Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36322e302f32342d3234203d3e203239303636.roa
File: 3138352e3133302e36322e302f32342d3234203d3e203239303636.roa (raw, json)
Hash identifier: mH/CiZmwU0yIfVsdjhTMAG/KAtonINfckXbmsVpawiw=
Subject key identifier: CE:BB:D5:4A:00:C2:37:FC:F9:9D:C8:A6:A1:62:9B:4C:6C:E2:F3:96
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 65D9E71555A148387E4EA71581C7F691F1460A8C
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36322e302f32342d3234203d3e203239303636.roa
Signing time: Tue 05 Nov 2024 17:43:27 +0000
ROA not before: Tue 05 Nov 2024 17:38:27 +0000
ROA not after: Tue 04 Nov 2025 17:43:27 +0000
asID: 29066
IP address blocks: 185.130.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:d9:e7:15:55:a1:48:38:7e:4e:a7:15:81:c7:f6:91:f1:46:0a:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Nov 5 17:38:27 2024 GMT
Not After : Nov 4 17:43:27 2025 GMT
Subject: CN=CEBBD54A00C237FCF99DC8A6A1629B4C6CE2F396
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:85:5c:83:cb:61:04:43:8b:3a:0d:80:4e:eb:
98:a6:4d:f7:40:68:83:6d:fc:56:f0:5c:2a:d3:77:
06:09:4e:01:41:71:c1:53:c7:bf:5e:79:c9:8a:f6:
c4:8f:f2:20:4f:96:63:cd:bc:42:5d:b3:0e:cc:68:
31:b8:c5:7e:bc:ad:a8:ed:18:8a:ed:0c:a9:af:a0:
b4:5e:6f:6c:96:67:78:e6:0a:ed:98:87:fc:9f:fa:
79:b4:f5:df:fd:3d:7d:44:f1:e5:73:75:bd:ce:1d:
5f:ba:12:9c:19:47:0c:da:2a:2f:de:7b:e1:65:07:
9f:f3:74:54:b5:23:bc:38:7c:a0:b0:29:e6:9c:d3:
82:5c:00:e8:35:ed:96:4c:85:6f:8e:0b:9b:c4:a7:
4f:69:aa:58:59:cc:a0:21:dd:a8:97:8c:06:1c:76:
2d:df:d8:69:69:01:cc:34:8c:76:10:24:b6:e3:6d:
e8:cd:b9:c0:b6:97:7d:4e:58:64:f2:88:fa:3a:eb:
7b:c5:78:7f:09:4d:cb:a8:cd:ea:7a:9c:e4:e4:dd:
d9:2f:ac:1c:22:fd:cd:96:a4:75:d4:11:30:49:13:
24:26:a3:58:77:0b:bb:b7:07:f2:86:ce:49:70:ca:
c9:65:90:ac:d9:a1:7c:0e:98:0e:c6:2f:80:18:56:
fe:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:BB:D5:4A:00:C2:37:FC:F9:9D:C8:A6:A1:62:9B:4C:6C:E2:F3:96
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36322e302f32342d3234203d3e203239303636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.62.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:1e:fb:68:bd:6d:62:a0:1d:8b:73:c2:5d:8b:87:d0:67:58:
d6:b7:81:42:c6:6d:51:71:27:15:f7:d8:ac:c2:b7:07:1e:37:
84:1a:0b:ad:51:70:e5:2a:dc:e0:59:75:29:0e:f5:09:f2:aa:
03:a2:89:3e:74:70:76:08:5e:c4:90:fd:f5:c1:f5:49:12:ef:
5a:0b:56:3f:d6:9e:b9:4b:ad:0e:37:a8:25:90:72:ca:7a:92:
d0:9e:e8:1e:b5:3f:2c:4c:c1:44:5b:2e:24:de:0c:7b:b8:ba:
f9:2e:c6:bb:1f:ec:02:c3:bb:5f:f0:26:88:ed:32:13:9e:a1:
9d:03:f5:59:ff:3c:1e:a8:af:69:f3:1d:2f:7e:f0:f8:52:d9:
16:ff:97:f0:ae:23:64:52:b2:b5:33:d5:64:c9:2f:3d:aa:05:
b5:e6:54:37:3d:ad:b9:83:65:ab:3e:64:3c:09:ba:74:83:d6:
88:c9:88:3b:59:4c:46:42:a6:3c:b7:26:fc:fe:0e:df:96:8d:
7a:46:61:ef:6f:a6:9e:57:a7:26:b8:a9:47:3b:95:53:f1:30:
36:60:08:2e:3f:93:4e:59:f8:41:1e:bd:78:de:a8:f6:ae:b8:
0a:82:3d:e8:70:c8:fd:3c:1b:83:14:ab:9f:4d:12:a2:48:8a:
6f:72:02:b0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZdnnFVWhSDh+TqcVgcf2kfFGCowwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNDExMDUxNzM4MjdaFw0yNTExMDQxNzQzMjdaMDMxMTAvBgNV
BAMTKENFQkJENTRBMDBDMjM3RkNGOTlEQzhBNkExNjI5QjRDNkNFMkYzOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChhVyDy2EEQ4s6DYBO65imTfdA
aINt/FbwXCrTdwYJTgFBccFTx79eecmK9sSP8iBPlmPNvEJdsw7MaDG4xX68rajt
GIrtDKmvoLReb2yWZ3jmCu2Yh/yf+nm09d/9PX1E8eVzdb3OHV+6EpwZRwzaKi/e
e+FlB5/zdFS1I7w4fKCwKeac04JcAOg17ZZMhW+OC5vEp09pqlhZzKAh3aiXjAYc
di3f2GlpAcw0jHYQJLbjbejNucC2l31OWGTyiPo663vFeH8JTcuozep6nOTk3dkv
rBwi/c2WpHXUETBJEyQmo1h3C7u3B/KGzklwysllkKzZoXwOmA7GL4AYVv4hAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUzrvVSgDCN/z5ncimoWKbTGzi85YwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMTMzMzAyZTM2
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzAzNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uYI+MA0GCSqGSIb3DQEBCwUAA4IBAQC4HvtovW1ioB2Lc8Jdi4fQZ1jWt4FCxm1R
cScV99iswrcHHjeEGgutUXDlKtzgWXUpDvUJ8qoDook+dHB2CF7EkP31wfVJEu9a
C1Y/1p65S60ON6glkHLKepLQnugetT8sTMFEWy4k3gx7uLr5Lsa7H+wCw7tf8CaI
7TITnqGdA/VZ/zweqK9p8x0vfvD4UtkW/5fwriNkUrK1M9VkyS89qgW15lQ3Pa25
g2WrPmQ8Cbp0g9aIyYg7WUxGQqY8tyb8/g7flo16RmHvb6aeV6cmuKlHO5VT8TA2
YAguP5NOWfhBHr143qj2rrgKgj3ocMj9PBuDFKufTRKiSIpvcgKw
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:20 2024 by rpki-client on console-ams.rpki-client.org