Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232312e302f32342d3234203d3e203239383032.roa
File: 3138352e3230352e3232312e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: LVDrEFxXbxfLwQCqTayLir7KA1vTA6uEtKJx5WXjPaY=
Subject key identifier: 31:98:84:42:33:70:69:47:AA:D9:32:17:4A:48:6B:D5:56:CB:75:A5
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 7AD988FC47C35DD43F88106D138D553F0C88035B
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232312e302f32342d3234203d3e203239383032.roa
Signing time: Sun 10 Nov 2024 01:34:27 +0000
ROA not before: Sun 10 Nov 2024 01:29:27 +0000
ROA not after: Sun 09 Nov 2025 01:34:27 +0000
asID: 29802
IP address blocks: 185.205.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:d9:88:fc:47:c3:5d:d4:3f:88:10:6d:13:8d:55:3f:0c:88:03:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Nov 10 01:29:27 2024 GMT
Not After : Nov 9 01:34:27 2025 GMT
Subject: CN=3198844233706947AAD932174A486BD556CB75A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:52:31:2d:1a:83:3d:e0:2b:b1:0b:e8:c3:13:
69:75:23:82:11:e8:c4:cf:5b:4c:14:7a:a7:d8:a2:
3c:44:12:b9:f9:cc:65:4c:d5:38:f2:28:0d:1f:1d:
9e:b9:2c:9a:a0:7e:6f:0a:ac:c2:93:6d:57:77:8c:
75:56:46:ff:a3:e3:43:7b:d2:79:37:b8:5a:14:fe:
5d:6d:f2:79:12:ed:91:09:93:20:ff:a7:cd:a2:b4:
61:e2:53:59:e9:0e:f9:0e:b4:4d:8d:42:7d:d2:02:
da:8c:68:0e:b0:54:15:21:ba:9a:32:f5:81:8f:c3:
f5:b8:c5:89:ae:ee:92:70:10:e0:da:2d:ba:2a:d0:
01:45:7e:60:d1:3c:02:10:69:a5:7f:01:7b:50:43:
4a:dd:cd:c2:d0:85:f7:94:e4:a0:5a:34:4e:a0:c0:
00:fb:50:f4:8f:86:67:ae:bc:fc:1f:0e:80:3e:12:
06:75:b8:00:f8:d9:5c:36:c4:1d:29:a7:e5:0c:ca:
2f:87:ba:82:69:5a:e8:6a:f5:0e:63:90:74:b2:49:
6c:d4:b3:97:e7:99:60:68:02:8a:7f:e9:e8:a5:59:
be:86:17:f8:f2:9d:e7:17:9c:0e:a0:38:21:9a:02:
14:d1:45:74:70:ec:f2:80:88:84:d3:d5:5d:e2:68:
a5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:98:84:42:33:70:69:47:AA:D9:32:17:4A:48:6B:D5:56:CB:75:A5
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232312e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.221.0/24
Signature Algorithm: sha256WithRSAEncryption
06:71:fe:03:28:b7:a6:a8:2e:59:2f:2b:6e:56:92:eb:34:69:
ad:ba:e6:4e:f4:f4:fb:c9:d4:25:76:fb:83:6a:04:36:2e:fe:
33:a6:67:15:5d:33:0c:1a:e4:a7:e7:9d:27:d9:75:95:c3:37:
4c:57:41:a6:7f:19:e7:81:6d:44:bf:71:90:68:43:dc:84:ab:
a3:e0:8b:6b:59:80:8a:c1:bd:24:15:d2:c1:19:8f:66:23:cb:
9a:0b:95:64:d4:d2:56:87:ae:5e:16:21:6c:da:b0:da:6c:67:
35:47:c8:57:29:62:47:11:67:a3:9a:4e:57:88:2a:f3:d2:09:
3b:8d:16:fe:c6:77:79:b6:59:f2:3d:84:4a:38:d4:38:8c:36:
57:ed:f0:37:94:95:da:3d:aa:e4:f9:22:5d:c4:6c:44:73:cd:
38:b9:78:cd:f2:93:c0:1d:ee:8b:90:53:3b:e0:a3:1f:75:30:
23:41:0c:81:46:bd:bc:37:08:d5:14:22:bc:a8:9d:9e:e2:dc:
68:b9:4d:4d:a4:88:7f:8a:02:56:c9:68:ca:a1:a1:90:85:50:
fe:95:79:ea:fa:d5:01:5e:b6:1a:15:28:77:03:de:b8:53:d6:
e7:8c:4f:76:83:46:3a:7c:3e:d9:76:14:07:cb:b6:11:10:cc:
2f:88:d8:76
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUetmI/EfDXdQ/iBBtE41VPwyIA1swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDExMTAwMTI5MjdaFw0yNTExMDkwMTM0MjdaMDMxMTAvBgNV
BAMTKDMxOTg4NDQyMzM3MDY5NDdBQUQ5MzIxNzRBNDg2QkQ1NTZDQjc1QTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfUjEtGoM94CuxC+jDE2l1I4IR
6MTPW0wUeqfYojxEErn5zGVM1TjyKA0fHZ65LJqgfm8KrMKTbVd3jHVWRv+j40N7
0nk3uFoU/l1t8nkS7ZEJkyD/p82itGHiU1npDvkOtE2NQn3SAtqMaA6wVBUhupoy
9YGPw/W4xYmu7pJwEODaLboq0AFFfmDRPAIQaaV/AXtQQ0rdzcLQhfeU5KBaNE6g
wAD7UPSPhmeuvPwfDoA+EgZ1uAD42Vw2xB0pp+UMyi+HuoJpWuhq9Q5jkHSySWzU
s5fnmWBoAop/6eilWb6GF/jynecXnA6gOCGaAhTRRXRw7PKAiITT1V3iaKUjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUMZiEQjNwaUeq2TIXSkhr1VbLdaUwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzODM1MmUzMjMwMzUyZTMy
MzIzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5zd0wDQYJKoZIhvcNAQELBQADggEBAAZx/gMot6aoLlkvK25Wkus0aa265k70
9PvJ1CV2+4NqBDYu/jOmZxVdMwwa5KfnnSfZdZXDN0xXQaZ/GeeBbUS/cZBoQ9yE
q6Pgi2tZgIrBvSQV0sEZj2Yjy5oLlWTU0laHrl4WIWzasNpsZzVHyFcpYkcRZ6Oa
TleIKvPSCTuNFv7Gd3m2WfI9hEo41DiMNlft8DeUldo9quT5Il3EbERzzTi5eM3y
k8Ad7ouQUzvgox91MCNBDIFGvbw3CNUUIryonZ7i3Gi5TU2kiH+KAlbJaMqhoZCF
UP6Veer61QFethoVKHcD3rhT1ueMT3aDRjp8Ptl2FAfLthEQzC+I2HY=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org