b:8b:c3:b5:c7:48:00:
75:dc:53:44:00:4b:37:2f:e6:26:6d:3b:14:07:a9:
b8:04:5c:0c:d7:01:e8:44:38:3e:25:9b:2e:a4:a8:
a0:fd:72:f3:e1:60:c7:7f:82:a2:c0:86:6c:c7:d6:
0a:40:72:35:01:2f:8c:07:cf:9b:40:e7:ea:ab:64:
05:43:c5:04:3e:75:c9:10:df:f1:fd:ff:45:17:8b:
88:86:5e:fe:55:21:63:92:80:43:2c:c6:27:ef:15:
03:5b:31:2d:b9:0c:60:6d:2c:e6:ed:b1:f6:39:3a:
00:6a:46:d2:ac:eb:92:b5:f7:c8:2a:cd:76:c2:82:
11:e8:bb:d8:3f:2f:27:94:35:9d:9c:96:f3:22:53:
c3:75:52:49:9e:e0:71:65:fb:76:d2:0d:9f:11:dc:
19:a1:36:60:19:f8:b1:7c:96:2d:38:72:f0:ca:6c:
50:02:f1:08:da:96:1b:cb:98:5b:ae:e6:0f:c4:97:
ab:28:21:6d:85:d2:e0:44:af:37:c5:9f:77:51:10:
3a:39:61:73:d9:6c:c1:23:f6:7e:4f:8c:77:6f:87:
67:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:AE:72:6E:57:FF:D7:8D:4F:75:13:7C:B4:5A:34:43:FD:F1:AB:A2
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e38392e37362e302f32342d3234203d3e203536353430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.76.0/24
Signature Algorithm: sha256WithRSAEncryption
19:6e:90:42:43:a2:b6:b0:68:57:13:98:75:0e:0c:48:c1:82:
33:98:a8:52:0b:b8:07:ff:15:d4:ef:46:da:69:13:c2:79:ff:
0e:a0:3b:bb:44:f0:03:e0:d3:23:22:9a:a5:74:45:ea:05:de:
7a:11:d3:e6:2b:8c:5d:38:8e:cf:dd:9f:cc:b9:93:93:2d:82:
a2:5c:01:d1:f4:ae:e5:78:06:6b:c7:68:84:90:1c:5a:f5:3b:
68:a9:63:40:37:d0:d7:21:26:50:70:62:8f:f1:76:b7:57:14:
e3:6c:8b:6d:b3:81:19:44:a6:23:3c:8d:f4:d5:7b:6e:11:8a:
74:ec:03:82:ed:b6:c0:6d:b8:ef:af:16:bf:26:e2:63:23:3f:
f6:bc:9d:ab:06:c6:a6:b6:37:ab:d4:bd:27:89:cd:03:fa:48:
88:1a:1a:dc:0a:d4:fd:b3:89:ec:bc:a4:1c:df:b5:b6:f1:26:
c8:9a:b6:48:37:90:3a:34:54:2f:48:98:58:19:73:5b:e7:b0:
2d:0d:30:91:0f:a3:3d:b8:94:51:e4:b6:f4:8f:9c:ba:f3:8c:
c0:ae:9a:d4:7b:86:54:67:cd:b2:22:ca:85:df:1a:81:51:bb:
d2:2e:bb:21:d9:6d:a5:91:1b:a1:d8:36:15:03:e6:66:19:65:
29:fd:05:92
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUHbQ1DCGlzzjgU4+SfIoqledPa8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTAxMjgwMDQ4NTJaFw0yNjAxMjcwMDUzNTJaMDMxMTAvBgNV
BAMTKDA1QUU3MjZFNTdGRkQ3OEQ0Rjc1MTM3Q0I0NUEzNDQzRkRGMUFCQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqYj6YtASZVLuQwUrRKt7qlqEw
RT9Dsh5OWn5T/OTVeb8XKewfe4vDtcdIAHXcU0QASzcv5iZtOxQHqbgEXAzXAehE
OD4lmy6kqKD9cvPhYMd/gqLAhmzH1gpAcjUBL4wHz5tA5+qrZAVDxQQ+dckQ3/H9
/0UXi4iGXv5VIWOSgEMsxifvFQNbMS25DGBtLObtsfY5OgBqRtKs65K198gqzXbC
ghHou9g/LyeUNZ2clvMiU8N1Ukme4HFl+3bSDZ8R3BmhNmAZ+LF8li04cvDKbFAC
8QjalhvLmFuu5g/El6soIW2F0uBErzfFn3dREDo5YXPZbMEj9n5PjHdvh2cRAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUBa5yblf/141PdRN8tFo0Q/3xq6IwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzODM5MmUzNzM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzNjM1MzQzMC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlZ
TDANBgkqhkiG9w0BAQsFAAOCAQEAGW6QQkOitrBoVxOYdQ4MSMGCM5ioUgu4B/8V
1O9G2mkTwnn/DqA7u0TwA+DTIyKapXRF6gXeehHT5iuMXTiOz92fzLmTky2ColwB
0fSu5XgGa8dohJAcWvU7aKljQDfQ1yEmUHBij/F2t1cU42yLbbOBGUSmIzyN9NV7
bhGKdOwDgu22wG24768WvybiYyM/9rydqwbGprY3q9S9J4nNA/pIiBoa3ArU/bOJ
7LykHN+1tvEmyJq2SDeQOjRUL0iYWBlzW+ewLQ0wkQ+jPbiUUeS29I+cuvOMwK6a
1HuGVGfNsiLKhd8agVG70i67IdltpZEbodg2FQPmZhllKf0Fkg==
-----END CERTIFICATE-----
Generated at Fri Feb 14 15:01:40 2025 by rpki-client