Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e38392e37372e302f32342d3234203d3e20323131333733.roa
File: 3138352e38392e37372e302f32342d3234203d3e20323131333733.roa (raw, json)
Hash identifier: yO3wcGG2SE3t1CP/cdG7+2m+kBu8thuUfkN5UbxONQU=
Subject key identifier: E8:43:1B:5D:1B:C9:F9:DA:2D:06:12:0E:84:E0:3A:33:EF:91:4B:8C
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 44AD40596F6C9010034142401F0674280BC80D19
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e38392e37372e302f32342d3234203d3e20323131333733.roa
Signing time: Wed 09 Oct 2024 09:43:22 +0000
ROA not before: Wed 09 Oct 2024 09:38:22 +0000
ROA not after: Wed 08 Oct 2025 09:43:22 +0000
asID: 211373
IP address blocks: 185.89.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:ad:40:59:6f:6c:90:10:03:41:42:40:1f:06:74:28:0b:c8:0d:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:22 2024 GMT
Not After : Oct 8 09:43:22 2025 GMT
Subject: CN=E8431B5D1BC9F9DA2D06120E84E03A33EF914B8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:ef:0c:0c:93:f4:b5:2f:77:39:13:f7:d4:90:
2b:4b:2c:25:83:f9:28:5f:3b:aa:20:1a:f6:dd:ec:
f8:02:20:1a:98:17:2b:8d:34:db:47:c5:81:a4:14:
93:f2:5c:62:2f:d8:0d:45:c1:47:5c:23:71:9d:02:
92:01:8a:ee:34:76:c1:ab:c0:3c:8b:b5:00:58:92:
1c:b0:94:d9:6c:b7:96:a4:82:00:6d:d7:90:16:22:
77:ea:88:ca:67:ab:1d:47:da:d1:e9:52:4b:1f:71:
c9:76:a2:a5:3c:d5:fe:12:f1:fc:d0:aa:9c:09:36:
c7:a0:93:4e:7c:e5:d9:dc:ad:aa:d2:2a:f3:80:4a:
40:a3:ae:e6:20:04:6d:d7:68:5e:b1:9f:5d:0d:23:
7c:a0:49:98:23:99:76:5b:be:84:df:67:3b:80:4e:
55:5f:27:fc:53:9a:f2:e7:e2:3f:bd:1a:68:10:66:
13:97:66:56:3b:aa:55:85:ff:9e:6c:db:d1:6f:02:
e9:02:27:b5:ed:49:a9:d6:59:97:1c:a8:50:0a:10:
e6:2d:3c:27:24:e9:8b:dd:c1:c9:8f:07:7e:f7:14:
e5:05:62:cd:19:5e:71:3b:e0:0d:d0:7c:f7:d8:0a:
8f:d4:5e:74:d4:7b:17:66:58:de:84:7a:fd:11:25:
e5:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:43:1B:5D:1B:C9:F9:DA:2D:06:12:0E:84:E0:3A:33:EF:91:4B:8C
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e38392e37372e302f32342d3234203d3e20323131333733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.77.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:b4:f5:3c:cc:f4:0d:9f:b4:b0:c1:f6:d1:c2:22:75:e2:17:
96:5a:48:b1:ae:77:7c:81:b7:16:9a:1a:e7:d6:fe:93:09:05:
92:f2:3a:28:b0:52:c0:79:39:70:e3:a9:08:c7:ff:0a:ad:c4:
32:1c:05:06:7c:f4:98:a0:a4:eb:f1:94:8a:69:dd:be:e4:ca:
a8:19:84:89:88:1e:7a:d3:a8:a3:cb:83:c9:a8:75:9e:7a:f9:
ff:b9:78:90:31:9c:a5:22:aa:e0:dd:d2:b8:e7:b2:c0:84:a2:
7c:a4:cd:5b:76:cd:f9:3a:16:83:04:ba:de:1c:0d:cd:eb:fa:
73:06:27:45:a2:23:f4:e5:7c:4d:c5:04:e8:bf:6d:a3:6f:fd:
0c:c0:47:b9:43:ef:f5:20:ce:87:75:a0:22:26:3b:8b:8e:4e:
48:42:1d:ed:81:ca:8c:3f:1e:90:13:5e:ae:ed:1a:c9:87:c9:
c6:83:5e:ce:9a:08:3c:32:17:50:32:0a:9b:d4:ee:2c:fd:c4:
4d:69:0b:5b:af:cc:bb:b2:51:6d:ee:47:7a:5e:ce:89:d3:21:
db:25:a2:2c:82:a3:62:04:ee:bc:58:06:da:65:ca:78:e2:ab:
de:a7:07:02:07:dd:f1:f7:d1:37:b7:02:1a:5a:94:f7:a4:2a:
2f:3c:ba:b0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURK1AWW9skBADQUJAHwZ0KAvIDRkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjJaFw0yNTEwMDgwOTQzMjJaMDMxMTAvBgNV
BAMTKEU4NDMxQjVEMUJDOUY5REEyRDA2MTIwRTg0RTAzQTMzRUY5MTRCOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDi7wwMk/S1L3c5E/fUkCtLLCWD
+ShfO6ogGvbd7PgCIBqYFyuNNNtHxYGkFJPyXGIv2A1FwUdcI3GdApIBiu40dsGr
wDyLtQBYkhywlNlst5akggBt15AWInfqiMpnqx1H2tHpUksfccl2oqU81f4S8fzQ
qpwJNsegk0585dncrarSKvOASkCjruYgBG3XaF6xn10NI3ygSZgjmXZbvoTfZzuA
TlVfJ/xTmvLn4j+9GmgQZhOXZlY7qlWF/55s29FvAukCJ7XtSanWWZccqFAKEOYt
PCck6YvdwcmPB373FOUFYs0ZXnE74A3QfPfYCo/UXnTUexdmWN6Eev0RJeV1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU6EMbXRvJ+dotBhIOhOA6M++RS4wwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzODM5MmUzNzM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMxMzMzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uVlNMA0GCSqGSIb3DQEBCwUAA4IBAQBPtPU8zPQNn7SwwfbRwiJ14heWWkixrnd8
gbcWmhrn1v6TCQWS8joosFLAeTlw46kIx/8KrcQyHAUGfPSYoKTr8ZSKad2+5Mqo
GYSJiB5606ijy4PJqHWeevn/uXiQMZylIqrg3dK457LAhKJ8pM1bds35OhaDBLre
HA3N6/pzBidFoiP05XxNxQTov22jb/0MwEe5Q+/1IM6HdaAiJjuLjk5IQh3tgcqM
Px6QE16u7RrJh8nGg17Omgg8MhdQMgqb1O4s/cRNaQtbr8y7slFt7kd6Xs6J0yHb
JaIsgqNiBO68WAbaZcp44qvepwcCB93x99E3twIaWpT3pCovPLqw
-----END CERTIFICATE-----
Generated at Mon Nov 25 07:54:59 2024 by rpki-client on console-ams.rpki-client.org