Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6cfa4a2c-e145-414d-a62f-09a3f9b575fd/0/3138352e33372e3231382e302f32332d3234203d3e20323132323338.roa
File: 3138352e33372e3231382e302f32332d3234203d3e20323132323338.roa (raw, json)
Hash identifier: huwsUB31uBfbleT8W3liIVEEjjwoWiPQyT4oqqDXvCQ=
Subject key identifier: 53:CA:29:7D:97:F6:B8:A7:C2:8E:EB:B0:C1:33:F4:C0:90:56:85:8C
Certificate issuer: /CN=edb9f3e6d8e4b57c49301aa621ef1f90389e057a
Certificate serial: 4824A13BEB98F1C1649E2FEE801C1A106B3AF5E9
Authority key identifier: ED:B9:F3:E6:D8:E4:B5:7C:49:30:1A:A6:21:EF:1F:90:38:9E:05:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7bnz5tjktXxJMBqmIe8fkDieBXo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6cfa4a2c-e145-414d-a62f-09a3f9b575fd/0/3138352e33372e3231382e302f32332d3234203d3e20323132323338.roa
Signing time: Thu 22 Aug 2024 15:05:19 +0000
ROA not before: Thu 22 Aug 2024 15:00:19 +0000
ROA not after: Thu 21 Aug 2025 15:05:19 +0000
asID: 212238
IP address blocks: 185.37.218.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6cfa4a2c-e145-414d-a62f-09a3f9b575fd/0/EDB9F3E6D8E4B57C49301AA621EF1F90389E057A.crl
rsync://rsync.paas.rpki.ripe.net/repository/6cfa4a2c-e145-414d-a62f-09a3f9b575fd/0/EDB9F3E6D8E4B57C49301AA621EF1F90389E057A.mft
rsync://rpki.ripe.net/repository/DEFAULT/7bnz5tjktXxJMBqmIe8fkDieBXo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:24:a1:3b:eb:98:f1:c1:64:9e:2f:ee:80:1c:1a:10:6b:3a:f5:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edb9f3e6d8e4b57c49301aa621ef1f90389e057a
Validity
Not Before: Aug 22 15:00:19 2024 GMT
Not After : Aug 21 15:05:19 2025 GMT
Subject: CN=53CA297D97F6B8A7C28EEBB0C133F4C09056858C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6b:bc:bd:3d:8f:ca:85:ed:96:fd:ef:13:a9:
33:1b:7f:47:9e:89:bc:39:22:62:9b:2e:73:ec:fd:
00:9c:86:ae:ac:17:ed:d6:0f:43:18:9e:73:5a:3c:
24:7e:67:b5:9a:c2:fb:f5:81:a2:4e:96:7c:4f:81:
86:56:6a:2d:82:d0:db:4a:63:c2:9f:d7:79:61:72:
c6:73:a8:88:5a:55:1c:ad:9a:15:d6:9d:79:28:eb:
46:4d:50:3a:87:3c:d1:0a:4d:5c:69:c0:74:ee:d6:
0e:75:7d:52:30:25:ff:d0:e4:b4:a5:9f:92:dc:53:
57:39:a1:07:03:6d:96:c0:90:9a:8e:8d:e4:a9:bf:
46:99:21:64:4e:ad:88:b9:86:fd:55:d4:14:1f:48:
79:4a:ac:a6:02:cd:f9:5c:af:7d:11:a2:34:2e:e7:
d4:4c:97:0f:60:10:a4:e9:97:ce:0c:3b:ea:c9:16:
4f:55:cf:d3:17:21:10:3a:e0:96:01:fd:6b:18:1e:
ff:0d:31:51:1e:23:68:5e:c2:12:7e:cc:31:1d:94:
63:ae:08:9b:25:20:0d:e8:0b:df:be:e3:4a:97:3f:
c9:11:d1:38:ce:86:ca:eb:c7:f0:c9:f3:2d:f5:c2:
b4:bb:7b:47:72:ec:ba:4c:a5:ec:68:f5:51:2c:cc:
e6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:CA:29:7D:97:F6:B8:A7:C2:8E:EB:B0:C1:33:F4:C0:90:56:85:8C
X509v3 Authority Key Identifier:
