Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234302e302f32342d3234203d3e203239353338.roa
File: 3138352e3231332e3234302e302f32342d3234203d3e203239353338.roa (raw, json)
Hash identifier: gcrezpbkvcqBnSLpZetM8bEEnNHAAsTxciJcMFM8hRM=
Subject key identifier: 3B:BD:5F:44:C5:5C:03:F5:32:03:A9:A8:54:EB:4A:F5:B5:4C:B6:B6
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 78F2B11BA187EE4092FF66E60C6BCDCFCE9DE45F
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234302e302f32342d3234203d3e203239353338.roa
Signing time: Tue 05 Nov 2024 17:43:27 +0000
ROA not before: Tue 05 Nov 2024 17:38:27 +0000
ROA not after: Tue 04 Nov 2025 17:43:27 +0000
asID: 29538
IP address blocks: 185.213.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:f2:b1:1b:a1:87:ee:40:92:ff:66:e6:0c:6b:cd:cf:ce:9d:e4:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Nov 5 17:38:27 2024 GMT
Not After : Nov 4 17:43:27 2025 GMT
Subject: CN=3BBD5F44C55C03F53203A9A854EB4AF5B54CB6B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:47:9c:97:e7:27:62:05:48:34:d5:8c:52:f8:
03:aa:78:eb:10:b2:ca:ac:6b:0c:82:d5:ee:74:e8:
d0:d7:be:40:0c:57:76:1a:46:c3:dc:e7:7e:21:b3:
ed:80:fd:95:6b:81:bc:e7:30:46:6a:3b:54:8d:27:
bb:0d:2a:2c:b4:bb:f1:d3:83:28:0c:62:2b:a5:d0:
09:fa:35:f5:e2:2e:3a:a4:83:83:42:d3:a0:d8:95:
64:8e:ea:43:7a:8c:6f:0d:78:23:8d:5c:e5:c3:c7:
e1:84:f3:7a:7e:3e:7a:f8:96:57:c8:f0:c3:84:d6:
f0:b0:4f:b3:04:7e:0a:c4:e3:ac:7b:9a:f4:06:69:
94:96:5f:5e:51:69:c1:68:d4:83:20:68:05:ce:ec:
f6:1b:da:c3:54:75:fe:38:89:82:dc:fb:c5:df:28:
df:6a:f9:61:ec:4a:b3:04:b7:bf:9a:e1:33:5b:ca:
36:79:0c:31:2f:dd:95:ba:9d:72:25:4e:2b:bd:a1:
5d:ac:9b:92:bc:49:d2:20:6c:14:d1:8a:ba:3f:78:
59:8c:bd:6a:51:bd:2c:67:47:78:10:12:4d:b0:7a:
3a:84:33:d8:82:f9:8d:2e:32:6f:99:12:b8:b2:d1:
26:b3:58:20:91:2b:99:e4:3b:47:d4:9a:fb:11:77:
f6:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:BD:5F:44:C5:5C:03:F5:32:03:A9:A8:54:EB:4A:F5:B5:4C:B6:B6
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234302e302f32342d3234203d3e203239353338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.240.0/24
Signature Algorithm: sha256WithRSAEncryption
18:cc:2f:bb:36:a4:17:55:b7:28:c9:a3:6a:3e:00:fd:e7:27:
81:ad:5b:b0:99:a8:70:aa:2f:20:7d:d2:30:97:4d:35:22:97:
de:e6:59:8a:72:5a:9a:4d:de:e0:22:d5:ba:55:05:e9:c8:9a:
05:ae:c6:09:70:9d:8a:dc:c9:6a:1a:0d:95:73:2a:01:35:e6:
ee:4d:b1:e7:23:23:64:5d:b0:b4:bf:58:f7:6e:f7:cc:ee:ad:
5c:87:fb:95:04:2f:23:8f:d0:b4:aa:72:0b:0d:be:33:a6:6e:
05:7c:95:f1:30:22:1f:aa:bd:a4:3a:2d:f5:72:08:16:ac:3f:
e8:2c:2a:82:ec:fc:fd:36:58:82:85:8d:fe:18:2e:da:42:0f:
ca:dd:57:b8:5a:4a:da:29:0a:66:c0:ae:45:6b:77:bc:fc:12:
b3:52:16:d7:40:4c:35:3e:3d:43:69:54:48:d7:8d:d3:80:1d:
f0:5e:b8:75:3a:c8:29:b6:1b:d9:d8:0c:c4:e0:2f:a4:49:e8:
63:5d:ac:48:23:64:c9:74:2a:89:7d:9c:a3:de:cb:e5:7a:e5:
ae:7b:f8:25:fe:ac:f4:b5:13:c8:81:a6:83:2c:80:72:8a:9d:
4b:e5:08:a1:7c:a8:d5:59:ed:31:73:ef:e3:b4:72:98:d1:11:
35:8c:7e:29
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUePKxG6GH7kCS/2bmDGvNz86d5F8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNDExMDUxNzM4MjdaFw0yNTExMDQxNzQzMjdaMDMxMTAvBgNV
BAMTKDNCQkQ1RjQ0QzU1QzAzRjUzMjAzQTlBODU0RUI0QUY1QjU0Q0I2QjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVR5yX5ydiBUg01YxS+AOqeOsQ
ssqsawyC1e506NDXvkAMV3YaRsPc534hs+2A/ZVrgbznMEZqO1SNJ7sNKiy0u/HT
gygMYiul0An6NfXiLjqkg4NC06DYlWSO6kN6jG8NeCONXOXDx+GE83p+Pnr4llfI
8MOE1vCwT7MEfgrE46x7mvQGaZSWX15RacFo1IMgaAXO7PYb2sNUdf44iYLc+8Xf
KN9q+WHsSrMEt7+a4TNbyjZ5DDEv3ZW6nXIlTiu9oV2sm5K8SdIgbBTRiro/eFmM
vWpRvSxnR3gQEk2wejqEM9iC+Y0uMm+ZEriy0SazWCCRK5nkO0fUmvsRd/a1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUO71fRMVcA/UyA6moVOtK9bVMtrYwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMxMzMyZTMy
MzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzkzNTMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51fAwDQYJKoZIhvcNAQELBQADggEBABjML7s2pBdVtyjJo2o+AP3nJ4GtW7CZ
qHCqLyB90jCXTTUil97mWYpyWppN3uAi1bpVBenImgWuxglwnYrcyWoaDZVzKgE1
5u5NsecjI2RdsLS/WPdu98zurVyH+5UELyOP0LSqcgsNvjOmbgV8lfEwIh+qvaQ6
LfVyCBasP+gsKoLs/P02WIKFjf4YLtpCD8rdV7haStopCmbArkVrd7z8ErNSFtdA
TDU+PUNpVEjXjdOAHfBeuHU6yCm2G9nYDMTgL6RJ6GNdrEgjZMl0Kol9nKPey+V6
5a57+CX+rPS1E8iBpoMsgHKKnUvlCKF8qNVZ7TFz7+O0cpjRETWMfik=
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:41:51 2024 by rpki-client on console-ams.rpki-client.org