Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3138352e322e3230352e302f32342d3234203d3e203531303539.roa
File: 3138352e322e3230352e302f32342d3234203d3e203531303539.roa (raw, json)
Hash identifier: tM6AOBSdq8t/+b2jwQliXrToX+/NgR89RNEhgmdHZII=
Subject key identifier: 40:56:2F:7F:37:DA:A4:33:0E:67:F4:5C:EC:59:C4:19:56:A2:C6:2B
Certificate issuer: /CN=4502e63ce01cad239ac397bc2bb5e6c347dceeea
Certificate serial: 34991B1A42C5DA854C8D362DA29103B2027BCD03
Authority key identifier: 45:02:E6:3C:E0:1C:AD:23:9A:C3:97:BC:2B:B5:E6:C3:47:DC:EE:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3138352e322e3230352e302f32342d3234203d3e203531303539.roa
Signing time: Tue 08 Oct 2024 10:36:40 +0000
ROA not before: Tue 08 Oct 2024 10:31:40 +0000
ROA not after: Tue 07 Oct 2025 10:36:40 +0000
asID: 51059
IP address blocks: 185.2.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:99:1b:1a:42:c5:da:85:4c:8d:36:2d:a2:91:03:b2:02:7b:cd:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4502e63ce01cad239ac397bc2bb5e6c347dceeea
Validity
Not Before: Oct 8 10:31:40 2024 GMT
Not After : Oct 7 10:36:40 2025 GMT
Subject: CN=40562F7F37DAA4330E67F45CEC59C41956A2C62B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b0:9a:97:6c:ca:6c:dc:33:09:9c:74:a3:da:
57:76:f8:0a:a2:db:05:ab:8e:b6:eb:b6:bd:29:b3:
41:a8:b4:3c:01:ee:77:c3:55:79:22:0f:35:fe:4c:
a2:ca:d8:d3:b6:15:37:c4:6e:85:db:cc:36:eb:a3:
7c:b6:e4:2f:cc:a3:4b:92:52:53:c6:e4:eb:bc:eb:
57:22:7c:a9:f4:eb:98:6c:da:73:cf:f7:3e:ac:c7:
97:27:b6:7c:2b:11:94:18:d2:f6:37:ed:fc:46:20:
23:73:74:97:bf:d7:e6:88:71:63:c7:94:d7:d3:59:
f7:5c:a9:04:64:c9:e8:4e:a0:87:6d:24:a9:a8:bd:
fa:3f:34:51:ee:e4:67:42:aa:d1:6a:0e:65:0e:f0:
c9:7b:a4:91:66:51:fd:e7:6d:1b:dd:00:c7:90:38:
a3:9a:45:59:ad:d5:5e:c4:87:b7:79:52:85:79:49:
91:c0:8e:fa:05:26:0a:c0:cb:a1:38:e0:f4:8b:5f:
4d:a8:73:8c:65:40:e8:cb:7b:f4:dd:f3:c7:49:f7:
e5:cd:6c:f4:00:6b:27:5b:d7:a6:0b:64:16:7a:ec:
00:04:b3:0f:55:be:b4:e3:b7:19:d4:bd:80:2b:19:
b9:d0:a8:bf:32:f2:73:bb:c8:02:e5:07:64:75:e0:
c2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:56:2F:7F:37:DA:A4:33:0E:67:F4:5C:EC:59:C4:19:56:A2:C6:2B
X509v3 Authority Key Identifier:
keyid:45:02:E6:3C:E0:1C:AD:23:9A:C3:97:BC:2B:B5:E6:C3:47:DC:EE:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3138352e322e3230352e302f32342d3234203d3e203531303539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.205.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:6c:2a:f6:e5:51:31:3e:7b:b1:82:42:c0:02:2c:90:64:c3:
e6:32:19:3c:b3:77:b3:67:cc:5c:be:eb:10:89:66:31:e9:51:
