Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36322e302f32342d3234203d3e203239303636.roa
File: 3138352e3133302e36322e302f32342d3234203d3e203239303636.roa (raw, json)
Hash identifier: qJ6+uetbybUylRUdRxdMv8GfDEsBxGYl//0bJ0BDbj0=
Subject key identifier: 21:42:0E:C7:80:A0:45:BF:08:2E:9A:70:66:BF:0A:B8:56:D8:39:99
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 6E4658180133F43C26ED68F29E64CD6467B6B451
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36322e302f32342d3234203d3e203239303636.roa
Signing time: Tue 05 Dec 2023 17:05:08 +0000
ROA not before: Tue 05 Dec 2023 17:00:08 +0000
ROA not after: Tue 03 Dec 2024 17:05:08 +0000
asID: 29066
IP address blocks: 185.130.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:46:58:18:01:33:f4:3c:26:ed:68:f2:9e:64:cd:64:67:b6:b4:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Dec 5 17:00:08 2023 GMT
Not After : Dec 3 17:05:08 2024 GMT
Subject: CN=21420EC780A045BF082E9A7066BF0AB856D83999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:35:a4:a0:b7:80:93:ee:83:99:d2:8b:79:2a:
80:5f:2a:a7:dc:3d:0f:8e:b6:be:5d:d5:e6:8e:9d:
22:a9:e8:4b:fd:6d:3a:90:f3:d7:5a:e6:78:e7:e9:
b1:6e:47:f5:39:ec:c9:b7:08:51:45:6d:91:74:9f:
b0:4c:b2:c8:9e:32:8b:f7:0d:ae:84:b8:a4:f9:72:
e3:50:ca:7b:f6:da:58:ff:e1:ea:3b:84:29:34:95:
4f:be:8b:58:aa:2f:9c:3c:46:1e:84:20:f8:c6:25:
a5:39:cb:30:5a:54:b7:da:f8:9d:35:d9:2b:a0:07:
d4:b3:14:2e:4f:53:a5:61:79:b0:26:49:2f:85:80:
f6:d0:46:ec:59:16:48:14:b1:a0:d7:a8:17:27:3b:
05:a8:03:9c:0f:0d:3e:f6:05:a8:71:b7:05:80:aa:
52:3e:7d:bb:3e:f6:7f:41:29:5f:b9:44:55:0f:ac:
40:42:76:85:b8:6e:2e:b4:70:04:e5:c7:48:46:db:
7b:b9:ee:8a:c4:e3:16:fc:d2:7f:8e:61:d5:a7:16:
f3:fd:62:c4:d4:dc:de:7c:f6:dc:e7:c9:20:a0:df:
21:6d:e3:28:d0:39:c8:50:97:49:50:3c:58:f6:e1:
65:bc:ca:04:20:17:3b:0a:27:91:e8:a4:82:d3:94:
fa:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:42:0E:C7:80:A0:45:BF:08:2E:9A:70:66:BF:0A:B8:56:D8:39:99
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36322e302f32342d3234203d3e203239303636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.62.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:ea:d6:06:23:6f:4e:66:04:f7:ab:57:61:a9:a5:67:50:26:
29:49:6c:a4:f7:bf:c3:44:a4:5e:2e:93:87:82:ca:bc:ac:e6:
16:0f:12:c7:0b:73:cc:66:46:5e:15:fa:fc:42:cf:a2:55:e4:
63:40:68:f5:8a:e8:18:7d:8a:34:99:5d:83:ab:17:80:54:ac:
c5:6b:ab:9f:7b:59:ee:48:28:24:39:17:de:cd:0d:4c:83:c5:
4e:d5:d7:11:d0:6a:46:d8:2c:49:41:83:54:11:d0:00:fc:f1:
65:72:be:9d:7b:49:07:bb:67:55:8d:bf:95:7c:d9:27:53:6e:
e6:c4:ab:a9:f6:65:32:54:05:76:b3:b6:74:37:f8:40:31:dd:
9b:81:54:f6:e4:73:cc:4b:58:14:3d:8a:21:ed:5f:80:24:97:
11:97:e4:46:75:61:3d:7e:36:fd:ae:b4:3c:d2:57:bd:8a:dd:
42:2e:84:74:b5:6f:17:2c:ec:99:33:3e:ea:da:b2:49:83:40:
29:8d:9c:d8:36:7e:1f:29:70:a2:04:bd:a9:37:2d:4c:60:8f:
95:79:da:76:cf:da:8c:9b:74:de:3f:7e:af:02:ee:5a:b5:fa:
14:bd:fd:3b:0f:c0:9f:f5:67:5d:e4:3c:2a:22:53:25:f2:f3:
e2:66:be:05
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbkZYGAEz9Dwm7WjynmTNZGe2tFEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzEyMDUxNzAwMDhaFw0yNDEyMDMxNzA1MDhaMDMxMTAvBgNV
BAMTKDIxNDIwRUM3ODBBMDQ1QkYwODJFOUE3MDY2QkYwQUI4NTZEODM5OTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDNaSgt4CT7oOZ0ot5KoBfKqfc
PQ+Otr5d1eaOnSKp6Ev9bTqQ89da5njn6bFuR/U57Mm3CFFFbZF0n7BMssieMov3
Da6EuKT5cuNQynv22lj/4eo7hCk0lU++i1iqL5w8Rh6EIPjGJaU5yzBaVLfa+J01
2SugB9SzFC5PU6VhebAmSS+FgPbQRuxZFkgUsaDXqBcnOwWoA5wPDT72BahxtwWA
qlI+fbs+9n9BKV+5RFUPrEBCdoW4bi60cATlx0hG23u57orE4xb80n+OYdWnFvP9
YsTU3N589tznySCg3yFt4yjQOchQl0lQPFj24WW8ygQgFzsKJ5HopILTlPp1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUIUIOx4CgRb8ILppwZr8KuFbYOZkwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMTMzMzAyZTM2
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzAzNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uYI+MA0GCSqGSIb3DQEBCwUAA4IBAQDL6tYGI29OZgT3q1dhqaVnUCYpSWyk97/D
RKReLpOHgsq8rOYWDxLHC3PMZkZeFfr8Qs+iVeRjQGj1iugYfYo0mV2DqxeAVKzF
a6ufe1nuSCgkORfezQ1Mg8VO1dcR0GpG2CxJQYNUEdAA/PFlcr6de0kHu2dVjb+V
fNknU27mxKup9mUyVAV2s7Z0N/hAMd2bgVT25HPMS1gUPYoh7V+AJJcRl+RGdWE9
fjb9rrQ80le9it1CLoR0tW8XLOyZMz7q2rJJg0ApjZzYNn4fKXCiBL2pNy1MYI+V
edp2z9qMm3TeP36vAu5atfoUvf07D8Cf9Wdd5DwqIlMl8vPiZr4F
-----END CERTIFICATE-----
Generated at Sat May 4 05:41:46 2024 by rpki-client on console-fra.rpki-client.org