Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234302e302f32342d3234203d3e20323039323432.roa
File: 3138352e3231332e3234302e302f32342d3234203d3e20323039323432.roa (raw, json)
Hash identifier: EnNwy2xFlI4sC9gh8bFCybzasUjDGX7KORklyXPZBog=
Subject key identifier: 32:20:70:F6:F0:5E:8B:19:F2:C4:EA:DE:40:AC:4D:24:92:00:AA:49
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 124A9B7D766F682B3AAC0DEDC1D01ECEB8632D07
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234302e302f32342d3234203d3e20323039323432.roa
Signing time: Tue 05 Dec 2023 17:05:08 +0000
ROA not before: Tue 05 Dec 2023 17:00:08 +0000
ROA not after: Tue 03 Dec 2024 17:05:08 +0000
asID: 209242
IP address blocks: 185.213.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:4a:9b:7d:76:6f:68:2b:3a:ac:0d:ed:c1:d0:1e:ce:b8:63:2d:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Dec 5 17:00:08 2023 GMT
Not After : Dec 3 17:05:08 2024 GMT
Subject: CN=322070F6F05E8B19F2C4EADE40AC4D249200AA49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:12:66:b4:da:41:a1:5c:87:74:f1:6d:2e:cc:
96:44:9c:08:75:46:8f:31:8c:37:73:b5:6a:76:9e:
64:f4:44:93:74:ee:9f:a5:0c:99:7e:e4:f7:d9:b8:
ed:c5:72:6c:36:e3:da:3d:fb:fc:23:f8:a2:48:08:
f3:84:74:90:4a:c4:f4:b9:1a:17:69:e2:6d:77:e9:
fa:74:89:4a:a1:6a:bb:d9:ef:73:f3:99:7a:80:13:
ca:92:39:31:c7:76:52:a2:16:60:01:85:83:31:dc:
e0:b0:ab:e6:e4:e1:88:52:ec:0f:5d:c6:d4:4d:0b:
8d:fa:76:3a:62:06:d5:73:29:4c:33:a6:a8:0a:5f:
47:b9:96:11:b9:21:3c:d0:90:33:4b:48:9e:df:a7:
45:b1:06:a8:cf:5d:5c:d1:bd:14:b3:09:ed:33:86:
44:cb:3e:bc:0c:dc:a3:d2:91:b6:57:db:ca:df:33:
a8:a6:65:8e:0f:82:04:f8:11:fb:ac:0f:a4:92:97:
97:fa:6b:02:98:54:c1:9c:67:61:50:5f:21:1e:fe:
cf:40:2d:65:ca:6e:77:8b:d4:66:67:81:e5:c2:9f:
1c:49:9d:b4:33:36:33:19:8c:41:27:7f:d2:2d:89:
44:26:dd:b9:cf:e3:53:78:ff:83:62:19:1a:40:46:
f8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:20:70:F6:F0:5E:8B:19:F2:C4:EA:DE:40:AC:4D:24:92:00:AA:49
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234302e302f32342d3234203d3e20323039323432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.240.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:e4:62:28:ee:99:79:0d:94:11:f4:93:1c:5a:c9:ce:1a:d6:
e6:ef:7a:8b:08:b6:fa:c0:61:f4:90:08:0e:d9:68:0e:4f:c1:
17:5e:98:57:f9:5d:e1:ed:a7:5b:87:96:04:b3:37:dd:d6:eb:
49:12:e6:82:5f:af:6c:c9:3a:82:e9:a0:71:51:58:c8:92:2b:
f3:79:29:44:d3:06:e0:8d:f2:06:f4:a6:15:fe:0f:e4:49:b2:
71:35:02:d0:49:f1:59:a9:c5:bb:6f:fe:53:5d:6f:39:c3:cc:
6e:11:63:bd:9f:56:09:8e:74:c0:1f:8d:37:f6:1e:eb:94:c5:
4c:7d:e8:c3:d9:7f:a9:b1:7f:50:f2:05:4e:68:bb:5f:dc:14:
b8:b5:29:ea:17:ef:94:de:ab:13:ed:77:88:eb:7b:1d:50:af:
e1:de:4c:55:81:5f:0e:54:4a:33:8f:40:63:c8:e8:c6:45:0b:
75:3a:5c:4e:11:4c:dd:4c:5c:47:8f:fe:13:32:1a:25:6d:0f:
23:77:5c:9f:84:99:b0:6c:6a:73:7d:df:06:bb:ad:90:e9:8a:
c6:bc:b3:c0:1c:97:1e:74:08:90:e6:be:f7:e8:47:e5:eb:84:
d5:83:e1:17:12:19:a8:c3:ff:1a:f0:0f:7f:cc:c3:63:5c:32:
8f:e7:56:87
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUEkqbfXZvaCs6rA3twdAezrhjLQcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzEyMDUxNzAwMDhaFw0yNDEyMDMxNzA1MDhaMDMxMTAvBgNV
BAMTKDMyMjA3MEY2RjA1RThCMTlGMkM0RUFERTQwQUM0RDI0OTIwMEFBNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQEma02kGhXId08W0uzJZEnAh1
Ro8xjDdztWp2nmT0RJN07p+lDJl+5PfZuO3Fcmw249o9+/wj+KJICPOEdJBKxPS5
Ghdp4m136fp0iUqharvZ73PzmXqAE8qSOTHHdlKiFmABhYMx3OCwq+bk4YhS7A9d
xtRNC436djpiBtVzKUwzpqgKX0e5lhG5ITzQkDNLSJ7fp0WxBqjPXVzRvRSzCe0z
hkTLPrwM3KPSkbZX28rfM6imZY4PggT4EfusD6SSl5f6awKYVMGcZ2FQXyEe/s9A
LWXKbneL1GZngeXCnxxJnbQzNjMZjEEnf9ItiUQm3bnP41N4/4NiGRpARvg5AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUMiBw9vBeixnyxOreQKxNJJIAqkkwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMxMzMyZTMy
MzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzOTMyMzQzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnV8DANBgkqhkiG9w0BAQsFAAOCAQEATORiKO6ZeQ2UEfSTHFrJzhrW5u96
iwi2+sBh9JAIDtloDk/BF16YV/ld4e2nW4eWBLM33dbrSRLmgl+vbMk6gumgcVFY
yJIr83kpRNMG4I3yBvSmFf4P5EmycTUC0EnxWanFu2/+U11vOcPMbhFjvZ9WCY50
wB+NN/Ye65TFTH3ow9l/qbF/UPIFTmi7X9wUuLUp6hfvlN6rE+13iOt7HVCv4d5M
VYFfDlRKM49AY8joxkULdTpcThFM3UxcR4/+EzIaJW0PI3dcn4SZsGxqc33fBrut
kOmKxryzwByXHnQIkOa+9+hH5euE1YPhFxIZqMP/GvAPf8zDY1wyj+dWhw==
-----END CERTIFICATE-----
Generated at Tue May 7 02:32:17 2024 by rpki-client on console-fra.rpki-client.org