5d:c3:b9:d1:35:e9:3b:da:e9:51:01:87:0b:d2:94:a7:2f:4f:
77:92:67:8d:84:6d:79:80:48:3a:8c:53:8a:8e:cf:2d:17:16:
b1:88:f7:66:73:fe:d3:a9:03:0f:9a:ca:40:be:17:34:7f:da:
c6:07:9f:35:ae:f7:f3:84:0d:2b:c5:97:4e:31:30:da:72:71:
be:72:5e:e6:ee:5c:46:21:52:62:62:2f:fa:4d:35:64:fb:53:
e5:75:5e:a9:63:cb:5a:4c:5e:d6:cc:64:0d:14:fd:8c:8a:69:
d9:dd:e5:5b:49:e6:95:9e:c4:5f:f8:b3:1c:d4:16:0d:98:c8:
e1:05:8a:39:ae:37:6d:c8:db:d1:30:6f:6a:dc:88:45:3c:1f:
07:cf:82:10:0c:89:74:ea:a3:16:1e:73:44:43:3f:3d:f9:bb:
75:b8:f7:76:27:80:de:56:43:d4:13:90:77:59:3d:0e:e2:ff:
6c:5e:90:33:40:97:67:90:8c:91:46:70:6d:9f:b8:d8:2f:f7:
c4:b2:67:9b:bd:ab:de:cc:15:96:1e:18:c9:61:e7:83:39:5c:
c4:98:1a:fb
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUNJkbGkLF2oVMjTYtopEDsgJ7zQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUwMmU2M2NlMDFjYWQyMzlhYzM5N2JjMmJiNWU2YzM0
N2RjZWVlYTAeFw0yNDEwMDgxMDMxNDBaFw0yNTEwMDcxMDM2NDBaMDMxMTAvBgNV
BAMTKDQwNTYyRjdGMzdEQUE0MzMwRTY3RjQ1Q0VDNTlDNDE5NTZBMkM2MkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzsJqXbMps3DMJnHSj2ld2+Aqi
2wWrjrbrtr0ps0GotDwB7nfDVXkiDzX+TKLK2NO2FTfEboXbzDbro3y25C/Mo0uS
UlPG5Ou861cifKn065hs2nPP9z6sx5cntnwrEZQY0vY37fxGICNzdJe/1+aIcWPH
lNfTWfdcqQRkyehOoIdtJKmovfo/NFHu5GdCqtFqDmUO8Ml7pJFmUf3nbRvdAMeQ
OKOaRVmt1V7Eh7d5UoV5SZHAjvoFJgrAy6E44PSLX02oc4xlQOjLe/Td88dJ9+XN
bPQAaydb16YLZBZ67AAEsw9VvrTjtxnUvYArGbnQqL8y8nO7yALlB2R14MLZAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUQFYvfzfapDMOZ/Rc7FnEGVaixiswHwYDVR0j
BBgwFoAURQLmPOAcrSOaw5e8K7Xmw0fc7uowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWRmMzNhNTctN2U0Zi00ODQ0LTg0ZTItYjcxNTNiNTUx
MWI0LzAvNDUwMkU2M0NFMDFDQUQyMzlBQzM5N0JDMkJCNUU2QzM0N0RDRUVFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JRTG1QT0FjclNPYXc1ZThLN1htdzBm
Yzd1by5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOWRmMzNhNTct
N2U0Zi00ODQ0LTg0ZTItYjcxNTNiNTUxMWI0LzAvMzEzODM1MmUzMjJlMzIzMDM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMTMwMzUzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkC
zTANBgkqhkiG9w0BAQsFAAOCAQEAimwq9uVRMT57sYJCwAIskGTD5jIZPLN3s2fM
XL7rEIlmMelRXcO50TXpO9rpUQGHC9KUpy9Pd5JnjYRteYBIOoxTio7PLRcWsYj3
ZnP+06kDD5rKQL4XNH/axgefNa7384QNK8WXTjEw2nJxvnJe5u5cRiFSYmIv+k01
ZPtT5XVeqWPLWkxe1sxkDRT9jIpp2d3lW0nmlZ7EX/izHNQWDZjI4QWKOa43bcjb
0TBvatyIRTwfB8+CEAyJdOqjFh5zREM/Pfm7dbj3dieA3lZD1BOQd1k9DuL/bF6Q
M0CXZ5CMkUZwbZ+42C/3xLJnm72r3swVlh4YyWHngzlcxJga+w==
-----END CERTIFICATE-----
Generated at Mon Nov 25 11:54:14 2024 by rpki-client on console-fra.rpki-client.org