Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234302e302f32342d3234203d3e20323039323432.roa
File: 3138352e3231332e3234302e302f32342d3234203d3e20323039323432.roa (raw, json)
Hash identifier: r/yhCg+H/V+gvgUqqXgm6SF+8gfop7ZrFjkciDc1VEs=
Subject key identifier: 7A:4C:B9:C8:02:14:5D:23:AD:60:C2:08:90:91:43:06:19:6A:2B:22
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 72CE7DF6D26C0D2FC41935BFD313B5B62724F41C
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234302e302f32342d3234203d3e20323039323432.roa
Signing time: Tue 05 Nov 2024 17:43:27 +0000
ROA not before: Tue 05 Nov 2024 17:38:27 +0000
ROA not after: Tue 04 Nov 2025 17:43:27 +0000
asID: 209242
IP address blocks: 185.213.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:ce:7d:f6:d2:6c:0d:2f:c4:19:35:bf:d3:13:b5:b6:27:24:f4:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Nov 5 17:38:27 2024 GMT
Not After : Nov 4 17:43:27 2025 GMT
Subject: CN=7A4CB9C802145D23AD60C20890914306196A2B22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0e:09:8b:e4:66:85:08:ca:7f:c8:7a:1e:68:
21:91:08:5a:eb:8f:bc:06:d6:40:0f:79:c2:5a:bf:
3d:a7:34:5d:82:57:87:ff:3f:9c:52:70:70:17:4b:
a0:3a:a9:d3:73:62:f6:3c:9b:72:a2:30:01:a7:68:
cf:09:70:dd:c4:69:d7:99:b4:30:4a:49:e5:b2:b2:
60:c4:fa:bd:ee:88:f8:28:f0:18:8e:3c:d9:73:b7:
67:44:e4:e3:de:94:07:59:05:ad:55:a6:e5:22:0f:
55:ab:eb:0b:fe:1a:b3:90:51:53:37:af:cb:bb:8f:
90:3a:95:d6:6b:14:a8:ed:cf:8c:f5:ab:cc:9c:2f:
58:93:a6:f3:d7:22:fb:75:2a:c3:ac:52:6a:ce:92:
5e:cc:6f:53:9a:57:fa:56:86:dd:2b:06:b4:d3:90:
c4:58:72:fd:97:81:e6:fe:2b:c7:9d:5e:59:81:66:
04:6a:43:50:f7:23:b0:d9:58:31:ae:6b:2d:bc:56:
31:ee:de:79:f4:af:b0:e6:46:6b:2a:c8:c9:ae:b1:
af:4e:34:5f:88:18:1b:d3:95:76:83:76:a9:bb:6e:
93:ba:d3:7e:da:01:03:47:15:af:57:a3:c9:9f:01:
aa:aa:6e:30:18:84:95:51:7a:07:8c:d7:29:7e:03:
19:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:4C:B9:C8:02:14:5D:23:AD:60:C2:08:90:91:43:06:19:6A:2B:22
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234302e302f32342d3234203d3e20323039323432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.240.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:e5:8e:12:ca:5c:19:da:a4:76:72:2e:97:43:99:5a:8a:b6:
c2:13:e1:fc:e8:6a:02:c7:05:27:4c:b2:3e:71:39:66:f3:f0:
ea:8a:fc:4d:04:ae:c4:cb:2c:16:f1:50:0f:87:d6:28:c3:d5:
9d:e1:7e:79:9e:62:11:85:f2:fc:2c:14:b3:57:98:9a:29:cd:
8e:f4:67:ce:97:89:27:67:9f:b6:9d:31:72:95:1a:5d:c1:54:
56:17:04:66:f4:a4:4e:d5:0b:27:fa:67:83:88:11:99:ea:dc:
44:6c:f9:77:12:fe:37:d5:88:08:98:bb:4d:1a:0a:96:33:ff:
b9:e5:cc:67:49:78:89:df:77:91:c6:9e:67:00:a9:43:2c:c8:
9b:96:4e:0c:93:e8:ff:ea:56:59:3f:7c:19:d5:1a:b6:91:76:
a1:1d:01:44:75:11:36:a3:0f:84:d1:98:d6:59:c8:4c:23:19:
33:9a:43:79:fd:f9:d2:28:d7:11:1a:f3:a6:6a:90:30:c5:4a:
a5:2b:b0:e9:58:95:ca:3e:a0:58:f6:bc:ab:2f:65:19:60:a5:
1e:83:37:b4:73:b6:b7:7c:0b:33:d7:68:d5:6c:cb:b9:ed:c1:
85:36:2d:3a:a4:41:f6:f7:42:6d:e4:a1:78:62:83:aa:fb:1a:
b5:00:eb:a7
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUcs599tJsDS/EGTW/0xO1tick9BwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNDExMDUxNzM4MjdaFw0yNTExMDQxNzQzMjdaMDMxMTAvBgNV
BAMTKDdBNENCOUM4MDIxNDVEMjNBRDYwQzIwODkwOTE0MzA2MTk2QTJCMjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKDgmL5GaFCMp/yHoeaCGRCFrr
j7wG1kAPecJavz2nNF2CV4f/P5xScHAXS6A6qdNzYvY8m3KiMAGnaM8JcN3EadeZ
tDBKSeWysmDE+r3uiPgo8BiOPNlzt2dE5OPelAdZBa1VpuUiD1Wr6wv+GrOQUVM3
r8u7j5A6ldZrFKjtz4z1q8ycL1iTpvPXIvt1KsOsUmrOkl7Mb1OaV/pWht0rBrTT
kMRYcv2Xgeb+K8edXlmBZgRqQ1D3I7DZWDGuay28VjHu3nn0r7DmRmsqyMmusa9O
NF+IGBvTlXaDdqm7bpO6037aAQNHFa9Xo8mfAaqqbjAYhJVRegeM1yl+AxmdAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUeky5yAIUXSOtYMIIkJFDBhlqKyIwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMxMzMyZTMy
MzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzOTMyMzQzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnV8DANBgkqhkiG9w0BAQsFAAOCAQEA2OWOEspcGdqkdnIul0OZWoq2whPh
/OhqAscFJ0yyPnE5ZvPw6or8TQSuxMssFvFQD4fWKMPVneF+eZ5iEYXy/CwUs1eY
minNjvRnzpeJJ2eftp0xcpUaXcFUVhcEZvSkTtULJ/png4gRmercRGz5dxL+N9WI
CJi7TRoKljP/ueXMZ0l4id93kcaeZwCpQyzIm5ZODJPo/+pWWT98GdUatpF2oR0B
RHURNqMPhNGY1lnITCMZM5pDef350ijXERrzpmqQMMVKpSuw6ViVyj6gWPa8qy9l
GWClHoM3tHO2t3wLM9do1WzLue3BhTYtOqRB9vdCbeSheGKDqvsatQDrpw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:51 2024 by rpki-client on console-fra.rpki-client.org