Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36332e302f32342d3234203d3e203332313831.roa
File: 3138352e3133302e36332e302f32342d3234203d3e203332313831.roa (raw, json)
Hash identifier: GFt7MPBQXAoRbBAZf/a6ypM3reYPwEU6C1kyEqDInRE=
Subject key identifier: BD:78:6D:D6:78:72:4B:79:5C:AE:11:35:8A:DD:C3:74:92:84:D5:90
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 231725BB2CF9901C23327DA46EBE956917A3D516
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36332e302f32342d3234203d3e203332313831.roa
Signing time: Mon 12 Aug 2024 09:05:19 +0000
ROA not before: Mon 12 Aug 2024 09:00:19 +0000
ROA not after: Mon 11 Aug 2025 09:05:19 +0000
asID: 32181
IP address blocks: 185.130.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:17:25:bb:2c:f9:90:1c:23:32:7d:a4:6e:be:95:69:17:a3:d5:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Aug 12 09:00:19 2024 GMT
Not After : Aug 11 09:05:19 2025 GMT
Subject: CN=BD786DD678724B795CAE11358ADDC3749284D590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:59:2c:7a:84:d8:9f:24:f2:6b:96:e7:cd:42:
fe:f9:07:0f:0e:8c:a9:95:7b:3e:d2:3f:df:23:5a:
9f:40:ce:1b:26:ea:3e:eb:c5:8f:69:47:84:b4:b0:
97:29:af:6c:3b:4f:9d:5a:49:5a:91:a9:4a:aa:bb:
f5:f7:44:ab:8b:1c:0c:54:88:92:61:6b:54:df:e1:
86:17:17:bb:76:0c:6f:03:5c:c5:03:70:c8:9e:72:
9d:eb:ea:50:0f:3f:5f:cb:71:3d:38:87:89:04:2a:
da:e3:1a:4c:1c:e6:7d:e1:71:96:8a:45:0a:2b:8c:
8b:a9:be:ae:1b:d7:9c:ee:a9:59:b0:48:00:f4:95:
37:5a:50:7e:cb:d1:54:22:3d:1c:03:bb:64:40:b1:
8c:d3:62:0c:98:31:d6:52:51:cb:da:8e:cc:2c:d4:
c3:32:9c:2e:70:a7:72:67:92:1e:fb:e8:6c:69:cd:
60:1a:fc:41:2c:ef:45:5f:3c:cc:e9:c5:0e:f4:25:
4c:d0:5d:59:c3:81:75:98:5c:54:cf:5e:9e:52:ab:
19:be:54:54:82:17:75:87:4a:44:9d:bb:02:b4:00:
d3:1f:07:43:16:c7:28:98:a2:6a:1d:0a:75:8d:54:
61:fe:65:ad:88:5b:9a:da:a4:0c:70:7d:57:a1:3b:
37:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:78:6D:D6:78:72:4B:79:5C:AE:11:35:8A:DD:C3:74:92:84:D5:90
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36332e302f32342d3234203d3e203332313831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.63.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:e1:cc:8d:81:b8:ef:4c:f7:b4:fb:4a:5b:d4:6c:fe:eb:5b:
f5:13:75:92:0c:58:f0:0e:3c:65:a2:ba:2d:44:e4:6a:18:cb:
0e:7a:4a:57:8b:a1:33:f2:ae:89:e7:c1:42:fb:16:b3:51:7c:
00:a5:de:31:25:61:59:c1:b3:db:65:c5:2e:b8:d8:1f:81:58:
fc:77:84:3f:19:1b:2e:a8:85:9a:e7:04:09:9c:bb:10:73:25:
4c:cd:d5:ab:67:db:56:69:06:7a:8e:9e:69:56:c7:56:82:cb:
4f:79:87:bc:4e:28:c4:fe:74:40:ff:60:de:67:ab:be:f9:63:
79:b7:fe:fc:ca:43:e5:7d:c0:8a:b4:e1:96:4b:76:b5:80:9b:
52:87:b0:27:1f:70:12:dc:4f:a0:10:77:75:3e:34:6e:88:9b:
10:1a:b7:99:f7:39:bb:4c:62:11:6b:7c:da:a4:2c:ad:c4:ba:
ec:a8:16:b0:16:35:bb:69:5e:92:8d:26:f5:14:63:72:8b:79:
11:b0:79:e4:35:ad:ee:d4:b0:42:8d:f3:1a:b1:c6:17:07:8c:
57:94:ec:92:17:44:a9:68:28:fd:e9:98:67:e9:d1:9b:2a:33:
60:c3:00:d3:5d:e3:e0:1e:59:56:5e:70:62:0a:7b:51:39:25:
b1:b3:65:3e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIxcluyz5kBwjMn2kbr6VaRej1RYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNDA4MTIwOTAwMTlaFw0yNTA4MTEwOTA1MTlaMDMxMTAvBgNV
BAMTKEJENzg2REQ2Nzg3MjRCNzk1Q0FFMTEzNThBRERDMzc0OTI4NEQ1OTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjWSx6hNifJPJrlufNQv75Bw8O
jKmVez7SP98jWp9Azhsm6j7rxY9pR4S0sJcpr2w7T51aSVqRqUqqu/X3RKuLHAxU
iJJha1Tf4YYXF7t2DG8DXMUDcMiecp3r6lAPP1/LcT04h4kEKtrjGkwc5n3hcZaK
RQorjIupvq4b15zuqVmwSAD0lTdaUH7L0VQiPRwDu2RAsYzTYgyYMdZSUcvajsws
1MMynC5wp3Jnkh776GxpzWAa/EEs70VfPMzpxQ70JUzQXVnDgXWYXFTPXp5Sqxm+
VFSCF3WHSkSduwK0ANMfB0MWxyiYomodCnWNVGH+Za2IW5rapAxwfVehOzcNAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUvXht1nhyS3lcrhE1it3DdJKE1ZAwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMTMzMzAyZTM2
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMyMzEzODMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uYI/MA0GCSqGSIb3DQEBCwUAA4IBAQCk4cyNgbjvTPe0+0pb1Gz+61v1E3WSDFjw
DjxlorotRORqGMsOekpXi6Ez8q6J58FC+xazUXwApd4xJWFZwbPbZcUuuNgfgVj8
d4Q/GRsuqIWa5wQJnLsQcyVMzdWrZ9tWaQZ6jp5pVsdWgstPeYe8TijE/nRA/2De
Z6u++WN5t/78ykPlfcCKtOGWS3a1gJtSh7AnH3AS3E+gEHd1PjRuiJsQGreZ9zm7
TGIRa3zapCytxLrsqBawFjW7aV6SjSb1FGNyi3kRsHnkNa3u1LBCjfMascYXB4xX
lOySF0SpaCj96Zhn6dGbKjNgwwDTXePgHllWXnBiCntROSWxs2U+
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:51 2024 by rpki-client on console-fra.rpki-client.org