keyid:ED:B9:F3:E6:D8:E4:B5:7C:49:30:1A:A6:21:EF:1F:90:38:9E:05:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6cfa4a2c-e145-414d-a62f-09a3f9b575fd/0/EDB9F3E6D8E4B57C49301AA621EF1F90389E057A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7bnz5tjktXxJMBqmIe8fkDieBXo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6cfa4a2c-e145-414d-a62f-09a3f9b575fd/0/3138352e33372e3231382e302f32332d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.218.0/23
Signature Algorithm: sha256WithRSAEncryption
72:27:98:8f:6f:45:3c:1c:dd:30:ad:96:5f:0e:50:eb:a0:26:
d8:5b:cb:c9:80:ec:e4:2d:4b:3f:f0:d4:fe:30:e1:14:bf:81:
31:82:51:b9:c0:6c:a9:77:d5:8e:23:d8:f4:08:5e:62:72:0f:
bd:5f:54:51:5c:21:36:35:4c:90:f9:46:48:9f:66:83:db:0a:
4d:1d:d8:76:94:bb:78:81:b2:60:97:32:07:3a:99:a9:75:2c:
0d:72:7f:47:a3:8a:fe:d3:ab:d4:aa:f4:81:9c:ce:e5:17:cc:
cb:13:41:52:55:c8:ca:a3:f2:b0:40:be:50:9f:ad:19:a6:17:
5f:76:f4:5b:43:ad:64:3a:8d:92:9f:11:25:8a:c0:55:ce:0c:
ab:ff:f8:46:7d:22:e3:cb:59:80:4c:b0:b0:7e:6a:c7:1a:1d:
ea:ea:a1:f1:cb:45:3d:ea:06:93:c2:0a:8d:1f:a2:a7:88:e2:
6e:b3:83:c1:b8:b1:e2:81:a9:40:91:ba:ac:15:c3:3e:56:78:
eb:a4:bf:04:9e:19:a7:42:2d:e9:fd:af:56:ea:7b:f0:a8:6b:
49:b6:1c:56:58:0e:ac:cb:c6:87:05:74:d3:89:b3:f9:6f:f6:
6e:1f:87:60:5f:e0:15:f9:6e:7f:85:ec:88:0e:c6:d2:c4:80:
08:9e:f1:8b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSCShO+uY8cFkni/ugBwaEGs69ekwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWRiOWYzZTZkOGU0YjU3YzQ5MzAxYWE2MjFlZjFmOTAz
ODllMDU3YTAeFw0yNDA4MjIxNTAwMTlaFw0yNTA4MjExNTA1MTlaMDMxMTAvBgNV
BAMTKDUzQ0EyOTdEOTdGNkI4QTdDMjhFRUJCMEMxMzNGNEMwOTA1Njg1OEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8a7y9PY/Khe2W/e8TqTMbf0ee
ibw5ImKbLnPs/QCchq6sF+3WD0MYnnNaPCR+Z7Wawvv1gaJOlnxPgYZWai2C0NtK
Y8Kf13lhcsZzqIhaVRytmhXWnXko60ZNUDqHPNEKTVxpwHTu1g51fVIwJf/Q5LSl
n5LcU1c5oQcDbZbAkJqOjeSpv0aZIWROrYi5hv1V1BQfSHlKrKYCzflcr30RojQu
59RMlw9gEKTpl84MO+rJFk9Vz9MXIRA64JYB/WsYHv8NMVEeI2hewhJ+zDEdlGOu
CJslIA3oC9++40qXP8kR0TjOhsrrx/DJ8y31wrS7e0dy7LpMpexo9VEszOYpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUU8opfZf2uKfCjuuwwTP0wJBWhYwwHwYDVR0j
BBgwFoAU7bnz5tjktXxJMBqmIe8fkDieBXowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmNmYTRhMmMtZTE0NS00MTRkLWE2MmYtMDlhM2Y5YjU3
NWZkLzAvRURCOUYzRTZEOEU0QjU3QzQ5MzAxQUE2MjFFRjFGOTAzODlFMDU3QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdibno1dGprdFh4Sk1CcW1JZThma0Rp
ZUJYby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmNmYTRhMmMt
ZTE0NS00MTRkLWE2MmYtMDlhM2Y5YjU3NWZkLzAvMzEzODM1MmUzMzM3MmUzMjMx
MzgyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5JdowDQYJKoZIhvcNAQELBQADggEBAHInmI9vRTwc3TCtll8OUOugJthby8mA
7OQtSz/w1P4w4RS/gTGCUbnAbKl31Y4j2PQIXmJyD71fVFFcITY1TJD5RkifZoPb
Ck0d2HaUu3iBsmCXMgc6mal1LA1yf0ejiv7Tq9Sq9IGczuUXzMsTQVJVyMqj8rBA
vlCfrRmmF1929FtDrWQ6jZKfESWKwFXODKv/+EZ9IuPLWYBMsLB+ascaHerqofHL
RT3qBpPCCo0foqeI4m6zg8G4seKBqUCRuqwVwz5WeOukvwSeGadCLen9r1bqe/Co
a0m2HFZYDqzLxocFdNOJs/lv9m4fh2Bf4BX5bn+F7IgOxtLEgAie8Ys=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:20 2024 by rpki-client on console-ams.rpki-client.org