Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6c030890-f6e0-410c-bc99-af0921d1c3a4/0/3138382e3136342e3135382e302f32332d3233203d3e20323039323432.roa
File: 3138382e3136342e3135382e302f32332d3233203d3e20323039323432.roa (raw, json)
Hash identifier: a8q0y7nvMPxAQTNauYzxQwFEB0FcxQ6k8ECPLkihDTg=
Subject key identifier: CB:40:10:F9:7F:DC:C7:B9:C1:3E:41:F0:09:8B:09:E9:6E:19:A0:9C
Certificate issuer: /CN=8b9ba9adde9635777bf586fd493e14cd30f7c4ca
Certificate serial: 3E0BF01C1F7491EC2BE0A7EDDA51E09822EACF26
Authority key identifier: 8B:9B:A9:AD:DE:96:35:77:7B:F5:86:FD:49:3E:14:CD:30:F7:C4:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i5uprd6WNXd79Yb9ST4UzTD3xMo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6c030890-f6e0-410c-bc99-af0921d1c3a4/0/3138382e3136342e3135382e302f32332d3233203d3e20323039323432.roa
Signing time: Mon 30 Sep 2024 14:43:22 +0000
ROA not before: Mon 30 Sep 2024 14:38:22 +0000
ROA not after: Mon 29 Sep 2025 14:43:22 +0000
asID: 209242
IP address blocks: 188.164.158.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6c030890-f6e0-410c-bc99-af0921d1c3a4/0/8B9BA9ADDE9635777BF586FD493E14CD30F7C4CA.crl
rsync://rsync.paas.rpki.ripe.net/repository/6c030890-f6e0-410c-bc99-af0921d1c3a4/0/8B9BA9ADDE9635777BF586FD493E14CD30F7C4CA.mft
rsync://rpki.ripe.net/repository/DEFAULT/i5uprd6WNXd79Yb9ST4UzTD3xMo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:0b:f0:1c:1f:74:91:ec:2b:e0:a7:ed:da:51:e0:98:22:ea:cf:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b9ba9adde9635777bf586fd493e14cd30f7c4ca
Validity
Not Before: Sep 30 14:38:22 2024 GMT
Not After : Sep 29 14:43:22 2025 GMT
Subject: CN=CB4010F97FDCC7B9C13E41F0098B09E96E19A09C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:28:7a:93:8b:ea:bf:c1:c5:49:59:d4:bd:27:
29:0f:49:24:e6:42:6e:d8:bc:4b:67:c7:7c:77:ff:
5b:63:a8:cd:51:06:25:b7:40:9b:68:f5:ae:d0:44:
a9:a7:c0:e2:a2:fb:4a:ad:58:f7:28:1c:d1:03:6a:
52:e0:ab:35:36:7a:54:cf:8f:5f:a1:5a:76:b4:4b:
17:f4:66:96:f1:b6:d0:03:fd:f2:d6:f9:48:99:dd:
a1:73:4a:15:ec:1c:cb:0b:b6:11:72:a9:b8:22:e6:
ec:9a:0f:9e:8e:a0:f1:1d:09:6e:0f:64:df:44:70:
c1:b9:5f:9f:34:3f:4e:9f:16:eb:94:0e:a4:43:87:
61:0e:8e:f9:46:fa:37:8a:fc:1d:f2:4e:35:ac:8c:
2b:d1:cf:89:cd:da:63:61:d0:44:65:e5:ad:bf:6d:
e1:b0:ff:c3:8d:4e:8a:7c:01:92:77:69:74:2a:6c:
e5:ca:00:c2:9a:fb:60:8d:58:3f:57:48:70:38:f0:
17:28:de:cf:18:28:8d:ee:f7:db:af:54:a9:a8:f7:
86:ea:b7:14:dc:22:a5:72:bd:b1:fc:27:04:58:28:
30:8e:11:66:fd:ea:e7:0c:3d:b5:e9:dc:50:20:4d:
4e:07:4d:a3:a1:9b:13:08:f6:21:cc:cd:9c:50:70:
de:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:40:10:F9:7F:DC:C7:B9:C1:3E:41:F0:09:8B:09:E9:6E:19:A0:9C
X509v3 Authority Key Identifier:
keyid:8B:9B:A9:AD:DE:96:35:77:7B:F5:86:FD:49:3E:14:CD:30:F7:C4:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6c030890-f6e0-410c-bc99-af0921d1c3a4/0/8B9BA9ADDE9635777BF586FD493E14CD30F7C4CA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5uprd6WNXd79Yb9ST4UzTD3xMo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6c030890-f6e0-410c-bc99-af0921d1c3a4/0/3138382e3136342e3135382e302f32332d3233203d3e20323039323432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.164.158.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:34:5a:1f:b1:5e:fa:5a:1b:e4:27:6c:f5:ee:24:35:1d:7c:
24:72:63:cd:4c:5f:2a:c1:33:2f:b0:6b:d6:0f:cd:b3:17:0c:
0a:43:50:cc:28:67:77:e9:59:ae:8c:4e:f8:a8:85:3e:bd:c0:
85:64:75:b8:43:d5:33:55:0a:66:08:1a:f8:3d:84:0a:c8:a4:
2c:96:d7:19:8b:3f:d8:b1:07:7a:d1:33:fb:db:e4:54:ea:0a:
c5:c7:fc:9d:77:39:d5:db:e2:e3:4d:0d:87:b8:ae:b7:25:a3:
0a:7c:df:79:cc:4c:58:44:cf:66:23:12:db:f0:5d:bb:87:7a:
66:cb:eb:67:3c:7c:fd:91:79:d6:59:05:a0:bd:b0:0d:5c:42:
95:d8:b2:c0:44:a8:8d:d6:48:73:a1:b2:ae:48:76:fd:5c:4f:
51:3e:80:ad:96:5b:55:49:ca:84:2a:d7:c6:57:c7:d9:40:c9:
f1:d3:a6:f4:35:c5:a9:fb:48:27:3e:9d:22:74:00:89:fe:17:
9a:b7:ff:a8:34:49:c2:59:41:66:25:2f:c6:95:88:a7:88:e1:
04:82:1e:c6:0d:c0:8c:b3:0f:97:a7:24:de:bd:bb:e5:34:78:
fb:97:c2:61:f2:0b:f9:9a:15:85:85:02:07:37:ac:84:0c:6b:
c8:d0:33:ab
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUPgvwHB90kewr4Kft2lHgmCLqzyYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI5YmE5YWRkZTk2MzU3NzdiZjU4NmZkNDkzZTE0Y2Qz
MGY3YzRjYTAeFw0yNDA5MzAxNDM4MjJaFw0yNTA5MjkxNDQzMjJaMDMxMTAvBgNV
BAMTKENCNDAxMEY5N0ZEQ0M3QjlDMTNFNDFGMDA5OEIwOUU5NkUxOUEwOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjKHqTi+q/wcVJWdS9JykPSSTm
Qm7YvEtnx3x3/1tjqM1RBiW3QJto9a7QRKmnwOKi+0qtWPcoHNEDalLgqzU2elTP
j1+hWna0Sxf0ZpbxttAD/fLW+UiZ3aFzShXsHMsLthFyqbgi5uyaD56OoPEdCW4P
ZN9EcMG5X580P06fFuuUDqRDh2EOjvlG+jeK/B3yTjWsjCvRz4nN2mNh0ERl5a2/
beGw/8ONTop8AZJ3aXQqbOXKAMKa+2CNWD9XSHA48Bco3s8YKI3u99uvVKmo94bq
txTcIqVyvbH8JwRYKDCOEWb96ucMPbXp3FAgTU4HTaOhmxMI9iHMzZxQcN4lAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUy0AQ+X/cx7nBPkHwCYsJ6W4ZoJwwHwYDVR0j
BBgwFoAUi5uprd6WNXd79Yb9ST4UzTD3xMowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmMwMzA4OTAtZjZlMC00MTBjLWJjOTktYWYwOTIxZDFj
M2E0LzAvOEI5QkE5QURERTk2MzU3NzdCRjU4NkZENDkzRTE0Q0QzMEY3QzRDQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2k1dXByZDZXTlhkNzlZYjlTVDRVelRE
M3hNby5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmMwMzA4OTAt
ZjZlMC00MTBjLWJjOTktYWYwOTIxZDFjM2E0LzAvMzEzODM4MmUzMTM2MzQyZTMx
MzUzODJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDMyMzAzOTMyMzQzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAbyknjANBgkqhkiG9w0BAQsFAAOCAQEAOzRaH7Fe+lob5Cds9e4kNR18JHJj
zUxfKsEzL7Br1g/NsxcMCkNQzChnd+lZroxO+KiFPr3AhWR1uEPVM1UKZgga+D2E
CsikLJbXGYs/2LEHetEz+9vkVOoKxcf8nXc51dvi400Nh7iutyWjCnzfecxMWETP
ZiMS2/Bdu4d6ZsvrZzx8/ZF51lkFoL2wDVxCldiywESojdZIc6Gyrkh2/VxPUT6A
rZZbVUnKhCrXxlfH2UDJ8dOm9DXFqftIJz6dInQAif4Xmrf/qDRJwllBZiUvxpWI
p4jhBIIexg3AjLMPl6ck3r275TR4+5fCYfIL+ZoVhYUCBzeshAxryNAzqw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 17:13:49 2024 by rpki-client on console-ams.rpki-client.org