Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234302e302f32342d3234203d3e203239353338.roa
File: 3138352e3231332e3234302e302f32342d3234203d3e203239353338.roa (raw, json)
Hash identifier: c6J8mvfOMHWT/47wQXuEIqFLmJz4zDG8wpaoriJPmJo=
Subject key identifier: 54:FD:04:96:02:10:F0:08:E2:62:43:14:AF:72:8A:84:B7:61:33:D4
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 0C5D14891FAE97A4409522ECD44E2CB4C44B03A4
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234302e302f32342d3234203d3e203239353338.roa
Signing time: Tue 05 Dec 2023 17:05:08 +0000
ROA not before: Tue 05 Dec 2023 17:00:08 +0000
ROA not after: Tue 03 Dec 2024 17:05:08 +0000
asID: 29538
IP address blocks: 185.213.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:5d:14:89:1f:ae:97:a4:40:95:22:ec:d4:4e:2c:b4:c4:4b:03:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Dec 5 17:00:08 2023 GMT
Not After : Dec 3 17:05:08 2024 GMT
Subject: CN=54FD04960210F008E2624314AF728A84B76133D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:35:16:cd:0e:80:8f:2c:44:10:67:a5:71:31:
61:b9:62:9a:b4:9c:5d:35:92:05:5c:ab:ab:aa:be:
4f:4d:49:0c:80:4e:94:80:fa:c7:77:73:a6:16:7f:
07:c6:b2:57:a7:dc:b9:b4:8c:6f:bd:7d:56:3a:53:
00:b5:f9:a9:b1:bf:3d:73:6c:74:ba:dc:5a:c4:0a:
8a:92:16:7b:ab:b8:06:34:43:03:0b:b4:d5:3f:6e:
19:fe:c7:84:6d:df:5b:5b:19:87:83:71:03:88:5b:
1a:22:9a:5f:1a:c8:7f:1f:e1:61:03:21:68:c4:c4:
72:b0:f8:8f:51:ff:b3:38:93:b9:1e:23:fb:9a:5d:
a5:d4:ca:6d:80:2b:90:28:7a:5e:c5:ad:bf:d3:0b:
cc:7a:57:a8:29:ec:cd:c3:06:aa:b7:37:17:1f:09:
91:6d:fc:a0:e0:ae:b4:bb:0b:dd:82:a5:f9:98:e0:
ab:5b:be:ed:25:7d:a7:99:4f:bd:34:06:53:ec:67:
0f:11:2c:f2:5f:3c:b4:d4:21:7d:94:31:04:92:15:
2f:9b:38:3b:c0:5b:b3:2c:80:88:46:04:fe:6f:b0:
de:cd:d3:85:99:cd:fe:21:7c:bd:7d:27:2d:5c:1b:
ab:4b:c9:9a:5f:c8:92:af:75:5a:31:ab:af:b2:ad:
66:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:FD:04:96:02:10:F0:08:E2:62:43:14:AF:72:8A:84:B7:61:33:D4
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234302e302f32342d3234203d3e203239353338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.240.0/24
Signature Algorithm: sha256WithRSAEncryption
02:05:e9:af:4f:3d:d5:c8:44:20:23:f3:37:6d:02:f4:f6:d4:
9b:94:29:e9:9d:4c:04:0a:87:89:f3:a0:8a:35:38:8f:b3:25:
16:d6:a2:12:5b:f5:58:0a:2f:d3:c9:c9:81:32:37:3d:02:2d:
66:36:8f:0f:5d:22:8d:29:0a:6a:9d:cc:fa:ca:91:b2:06:db:
87:4c:4d:2b:9f:04:c8:47:a6:07:7e:e0:18:43:c8:21:88:a8:
47:37:42:ba:82:23:26:ba:8c:7c:6e:5a:48:c6:f6:47:48:b1:
94:93:2e:d5:d4:ea:2b:36:86:98:4d:58:c2:6b:9b:0d:32:2d:
ee:56:0a:fd:09:37:ee:58:ba:68:4f:2b:67:a0:bd:74:a9:da:
39:e9:4d:51:97:9a:4f:52:b3:0b:6b:bf:4b:f9:16:48:ad:9f:
b2:65:38:50:ca:e2:70:6b:b7:07:46:92:53:16:e0:11:55:1f:
26:2a:0d:10:37:75:b0:23:f7:f7:65:ef:79:76:40:0f:fa:e0:
c0:2b:d2:aa:3c:89:a2:4b:b4:af:7a:f5:1e:9c:da:ad:6f:1b:
7f:be:77:01:36:ee:ce:bf:7a:d8:22:c1:37:c7:c6:79:78:3f:
e0:6e:9b:4a:4e:70:e8:f7:63:2f:c1:cd:20:72:e3:8d:14:c0:
d1:75:87:38
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDF0UiR+ul6RAlSLs1E4stMRLA6QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzEyMDUxNzAwMDhaFw0yNDEyMDMxNzA1MDhaMDMxMTAvBgNV
BAMTKDU0RkQwNDk2MDIxMEYwMDhFMjYyNDMxNEFGNzI4QTg0Qjc2MTMzRDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDNRbNDoCPLEQQZ6VxMWG5Ypq0
nF01kgVcq6uqvk9NSQyATpSA+sd3c6YWfwfGslen3Lm0jG+9fVY6UwC1+amxvz1z
bHS63FrECoqSFnuruAY0QwMLtNU/bhn+x4Rt31tbGYeDcQOIWxoiml8ayH8f4WED
IWjExHKw+I9R/7M4k7keI/uaXaXUym2AK5Aoel7Frb/TC8x6V6gp7M3DBqq3Nxcf
CZFt/KDgrrS7C92CpfmY4Ktbvu0lfaeZT700BlPsZw8RLPJfPLTUIX2UMQSSFS+b
ODvAW7MsgIhGBP5vsN7N04WZzf4hfL19Jy1cG6tLyZpfyJKvdVoxq6+yrWZlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUVP0ElgIQ8AjiYkMUr3KKhLdhM9QwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMxMzMyZTMy
MzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzkzNTMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51fAwDQYJKoZIhvcNAQELBQADggEBAAIF6a9PPdXIRCAj8zdtAvT21JuUKemd
TAQKh4nzoIo1OI+zJRbWohJb9VgKL9PJyYEyNz0CLWY2jw9dIo0pCmqdzPrKkbIG
24dMTSufBMhHpgd+4BhDyCGIqEc3QrqCIya6jHxuWkjG9kdIsZSTLtXU6is2hphN
WMJrmw0yLe5WCv0JN+5YumhPK2egvXSp2jnpTVGXmk9Sswtrv0v5Fkitn7JlOFDK
4nBrtwdGklMW4BFVHyYqDRA3dbAj9/dl73l2QA/64MAr0qo8iaJLtK969R6c2q1v
G3++dwE27s6/etgiwTfHxnl4P+Bum0pOcOj3Yy/BzSBy440UwNF1hzg=
-----END CERTIFICATE-----
Generated at Fri May 17 17:36:40 2024 by rpki-client on console-fra.rpki-client.org