Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3131312e3138382e302f32342d3234203d3e203632353633.roa
File: 3138352e3131312e3138382e302f32342d3234203d3e203632353633.roa (raw, json)
Hash identifier: 1mp0f8eHaMQpRA78Gkk4jwOU31yHu1aUXXw7yDxnVEo=
Subject key identifier: 35:85:48:B0:5D:7E:EA:4C:A2:35:46:3B:05:36:CE:B4:EE:D2:72:DA
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 54ED855A426674FD865D8376DAC797F30F833266
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3131312e3138382e302f32342d3234203d3e203632353633.roa
Signing time: Mon 18 Mar 2024 18:05:14 +0000
ROA not before: Mon 18 Mar 2024 18:00:14 +0000
ROA not after: Mon 17 Mar 2025 18:05:14 +0000
asID: 62563
IP address blocks: 185.111.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:ed:85:5a:42:66:74:fd:86:5d:83:76:da:c7:97:f3:0f:83:32:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Mar 18 18:00:14 2024 GMT
Not After : Mar 17 18:05:14 2025 GMT
Subject: CN=358548B05D7EEA4CA235463B0536CEB4EED272DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e1:25:f6:74:3c:da:81:b1:c7:e1:d2:b8:b6:
82:65:5c:ec:42:33:e2:ec:16:fa:84:a6:5b:91:f6:
4f:a8:76:b7:9b:3c:d4:45:b4:70:b5:ad:cf:66:cc:
fe:9d:28:70:05:bf:48:58:37:a2:39:f0:5a:a1:95:
38:49:33:ef:1d:c3:06:76:62:77:fe:7d:6a:9c:b5:
c9:cb:54:ae:22:dc:b2:d5:39:61:18:17:65:40:33:
a8:25:a9:fb:b3:30:c7:b9:41:b3:4b:6a:24:82:ff:
22:43:5d:e4:a1:ff:a0:c2:b8:47:c4:d4:d4:60:c3:
55:b2:93:3a:9d:71:1d:d4:da:e8:74:7c:b8:c1:3c:
f8:ac:6b:67:b5:dd:c6:57:db:8c:73:ed:f5:eb:75:
0f:2e:c3:00:21:e9:ab:c3:7a:de:37:45:2a:b7:7f:
4c:f8:76:cb:ef:86:61:6c:04:e6:ce:aa:ab:33:5e:
f8:15:2b:5e:ef:9b:23:eb:79:d4:04:62:e3:cd:62:
d1:8b:5c:82:a9:9b:d1:90:6d:89:69:a6:46:50:c8:
30:8e:27:2f:4f:d4:8d:af:9f:f4:f3:f9:a7:ff:2b:
5a:f0:5c:c0:ff:91:93:ac:f7:9f:58:21:9f:1d:82:
d2:2d:f1:a9:2e:d3:c0:d1:4b:a1:f4:c6:7d:bf:23:
b8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:85:48:B0:5D:7E:EA:4C:A2:35:46:3B:05:36:CE:B4:EE:D2:72:DA
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3131312e3138382e302f32342d3234203d3e203632353633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.188.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:71:31:0a:a6:0f:09:3e:95:24:f6:f2:42:20:80:66:1b:93:
b0:f3:7b:3f:c5:d1:2f:3c:68:c1:7e:c8:0e:fb:16:5d:7b:dd:
a8:c7:f4:f7:ff:5a:7a:5a:e6:3f:06:90:df:ff:70:47:31:09:
54:64:0a:71:a6:8e:85:c6:d9:3f:49:11:f6:4d:d3:5d:9a:57:
19:64:30:7a:1f:5f:11:a3:f4:08:f8:14:4e:b2:7f:3b:b3:2b:
72:b5:33:26:8e:9b:79:fc:3e:24:d1:d9:19:73:51:25:f1:2e:
fd:d5:ef:b5:b1:44:60:6c:fd:55:36:82:b0:07:9d:38:16:16:
1d:b3:57:75:c3:0e:1d:88:f6:21:cb:a6:de:c3:47:b4:bc:ab:
8e:bb:b2:17:13:de:00:dd:4d:01:5f:ce:08:c4:22:e0:85:ea:
43:fe:19:0e:10:41:91:43:a2:e0:fd:f6:5d:36:5e:c4:a9:5c:
51:72:d1:80:41:64:be:81:d4:c1:4f:3f:24:ca:88:32:e7:fa:
73:26:6c:46:06:04:3a:dc:fd:dc:ce:79:b1:81:61:6b:4d:46:
79:41:33:8b:63:a7:6b:70:b6:8c:67:b4:5d:0b:4c:d8:71:74:
11:35:bc:ad:b9:0a:2a:bb:6c:f5:96:6b:6a:bf:bc:4e:19:49:
06:6f:89:84
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVO2FWkJmdP2GXYN22seX8w+DMmYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNDAzMTgxODAwMTRaFw0yNTAzMTcxODA1MTRaMDMxMTAvBgNV
BAMTKDM1ODU0OEIwNUQ3RUVBNENBMjM1NDYzQjA1MzZDRUI0RUVEMjcyREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC44SX2dDzagbHH4dK4toJlXOxC
M+LsFvqEpluR9k+odrebPNRFtHC1rc9mzP6dKHAFv0hYN6I58FqhlThJM+8dwwZ2
Ynf+fWqctcnLVK4i3LLVOWEYF2VAM6glqfuzMMe5QbNLaiSC/yJDXeSh/6DCuEfE
1NRgw1WykzqdcR3U2uh0fLjBPPisa2e13cZX24xz7fXrdQ8uwwAh6avDet43RSq3
f0z4dsvvhmFsBObOqqszXvgVK17vmyPredQEYuPNYtGLXIKpm9GQbYlppkZQyDCO
Jy9P1I2vn/Tz+af/K1rwXMD/kZOs959YIZ8dgtIt8aku08DRS6H0xn2/I7hNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUNYVIsF1+6kyiNUY7BTbOtO7SctowHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMTMxMzEyZTMx
MzgzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzIzNTM2MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5b7wwDQYJKoZIhvcNAQELBQADggEBAMhxMQqmDwk+lST28kIggGYbk7Dzez/F
0S88aMF+yA77Fl173ajH9Pf/Wnpa5j8GkN//cEcxCVRkCnGmjoXG2T9JEfZN012a
VxlkMHofXxGj9Aj4FE6yfzuzK3K1MyaOm3n8PiTR2RlzUSXxLv3V77WxRGBs/VU2
grAHnTgWFh2zV3XDDh2I9iHLpt7DR7S8q467shcT3gDdTQFfzgjEIuCF6kP+GQ4Q
QZFDouD99l02XsSpXFFy0YBBZL6B1MFPPyTKiDLn+nMmbEYGBDrc/dzOebGBYWtN
RnlBM4tjp2twtoxntF0LTNhxdBE1vK25Ciq7bPWWa2q/vE4ZSQZviYQ=
-----END CERTIFICATE-----
Generated at Sun Nov 24 14:06:24 2024 by rpki-client on console-ams.rpki-client.org