Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36302e302f32342d3234203d3e20323039383234.roa
File: 3138352e3133302e36302e302f32342d3234203d3e20323039383234.roa (raw, json)
Hash identifier: /ZWZ+zszt3TNCj2yOoTJTCE/0H082SSXrxH7o4HYwGg=
Subject key identifier: 10:15:73:88:83:4B:17:11:69:5D:10:0A:B5:A9:31:87:3A:72:DE:70
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 54220BE63C7044FA428B88F6DCC958AD57CFBF2D
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36302e302f32342d3234203d3e20323039383234.roa
Signing time: Wed 24 Jul 2024 09:05:19 +0000
ROA not before: Wed 24 Jul 2024 09:00:19 +0000
ROA not after: Wed 23 Jul 2025 09:05:19 +0000
asID: 209824
IP address blocks: 185.130.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:22:0b:e6:3c:70:44:fa:42:8b:88:f6:dc:c9:58:ad:57:cf:bf:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Jul 24 09:00:19 2024 GMT
Not After : Jul 23 09:05:19 2025 GMT
Subject: CN=10157388834B1711695D100AB5A931873A72DE70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:76:50:40:25:5a:13:30:1b:7d:db:18:78:a6:
01:bd:b3:34:f8:85:56:3a:7b:37:ff:22:d9:a8:20:
66:b7:f7:2f:0e:eb:ca:8a:0c:d2:0f:18:d7:ed:da:
8b:c9:b2:b1:96:cc:29:b0:85:59:7e:49:22:8d:89:
22:8d:d2:99:2d:a5:75:61:14:a2:cc:02:da:28:05:
55:2b:67:13:47:57:c6:c9:82:fd:9d:b6:0b:8c:e4:
5e:18:b4:d1:cf:3d:4d:ab:18:97:4e:fb:5d:ae:1f:
20:ea:c6:1b:27:68:39:c0:54:8b:c9:6f:49:2d:00:
29:04:46:d9:9b:c9:41:d8:1a:59:06:e5:7c:d9:6c:
f3:7b:be:78:b8:76:91:df:89:c6:93:83:bc:fb:56:
79:fe:ba:14:e6:41:eb:0f:15:92:c8:87:e3:ff:7a:
85:59:48:d2:25:d5:1c:56:6f:b6:09:69:9a:bb:31:
a3:5b:87:d3:44:5c:99:34:bc:9b:bd:b5:d2:24:cd:
84:55:c5:16:fa:69:8f:e2:7e:64:73:96:fe:df:25:
87:c1:b3:3e:e1:b2:b2:f0:57:a2:84:f2:57:8c:50:
3f:65:9f:22:57:e7:6a:24:76:3f:8e:9f:f3:fe:d8:
bd:27:70:e8:14:d4:52:ff:de:66:50:e9:4c:66:b9:
28:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:15:73:88:83:4B:17:11:69:5D:10:0A:B5:A9:31:87:3A:72:DE:70
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36302e302f32342d3234203d3e20323039383234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.60.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:10:83:e9:c4:27:b8:a3:a8:16:ae:27:de:6f:97:2f:bb:2b:
08:25:97:ca:ea:a1:9a:f9:8c:e8:a7:f3:3d:84:59:1f:91:58:
3b:23:76:25:a6:6c:37:74:52:31:64:47:dc:8b:1e:5a:20:d3:
da:60:69:b0:73:5c:5d:6d:24:3a:fc:8c:8d:06:ba:fe:aa:11:
35:5c:6b:f7:aa:0f:61:d6:20:41:a1:19:88:24:54:fe:7b:7c:
06:0a:d8:26:92:35:69:d7:fc:b6:15:e1:57:c1:a7:46:34:bd:
a7:e4:44:35:15:cf:2d:fb:3d:7f:6d:ba:2d:f7:d0:8a:ec:a1:
3f:c3:8e:24:bf:3b:b2:12:9c:0a:01:45:9b:f9:c4:8f:4d:4b:
e2:cb:74:cc:76:87:5b:88:4b:6b:78:79:30:91:b7:e4:48:85:
d1:ee:8f:99:b4:36:20:b8:b9:a5:81:f9:ea:ec:42:0b:f6:cd:
f8:f7:f3:e4:96:79:cd:23:d4:17:2e:b0:2e:8b:ac:99:0e:64:
f5:98:9e:06:4a:be:8b:c3:00:2b:31:e9:ac:65:d6:06:b0:7d:
8f:45:07:08:8d:33:d5:97:f4:37:a3:b9:b9:0b:13:c8:fc:b0:
66:46:14:b3:bf:f0:97:b6:3a:0e:6a:a0:f2:6b:81:e6:7d:7d:
c4:bf:7f:34
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVCIL5jxwRPpCi4j23MlYrVfPvy0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNDA3MjQwOTAwMTlaFw0yNTA3MjMwOTA1MTlaMDMxMTAvBgNV
BAMTKDEwMTU3Mzg4ODM0QjE3MTE2OTVEMTAwQUI1QTkzMTg3M0E3MkRFNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzdlBAJVoTMBt92xh4pgG9szT4
hVY6ezf/ItmoIGa39y8O68qKDNIPGNft2ovJsrGWzCmwhVl+SSKNiSKN0pktpXVh
FKLMAtooBVUrZxNHV8bJgv2dtguM5F4YtNHPPU2rGJdO+12uHyDqxhsnaDnAVIvJ
b0ktACkERtmbyUHYGlkG5XzZbPN7vni4dpHficaTg7z7Vnn+uhTmQesPFZLIh+P/
eoVZSNIl1RxWb7YJaZq7MaNbh9NEXJk0vJu9tdIkzYRVxRb6aY/ifmRzlv7fJYfB
sz7hsrLwV6KE8leMUD9lnyJX52okdj+On/P+2L0ncOgU1FL/3mZQ6UxmuSh/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUEBVziINLFxFpXRAKtakxhzpy3nAwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMTMzMzAyZTM2
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzkzODMyMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5gjwwDQYJKoZIhvcNAQELBQADggEBAG4Qg+nEJ7ijqBauJ95vly+7Kwgll8rq
oZr5jOin8z2EWR+RWDsjdiWmbDd0UjFkR9yLHlog09pgabBzXF1tJDr8jI0Guv6q
ETVca/eqD2HWIEGhGYgkVP57fAYK2CaSNWnX/LYV4VfBp0Y0vafkRDUVzy37PX9t
ui330IrsoT/DjiS/O7ISnAoBRZv5xI9NS+LLdMx2h1uIS2t4eTCRt+RIhdHuj5m0
NiC4uaWB+ersQgv2zfj38+SWec0j1BcusC6LrJkOZPWYngZKvovDACsx6axl1gaw
fY9FBwiNM9WX9DejubkLE8j8sGZGFLO/8Je2Og5qoPJrgeZ9fcS/fzQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 07:03:46 2024 by rpki-client on console-fra.rpki-client.org