Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232332e302f32342d3234203d3e20323132333834.roa
File: 3138352e3230352e3232332e302f32342d3234203d3e20323132333834.roa (raw, json)
Hash identifier: qbHpWGRyz/Gb2T0E9zWIRGi0XkeTAjHC/vPAunanyQY=
Subject key identifier: 41:3A:C7:DB:C8:A9:04:F1:48:E7:24:54:23:D4:99:78:42:C1:74:FB
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 22027197E53AE0353CDBB839F6A01E9F3CC21852
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232332e302f32342d3234203d3e20323132333834.roa
Signing time: Mon 11 Nov 2024 07:23:41 +0000
ROA not before: Mon 11 Nov 2024 07:18:41 +0000
ROA not after: Mon 10 Nov 2025 07:23:41 +0000
asID: 212384
IP address blocks: 185.205.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:02:71:97:e5:3a:e0:35:3c:db:b8:39:f6:a0:1e:9f:3c:c2:18:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Nov 11 07:18:41 2024 GMT
Not After : Nov 10 07:23:41 2025 GMT
Subject: CN=413AC7DBC8A904F148E7245423D4997842C174FB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:29:2e:fa:fb:17:4d:94:0a:2b:50:87:5d:ef:
11:9e:4f:d6:a1:55:da:6e:da:68:bb:0b:5f:74:b0:
7e:9f:0a:85:0a:2f:9f:18:00:23:f8:c9:39:01:02:
dc:75:d4:67:41:7d:88:b5:76:bc:50:4a:1b:8e:8a:
29:49:43:b3:71:5a:65:69:15:b7:ff:e8:e6:f1:db:
d1:5b:ce:3b:4f:14:0a:36:02:38:23:4c:81:80:b9:
b9:0c:3f:50:6b:2b:f1:cb:c7:b2:94:11:7f:7a:62:
b4:4a:7c:3a:9c:4d:87:6f:5a:51:95:ec:f9:11:f3:
ca:95:ed:a0:df:4f:0f:44:1d:89:e3:f1:dd:01:a9:
6a:9d:c1:d9:b1:92:90:62:81:3b:15:da:59:8a:e3:
f9:3a:ee:43:e2:a6:c9:20:f1:9c:4f:ab:a9:7f:31:
14:52:a1:33:7a:3f:98:ac:c9:47:2b:ad:d1:2d:9d:
1e:2e:d5:3d:c7:dc:37:35:df:7d:97:67:17:76:99:
32:aa:af:53:fa:f0:ae:e1:9d:bd:73:c8:00:88:04:
40:b0:0a:06:05:d5:3a:2d:0b:f8:7b:37:a6:c7:9c:
41:d0:e8:c2:b9:40:e4:bf:7d:38:d9:8d:9b:9c:1b:
73:83:12:04:91:9c:fd:4b:e5:09:42:93:d9:f8:82:
42:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:3A:C7:DB:C8:A9:04:F1:48:E7:24:54:23:D4:99:78:42:C1:74:FB
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232332e302f32342d3234203d3e20323132333834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.223.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:dd:ec:7e:e1:71:8d:19:af:33:e5:9e:85:5e:44:a4:c9:e2:
36:a7:ef:22:61:24:b3:87:bf:11:00:da:61:08:36:fe:ec:7a:
8c:84:8f:8a:b6:b4:0d:3d:69:0f:1c:31:5d:f9:0e:38:5a:5a:
41:c5:c3:db:fe:91:54:14:14:92:d9:1d:05:e5:65:28:2b:af:
18:84:c2:ab:5e:79:af:1d:6e:fd:ee:b0:b5:ca:67:b6:dc:4a:
2e:1b:46:54:39:a1:f5:c7:c3:63:b6:c7:0c:55:9d:8c:93:f8:
b9:8c:35:76:38:91:36:5e:0f:07:01:df:2e:a4:b4:5b:d4:a1:
81:f9:35:ec:84:7d:03:43:89:c7:07:fa:c0:f0:8e:95:ff:26:
5e:3d:78:5f:88:ea:4d:3e:9a:b0:c6:af:7f:7a:8e:c7:c2:16:
f6:13:30:43:2f:74:ec:4a:9c:2c:7c:62:6b:ab:44:b4:46:a4:
42:17:bb:23:ab:7e:2a:95:95:01:71:68:85:ee:4d:d5:00:be:
c3:98:d0:65:b4:75:3b:75:07:4f:6b:31:94:e5:5c:e5:5a:8f:
ed:1b:1a:4f:29:9e:72:e0:a9:35:0d:dd:62:b5:68:c6:7b:e5:
53:9f:91:1b:aa:e8:14:92:31:cf:95:25:b7:a0:3e:72:f8:c5:
ee:5c:07:3f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUIgJxl+U64DU827g59qAenzzCGFIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDExMTEwNzE4NDFaFw0yNTExMTAwNzIzNDFaMDMxMTAvBgNV
BAMTKDQxM0FDN0RCQzhBOTA0RjE0OEU3MjQ1NDIzRDQ5OTc4NDJDMTc0RkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcKS76+xdNlAorUIdd7xGeT9ah
Vdpu2mi7C190sH6fCoUKL58YACP4yTkBAtx11GdBfYi1drxQShuOiilJQ7NxWmVp
Fbf/6Obx29FbzjtPFAo2AjgjTIGAubkMP1BrK/HLx7KUEX96YrRKfDqcTYdvWlGV
7PkR88qV7aDfTw9EHYnj8d0BqWqdwdmxkpBigTsV2lmK4/k67kPipskg8ZxPq6l/
MRRSoTN6P5isyUcrrdEtnR4u1T3H3Dc1332XZxd2mTKqr1P68K7hnb1zyACIBECw
CgYF1TotC/h7N6bHnEHQ6MK5QOS/fTjZjZucG3ODEgSRnP1L5QlCk9n4gkKvAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUQTrH28ipBPFI5yRUI9SZeELBdPswHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzODM1MmUzMjMwMzUyZTMy
MzIzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMzMzgzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnN3zANBgkqhkiG9w0BAQsFAAOCAQEAOt3sfuFxjRmvM+WehV5EpMniNqfv
ImEks4e/EQDaYQg2/ux6jISPira0DT1pDxwxXfkOOFpaQcXD2/6RVBQUktkdBeVl
KCuvGITCq155rx1u/e6wtcpnttxKLhtGVDmh9cfDY7bHDFWdjJP4uYw1djiRNl4P
BwHfLqS0W9Shgfk17IR9A0OJxwf6wPCOlf8mXj14X4jqTT6asMavf3qOx8IW9hMw
Qy907EqcLHxia6tEtEakQhe7I6t+KpWVAXFohe5N1QC+w5jQZbR1O3UHT2sxlOVc
5VqP7RsaTymecuCpNQ3dYrVoxnvlU5+RG6roFJIxz5Ult6A+cvjF7lwHPw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org