Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6cfa4a2c-e145-414d-a62f-09a3f9b575fd/0/3138352e33372e3231362e302f32332d3234203d3e20323132323338.roa
File: 3138352e33372e3231362e302f32332d3234203d3e20323132323338.roa (raw, json)
Hash identifier: JrvLFX+5o0GBehhUiUJJUuZWmKqwIyrrY1oYHebpeaY=
Subject key identifier: 83:C7:9B:BA:84:E5:45:8B:B5:3A:CE:B0:98:25:00:50:A9:9B:C6:58
Certificate issuer: /CN=edb9f3e6d8e4b57c49301aa621ef1f90389e057a
Certificate serial: 3A1DF98BCDCAD60C81300824EB65E56C47B54AB8
Authority key identifier: ED:B9:F3:E6:D8:E4:B5:7C:49:30:1A:A6:21:EF:1F:90:38:9E:05:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7bnz5tjktXxJMBqmIe8fkDieBXo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6cfa4a2c-e145-414d-a62f-09a3f9b575fd/0/3138352e33372e3231362e302f32332d3234203d3e20323132323338.roa
Signing time: Thu 22 Aug 2024 15:05:19 +0000
ROA not before: Thu 22 Aug 2024 15:00:19 +0000
ROA not after: Thu 21 Aug 2025 15:05:19 +0000
asID: 212238
IP address blocks: 185.37.216.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6cfa4a2c-e145-414d-a62f-09a3f9b575fd/0/EDB9F3E6D8E4B57C49301AA621EF1F90389E057A.crl
rsync://rsync.paas.rpki.ripe.net/repository/6cfa4a2c-e145-414d-a62f-09a3f9b575fd/0/EDB9F3E6D8E4B57C49301AA621EF1F90389E057A.mft
rsync://rpki.ripe.net/repository/DEFAULT/7bnz5tjktXxJMBqmIe8fkDieBXo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:1d:f9:8b:cd:ca:d6:0c:81:30:08:24:eb:65:e5:6c:47:b5:4a:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edb9f3e6d8e4b57c49301aa621ef1f90389e057a
Validity
Not Before: Aug 22 15:00:19 2024 GMT
Not After : Aug 21 15:05:19 2025 GMT
Subject: CN=83C79BBA84E5458BB53ACEB098250050A99BC658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:58:f1:d6:32:30:dd:3b:5d:57:b8:8d:62:44:
91:7d:17:56:68:39:b6:b7:69:0c:82:a6:d3:56:a6:
6a:75:4c:02:a0:5e:43:64:fd:a1:ca:ba:19:07:fc:
a7:81:d8:73:13:18:86:47:63:c2:81:55:0e:b7:a5:
f6:68:f3:e6:7e:f1:b6:a5:f3:21:a3:1b:f5:20:3b:
57:35:6a:67:ad:11:4a:40:fb:28:db:87:68:ad:68:
b3:68:98:e5:4d:62:1c:50:c1:ac:f6:10:aa:fd:5e:
2e:4b:44:cc:2c:e6:ab:bf:74:e7:55:11:cc:e2:48:
ac:fd:7b:af:31:a1:45:b4:67:c6:12:45:c6:74:c7:
58:c0:84:17:ad:9f:c5:12:77:d8:6a:d7:e6:88:bd:
1c:e2:f5:3a:c3:15:85:d2:fa:41:98:71:ad:90:69:
d5:9a:7a:87:0e:03:46:f0:da:d1:27:3e:ba:98:60:
5a:03:2f:2c:35:82:af:bd:81:62:0e:69:d9:67:7d:
ed:a3:d4:4f:6e:95:0b:69:aa:7a:cd:83:6f:dd:54:
b7:a3:e4:7b:14:7f:35:0b:99:9e:e7:c2:15:9f:ee:
5d:f4:63:f1:21:75:d6:9c:ba:91:3f:86:0b:b6:3e:
30:28:1c:4a:4d:fd:87:f9:d3:38:c9:d4:34:6f:40:
ee:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:C7:9B:BA:84:E5:45:8B:B5:3A:CE:B0:98:25:00:50:A9:9B:C6:58
X509v3 Authority Key Identifier:
