Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130362e302f32342d3234203d3e20323134343538.roa
File: 3138352e3234302e3130362e302f32342d3234203d3e20323134343538.roa (raw, json)
Hash identifier: A4xSoaJgKGvgYyxTiRaQc7hyiiMELV+dvyPZYNnypk4=
Subject key identifier: 10:22:DD:CA:C9:51:F9:02:9C:33:0A:16:9A:F1:51:F8:D5:5B:38:D9
Certificate issuer: /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial: 46EAE3BC7AF3D3ADDA3EEEBC57CC76B5C3E23B54
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130362e302f32342d3234203d3e20323134343538.roa
Signing time: Wed 31 Jul 2024 14:20:04 +0000
ROA not before: Wed 31 Jul 2024 14:15:04 +0000
ROA not after: Wed 30 Jul 2025 14:20:04 +0000
asID: 214458
IP address blocks: 185.240.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.mft
rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:ea:e3:bc:7a:f3:d3:ad:da:3e:ee:bc:57:cc:76:b5:c3:e2:3b:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Validity
Not Before: Jul 31 14:15:04 2024 GMT
Not After : Jul 30 14:20:04 2025 GMT
Subject: CN=1022DDCAC951F9029C330A169AF151F8D55B38D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d0:c8:4f:3e:07:0f:a5:7c:c8:e4:63:76:a8:
a9:51:f7:c0:e5:24:11:1d:87:52:fa:49:ad:4f:e4:
73:5f:92:88:27:f3:ef:7b:5d:a4:cd:6a:d5:8c:50:
a1:a0:62:8a:c1:e9:11:a7:b5:8e:bb:6e:bc:1b:2b:
08:d9:86:4d:f3:1e:37:4e:83:a8:cb:36:e7:dc:e9:
2c:1f:32:51:bb:fc:02:24:a5:f9:4c:ed:9c:6c:34:
61:b7:20:a4:ff:12:b1:de:7f:02:08:34:0a:d1:62:
7b:42:1b:6e:43:8c:0b:ac:10:5d:b4:25:9c:07:de:
30:75:e1:47:81:13:a5:f6:ca:c6:ed:04:dd:e8:8a:
50:61:01:ee:27:68:9d:72:42:db:2b:c7:fa:73:7f:
cb:32:45:d8:d6:b4:06:57:b8:44:af:46:22:55:5c:
e1:14:a3:7c:d3:91:65:29:01:53:3a:47:0e:34:9f:
18:c5:b4:49:cc:6b:57:bc:78:05:bd:6d:b8:be:fa:
ca:fc:22:da:88:24:95:92:90:c2:3c:28:f0:97:df:
29:9a:59:67:5a:b0:8a:72:e5:48:83:ef:43:c8:c6:
3e:a3:8b:07:4c:54:54:f8:ed:04:83:00:e4:8a:cc:
72:70:f1:ff:5d:4a:eb:d2:80:71:9a:df:c4:70:6d:
24:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:22:DD:CA:C9:51:F9:02:9C:33:0A:16:9A:F1:51:F8:D5:5B:38:D9
X509v3 Authority Key Identifier:
keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130362e302f32342d3234203d3e20323134343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.106.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:77:93:3d:cf:55:54:af:38:08:e3:75:27:7b:6a:00:c7:47:
e0:ce:74:f9:fe:8c:41:53:21:05:8a:f4:a9:26:36:09:a6:3d:
34:0e:85:66:44:5d:c2:24:69:5c:2d:15:7d:91:0a:c2:e1:b5:
a0:3c:f5:e5:7a:02:47:76:f2:d9:dd:91:c6:2f:4d:53:c6:d1:
a8:04:40:d5:10:f8:c7:7b:6b:26:bb:72:78:c4:0d:4f:c4:e4:
9c:48:8d:69:cd:3b:98:16:c3:d7:b2:b8:9c:35:cc:89:c0:bb:
e0:81:b2:e5:96:3d:56:1c:69:7e:61:9f:e5:f1:2d:ab:ae:02:
7d:01:76:9f:d7:bf:78:4c:2b:34:84:8a:5a:61:d7:72:6f:20:
8b:de:77:cc:d8:b8:ec:0d:c0:65:97:00:34:91:b7:0c:0c:22:
87:08:48:20:ad:09:7f:2a:f3:ff:f7:8b:a8:4f:f5:dd:2f:76:
eb:28:eb:78:03:37:94:c2:9d:40:e2:57:1b:29:86:e0:db:14:
10:0e:9c:17:9d:52:84:9d:53:5a:f4:00:a0:4e:88:2a:50:f3:
53:ef:ab:a1:7b:e9:8e:86:0f:61:0d:e0:e0:93:d3:cf:75:40:
02:d4:9f:79:f1:33:4d:50:61:04:73:7b:f2:d0:8b:a9:b9:0e:
85:46:18:72
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIURurjvHrz063aPu68V8x2tcPiO1QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNDA3MzExNDE1MDRaFw0yNTA3MzAxNDIwMDRaMDMxMTAvBgNV
BAMTKDEwMjJERENBQzk1MUY5MDI5QzMzMEExNjlBRjE1MUY4RDU1QjM4RDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC60MhPPgcPpXzI5GN2qKlR98Dl
JBEdh1L6Sa1P5HNfkogn8+97XaTNatWMUKGgYorB6RGntY67brwbKwjZhk3zHjdO
g6jLNufc6SwfMlG7/AIkpflM7ZxsNGG3IKT/ErHefwIINArRYntCG25DjAusEF20
JZwH3jB14UeBE6X2ysbtBN3oilBhAe4naJ1yQtsrx/pzf8syRdjWtAZXuESvRiJV
XOEUo3zTkWUpAVM6Rw40nxjFtEnMa1e8eAW9bbi++sr8ItqIJJWSkMI8KPCX3yma
WWdasIpy5UiD70PIxj6jiwdMVFT47QSDAOSKzHJw8f9dSuvSgHGa38RwbSRJAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUECLdyslR+QKcMwoWmvFR+NVbONkwHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzEzODM1MmUzMjM0MzAyZTMx
MzAzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNDM0MzUzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnwajANBgkqhkiG9w0BAQsFAAOCAQEAo3eTPc9VVK84CON1J3tqAMdH4M50
+f6MQVMhBYr0qSY2CaY9NA6FZkRdwiRpXC0VfZEKwuG1oDz15XoCR3by2d2Rxi9N
U8bRqARA1RD4x3trJrtyeMQNT8TknEiNac07mBbD17K4nDXMicC74IGy5ZY9Vhxp
fmGf5fEtq64CfQF2n9e/eEwrNISKWmHXcm8gi953zNi47A3AZZcANJG3DAwihwhI
IK0Jfyrz//eLqE/13S926yjreAM3lMKdQOJXGymG4NsUEA6cF51ShJ1TWvQAoE6I
KlDzU++roXvpjoYPYQ3g4JPTz3VAAtSfefEzTVBhBHN78tCLqbkOhUYYcg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:59:02 2024 by rpki-client on console-ams.rpki-client.org