Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3131312e3138392e302f32342d3234203d3e203631303934.roa
File: 3138352e3131312e3138392e302f32342d3234203d3e203631303934.roa (raw, json)
Hash identifier: 7GvIeRHulthBUpjBqsqDj1rm4KiFcp0loCD/HDsOBdE=
Subject key identifier: EC:CF:D8:5B:F7:D1:24:4E:59:18:5F:36:C2:26:31:6F:E0:CF:9D:3C
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 3B57D68DF43F3C21A9159AB8283EEAF67C3DF4FD
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3131312e3138392e302f32342d3234203d3e203631303934.roa
Signing time: Tue 05 Nov 2024 17:43:27 +0000
ROA not before: Tue 05 Nov 2024 17:38:27 +0000
ROA not after: Tue 04 Nov 2025 17:43:27 +0000
asID: 61094
IP address blocks: 185.111.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:57:d6:8d:f4:3f:3c:21:a9:15:9a:b8:28:3e:ea:f6:7c:3d:f4:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Nov 5 17:38:27 2024 GMT
Not After : Nov 4 17:43:27 2025 GMT
Subject: CN=ECCFD85BF7D1244E59185F36C226316FE0CF9D3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:31:7c:89:d0:52:a8:8a:05:f1:97:a0:f8:fd:
34:b8:73:39:f5:13:9f:a0:a5:34:37:48:d6:cc:dc:
f7:5b:e1:f2:53:13:5d:93:27:a8:e0:51:4c:60:a5:
e6:91:3f:af:dd:46:da:76:a4:af:30:06:af:63:4e:
a2:1f:62:64:85:ee:fc:f5:c2:b9:01:a4:52:7e:38:
20:2c:6b:c7:6b:08:a2:ca:0c:63:95:4e:ba:ab:6d:
4e:fe:a1:a7:2c:1c:51:7b:fb:51:6c:06:7d:74:f0:
ed:13:4c:75:d2:14:0b:ac:aa:d1:6a:12:bc:df:c9:
56:af:0d:16:be:c4:8c:da:3e:06:fc:48:11:e0:33:
21:5b:05:e9:42:e6:51:ff:50:78:e7:10:6a:f0:0b:
17:10:af:80:78:43:84:53:40:70:ee:43:4a:97:da:
f7:0c:a5:56:87:8e:de:57:66:63:92:5d:6e:25:d7:
74:2f:9d:aa:4b:7a:9a:23:b1:ee:76:84:7a:3d:6b:
7c:0c:a2:b5:8e:38:2f:84:a8:03:de:de:b8:d5:b7:
21:a5:1c:70:67:90:28:36:27:75:25:85:7a:30:e5:
e7:d1:ee:97:a1:a6:12:11:9b:99:37:a7:47:91:df:
05:99:74:56:96:3a:d4:c8:d0:a7:37:ad:f3:12:7d:
f7:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:CF:D8:5B:F7:D1:24:4E:59:18:5F:36:C2:26:31:6F:E0:CF:9D:3C
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3131312e3138392e302f32342d3234203d3e203631303934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.189.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:35:64:93:b0:4e:93:be:44:ec:d0:19:8b:49:5d:d5:38:8c:
4b:b3:50:ad:09:37:72:5f:69:29:33:7a:26:e9:78:45:77:13:
86:f4:b5:aa:69:ce:42:b0:8f:3d:c7:39:36:2e:e7:24:9b:b2:
86:4e:0e:fb:62:81:89:10:c4:bb:b6:b1:90:2c:e8:d0:f8:59:
2e:27:9a:65:01:e0:af:4a:53:77:8f:bc:bc:6c:92:02:6a:bc:
e5:51:53:6c:00:04:d1:af:a7:3e:be:33:9d:88:2c:51:7c:d1:
9e:60:9c:10:11:97:e0:e1:00:21:48:60:f4:72:56:34:a2:7f:
9b:45:ba:f5:33:1f:2c:53:44:37:0e:ce:a2:6f:60:72:de:26:
ba:d9:76:e9:91:6b:09:97:84:ec:e8:43:70:64:27:cc:d8:7a:
c1:30:7f:aa:21:5b:88:1b:db:62:bb:ed:dc:17:a6:8c:87:6c:
db:a6:df:c2:a3:3f:80:96:0d:f8:ca:ce:8c:dc:2c:8d:8e:f7:
69:fc:e4:bf:4a:fa:cf:39:4f:1f:d7:9c:67:f4:95:d9:e5:99:
fd:f0:ef:ed:8e:5f:b1:b6:0c:11:df:29:34:54:3a:fe:08:57:
e7:0c:26:12:76:bd:03:60:40:16:99:25:06:96:9c:7b:3f:4d:
16:96:5a:e4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUO1fWjfQ/PCGpFZq4KD7q9nw99P0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNDExMDUxNzM4MjdaFw0yNTExMDQxNzQzMjdaMDMxMTAvBgNV
BAMTKEVDQ0ZEODVCRjdEMTI0NEU1OTE4NUYzNkMyMjYzMTZGRTBDRjlEM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvMXyJ0FKoigXxl6D4/TS4czn1
E5+gpTQ3SNbM3Pdb4fJTE12TJ6jgUUxgpeaRP6/dRtp2pK8wBq9jTqIfYmSF7vz1
wrkBpFJ+OCAsa8drCKLKDGOVTrqrbU7+oacsHFF7+1FsBn108O0TTHXSFAusqtFq
ErzfyVavDRa+xIzaPgb8SBHgMyFbBelC5lH/UHjnEGrwCxcQr4B4Q4RTQHDuQ0qX
2vcMpVaHjt5XZmOSXW4l13QvnapLepojse52hHo9a3wMorWOOC+EqAPe3rjVtyGl
HHBnkCg2J3UlhXow5efR7pehphIRm5k3p0eR3wWZdFaWOtTI0Kc3rfMSfffvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU7M/YW/fRJE5ZGF82wiYxb+DPnTwwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMTMxMzEyZTMx
MzgzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMDM5MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5b70wDQYJKoZIhvcNAQELBQADggEBAE41ZJOwTpO+ROzQGYtJXdU4jEuzUK0J
N3JfaSkzeibpeEV3E4b0tappzkKwjz3HOTYu5ySbsoZODvtigYkQxLu2sZAs6ND4
WS4nmmUB4K9KU3ePvLxskgJqvOVRU2wABNGvpz6+M52ILFF80Z5gnBARl+DhACFI
YPRyVjSif5tFuvUzHyxTRDcOzqJvYHLeJrrZdumRawmXhOzoQ3BkJ8zYesEwf6oh
W4gb22K77dwXpoyHbNum38KjP4CWDfjKzozcLI2O92n85L9K+s85Tx/XnGf0ldnl
mf3w7+2OX7G2DBHfKTRUOv4IV+cMJhJ2vQNgQBaZJQaWnHs/TRaWWuQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 07:03:46 2024 by rpki-client on console-fra.rpki-client.org