keyid:ED:B9:F3:E6:D8:E4:B5:7C:49:30:1A:A6:21:EF:1F:90:38:9E:05:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6cfa4a2c-e145-414d-a62f-09a3f9b575fd/0/EDB9F3E6D8E4B57C49301AA621EF1F90389E057A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7bnz5tjktXxJMBqmIe8fkDieBXo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6cfa4a2c-e145-414d-a62f-09a3f9b575fd/0/3138352e33372e3231362e302f32332d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.216.0/23
Signature Algorithm: sha256WithRSAEncryption
03:86:5f:71:7d:32:21:0b:e9:62:03:d3:70:1f:b8:f1:0b:33:
f3:79:d8:83:d4:91:96:37:5a:3f:85:d2:78:cc:2e:c8:50:b7:
8a:19:eb:5d:e9:2e:44:bb:35:40:df:fe:fc:65:95:38:ca:a5:
a0:6f:15:7a:76:d2:11:c4:46:71:7b:76:5a:d7:fa:6c:23:3c:
47:0a:fd:3e:ae:4a:90:66:65:18:ee:ce:d8:81:1f:da:27:7a:
51:b0:a6:35:83:74:5b:83:0b:ca:96:92:b8:06:d8:fb:57:bf:
42:cb:01:6f:bc:2a:25:3f:0f:18:b1:bd:73:b5:3e:5b:9b:06:
a8:4b:1d:15:2d:1f:05:26:41:44:b6:b8:18:60:ee:08:73:5e:
9f:13:49:8d:74:ec:83:af:96:9c:96:37:0f:c6:91:4f:ce:ff:
27:c5:6b:a2:42:2c:33:a9:a6:0b:32:b7:a7:ae:34:1b:8c:fa:
91:37:21:c8:f6:bc:fe:57:25:d3:1d:2d:8f:fa:97:2b:75:5f:
c1:11:dd:d0:d2:f5:66:2e:36:07:57:45:6d:23:2d:49:7c:58:
fb:d7:76:49:1e:f6:7c:d5:18:5e:07:f5:37:f8:50:8f:98:94:
b5:38:be:26:e9:75:54:77:8a:14:1e:00:80:c4:c8:20:48:41:
47:ef:ff:c2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOh35i83K1gyBMAgk62XlbEe1SrgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWRiOWYzZTZkOGU0YjU3YzQ5MzAxYWE2MjFlZjFmOTAz
ODllMDU3YTAeFw0yNDA4MjIxNTAwMTlaFw0yNTA4MjExNTA1MTlaMDMxMTAvBgNV
BAMTKDgzQzc5QkJBODRFNTQ1OEJCNTNBQ0VCMDk4MjUwMDUwQTk5QkM2NTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbWPHWMjDdO11XuI1iRJF9F1Zo
Oba3aQyCptNWpmp1TAKgXkNk/aHKuhkH/KeB2HMTGIZHY8KBVQ63pfZo8+Z+8bal
8yGjG/UgO1c1ametEUpA+yjbh2itaLNomOVNYhxQwaz2EKr9Xi5LRMws5qu/dOdV
EcziSKz9e68xoUW0Z8YSRcZ0x1jAhBetn8USd9hq1+aIvRzi9TrDFYXS+kGYca2Q
adWaeocOA0bw2tEnPrqYYFoDLyw1gq+9gWIOadlnfe2j1E9ulQtpqnrNg2/dVLej
5HsUfzULmZ7nwhWf7l30Y/EhddacupE/hgu2PjAoHEpN/Yf50zjJ1DRvQO5LAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUg8ebuoTlRYu1Os6wmCUAUKmbxlgwHwYDVR0j
BBgwFoAU7bnz5tjktXxJMBqmIe8fkDieBXowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmNmYTRhMmMtZTE0NS00MTRkLWE2MmYtMDlhM2Y5YjU3
NWZkLzAvRURCOUYzRTZEOEU0QjU3QzQ5MzAxQUE2MjFFRjFGOTAzODlFMDU3QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdibno1dGprdFh4Sk1CcW1JZThma0Rp
ZUJYby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmNmYTRhMmMt
ZTE0NS00MTRkLWE2MmYtMDlhM2Y5YjU3NWZkLzAvMzEzODM1MmUzMzM3MmUzMjMx
MzYyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5JdgwDQYJKoZIhvcNAQELBQADggEBAAOGX3F9MiEL6WID03AfuPELM/N52IPU
kZY3Wj+F0njMLshQt4oZ613pLkS7NUDf/vxllTjKpaBvFXp20hHERnF7dlrX+mwj
PEcK/T6uSpBmZRjuztiBH9onelGwpjWDdFuDC8qWkrgG2PtXv0LLAW+8KiU/Dxix
vXO1PlubBqhLHRUtHwUmQUS2uBhg7ghzXp8TSY107IOvlpyWNw/GkU/O/yfFa6JC
LDOppgsyt6euNBuM+pE3Icj2vP5XJdMdLY/6lyt1X8ER3dDS9WYuNgdXRW0jLUl8
WPvXdkke9nzVGF4H9Tf4UI+YlLU4vibpdVR3ihQeAIDEyCBIQUfv/8I=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org