Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130372e302f32342d3234203d3e203231383539.roa
File: 3138352e3234302e3130372e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier: 6yyT/lSYz64kWrG5y/UL8jnnfCMJo6XEAFq3o0kuIM4=
Subject key identifier: C5:BB:DE:D7:27:82:91:19:EE:98:D0:B7:9E:6E:58:20:BC:D9:35:2E
Certificate issuer: /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial: 2DBFE6CF5FC0E49CB51E2035240F0B56BF98BB91
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130372e302f32342d3234203d3e203231383539.roa
Signing time: Mon 04 Nov 2024 06:06:10 +0000
ROA not before: Mon 04 Nov 2024 06:01:10 +0000
ROA not after: Mon 03 Nov 2025 06:06:10 +0000
asID: 21859
IP address blocks: 185.240.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.mft
rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:bf:e6:cf:5f:c0:e4:9c:b5:1e:20:35:24:0f:0b:56:bf:98:bb:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Validity
Not Before: Nov 4 06:01:10 2024 GMT
Not After : Nov 3 06:06:10 2025 GMT
Subject: CN=C5BBDED727829119EE98D0B79E6E5820BCD9352E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:be:e4:a0:b3:13:32:7f:6d:9f:74:9a:98:d5:
c9:b0:74:85:6c:72:c9:42:69:19:a8:12:d0:2b:20:
4b:7b:23:4e:39:06:3f:7b:e1:88:e3:0f:af:68:f1:
34:28:a0:7b:eb:de:ef:92:92:b9:01:cf:c8:6c:e0:
a1:8a:67:6f:57:bd:e4:61:69:99:3a:a8:58:ae:76:
26:18:42:87:b0:57:7d:cc:53:46:96:f6:3e:e4:a8:
81:50:5e:7b:8c:c8:62:d1:31:17:6f:d3:a2:50:6b:
ec:7d:4e:b1:f5:79:0b:3d:df:47:d4:a8:7d:df:a8:
6e:8e:ab:1b:b0:e7:7b:c9:e3:5c:d0:27:15:6b:84:
49:08:3b:d1:3a:8b:6e:88:fa:c0:6b:80:9e:36:93:
d9:b6:65:00:c4:42:e9:a3:11:09:d5:38:c7:81:83:
43:b9:dc:45:36:05:a1:76:9d:fd:db:d1:69:4c:7e:
15:fd:e1:b3:cc:1d:37:4a:ed:04:e3:7d:ff:05:d9:
b3:be:b2:9b:29:8c:ce:82:d8:fa:8d:d1:78:7d:60:
df:f2:b5:8b:c8:bc:24:93:ab:5f:d6:25:da:95:dc:
f0:aa:e2:f9:43:f6:68:b3:fc:e9:b0:74:0d:c3:07:
48:5c:71:a5:92:f4:6f:be:5e:2f:25:b8:29:78:76:
65:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:BB:DE:D7:27:82:91:19:EE:98:D0:B7:9E:6E:58:20:BC:D9:35:2E
X509v3 Authority Key Identifier:
keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130372e302f32342d3234203d3e203231383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.107.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:9f:0f:f5:ae:9a:ff:6d:9b:19:f4:ef:c2:0e:df:93:f4:b8:
5d:23:73:43:82:39:40:f3:0a:e5:74:41:70:a4:3c:02:08:3d:
30:f3:00:8c:cf:80:ca:3b:06:fb:c4:8b:e3:c8:97:c5:aa:d7:
cf:53:66:9d:81:f8:41:93:0c:7f:68:af:f0:34:87:2a:52:e9:
13:d3:dc:36:15:a9:fd:e5:c2:b7:8f:f5:be:9f:aa:59:f5:6e:
aa:4b:ba:7f:97:0e:68:25:fc:63:53:ca:87:89:94:67:d7:0f:
c2:de:ac:8e:d8:09:82:90:41:a1:e3:f2:a7:91:5e:03:ab:be:
3c:a8:cc:f6:ff:fb:ad:d1:27:b4:eb:2d:80:95:77:6f:02:13:
75:2f:9e:c5:e7:59:a0:a6:8e:01:f2:07:01:3f:d5:75:df:73:
4d:27:d6:b5:0b:36:b7:85:8c:63:d3:7c:f6:37:43:f3:43:1d:
2d:d5:f4:64:7b:f6:85:a8:e6:f4:32:ff:f9:b1:e5:bf:c9:22:
6c:71:b6:49:da:ed:e3:25:64:91:e4:35:6c:18:cb:d2:90:0b:
1b:21:72:a6:3d:b8:bc:ab:61:97:cf:ed:b5:b9:08:52:d8:b8:
19:3a:89:3f:22:3b:e8:d7:92:8a:80:58:77:95:c5:0e:8c:2e:
71:15:63:60
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULb/mz1/A5Jy1HiA1JA8LVr+Yu5EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNDExMDQwNjAxMTBaFw0yNTExMDMwNjA2MTBaMDMxMTAvBgNV
BAMTKEM1QkJERUQ3Mjc4MjkxMTlFRTk4RDBCNzlFNkU1ODIwQkNEOTM1MkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdvuSgsxMyf22fdJqY1cmwdIVs
cslCaRmoEtArIEt7I045Bj974YjjD69o8TQooHvr3u+SkrkBz8hs4KGKZ29XveRh
aZk6qFiudiYYQoewV33MU0aW9j7kqIFQXnuMyGLRMRdv06JQa+x9TrH1eQs930fU
qH3fqG6Oqxuw53vJ41zQJxVrhEkIO9E6i26I+sBrgJ42k9m2ZQDEQumjEQnVOMeB
g0O53EU2BaF2nf3b0WlMfhX94bPMHTdK7QTjff8F2bO+spspjM6C2PqN0Xh9YN/y
tYvIvCSTq1/WJdqV3PCq4vlD9miz/OmwdA3DB0hccaWS9G++Xi8luCl4dmXrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUxbve1yeCkRnumNC3nm5YILzZNS4wHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzEzODM1MmUzMjM0MzAyZTMx
MzAzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzODM1Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC58GswDQYJKoZIhvcNAQELBQADggEBACufD/Wumv9tmxn078IO35P0uF0jc0OC
OUDzCuV0QXCkPAIIPTDzAIzPgMo7BvvEi+PIl8Wq189TZp2B+EGTDH9or/A0hypS
6RPT3DYVqf3lwreP9b6fqln1bqpLun+XDmgl/GNTyoeJlGfXD8LerI7YCYKQQaHj
8qeRXgOrvjyozPb/+63RJ7TrLYCVd28CE3UvnsXnWaCmjgHyBwE/1XXfc00n1rUL
NreFjGPTfPY3Q/NDHS3V9GR79oWo5vQy//mx5b/JImxxtkna7eMlZJHkNWwYy9KQ
CxshcqY9uLyrYZfP7bW5CFLYuBk6iT8iO+jXkoqAWHeVxQ6MLnEVY2A=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:20 2024 by rpki-client on console-ams.rpki-client.org