Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234302e302f32342d3234203d3e2033323233.roa
File: 3138352e3231332e3234302e302f32342d3234203d3e2033323233.roa (raw, json)
Hash identifier: MZau10zedWMcfacP+tAKMz6NiJl4IfcotdHySIsuAvo=
Subject key identifier: EC:42:C0:F2:7F:7D:1B:81:56:1D:06:25:35:79:16:6C:14:3A:F0:45
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 2A1EC7DEBBF31AE1ABAE5D9EF2FF17E7F0BEE78A
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234302e302f32342d3234203d3e2033323233.roa
Signing time: Fri 15 Nov 2024 04:43:28 +0000
ROA not before: Fri 15 Nov 2024 04:38:28 +0000
ROA not after: Fri 14 Nov 2025 04:43:28 +0000
asID: 3223
IP address blocks: 185.213.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:1e:c7:de:bb:f3:1a:e1:ab:ae:5d:9e:f2:ff:17:e7:f0:be:e7:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Nov 15 04:38:28 2024 GMT
Not After : Nov 14 04:43:28 2025 GMT
Subject: CN=EC42C0F27F7D1B81561D06253579166C143AF045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f2:24:66:05:2d:25:e6:e9:38:1a:e4:40:a6:
cf:be:c2:82:5c:1c:34:a7:da:44:ad:9c:a1:99:84:
e5:ac:6a:7c:e4:da:a5:9d:a9:4e:b9:7c:c2:2a:1d:
fe:48:49:03:23:1a:86:42:77:21:c1:c4:9d:fa:df:
65:49:26:43:69:9c:cb:36:f0:fb:62:99:e9:ef:39:
d1:da:4a:22:25:42:6c:68:bb:82:87:bd:51:27:08:
48:87:c3:77:62:24:56:15:e5:f7:91:61:74:be:30:
88:d3:b5:62:7e:43:4d:7b:11:33:31:60:66:25:15:
03:58:77:f7:c7:72:09:c7:37:eb:03:48:fe:c2:b6:
11:ed:df:13:00:ca:2d:39:2d:c3:27:82:81:cf:2f:
7d:26:bd:c1:e2:18:fa:9b:90:42:29:e9:83:8b:61:
4d:28:bf:c9:f9:82:d8:02:16:62:91:22:eb:69:0e:
e9:ac:f5:e9:3c:27:dc:b5:19:8c:4e:0f:7b:cc:d9:
81:62:07:47:56:4a:b2:59:64:9d:b7:fd:70:48:22:
7b:2d:71:7d:37:7a:d2:ff:0d:57:09:f6:1f:57:0d:
1e:ff:74:a6:b3:93:0b:14:d3:fa:f1:c4:57:f2:88:
0c:0f:d5:43:a7:87:65:8a:d6:9d:d2:42:e5:3e:18:
41:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:42:C0:F2:7F:7D:1B:81:56:1D:06:25:35:79:16:6C:14:3A:F0:45
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234302e302f32342d3234203d3e2033323233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.240.0/24
Signature Algorithm: sha256WithRSAEncryption
73:ef:3c:14:5f:30:7f:06:b2:21:a6:8b:93:02:c5:61:21:14:
33:5f:0b:4b:68:4c:3c:ae:e8:47:64:33:43:10:1e:37:9d:b9:
ac:dd:d8:4a:e6:ae:17:da:34:ab:00:a9:5b:6d:32:d5:d0:d4:
0d:b6:92:73:48:38:6d:e4:09:e0:b9:35:b2:47:6e:5a:33:39:
3e:a7:2c:32:3a:72:de:e3:76:67:73:3c:a8:61:c3:c9:29:e5:
d5:9b:39:89:0b:b0:e5:c9:b0:30:bd:a7:c2:fe:26:02:b9:6b:
3a:71:1d:5a:bd:dd:26:63:ba:92:80:7c:94:d3:46:23:72:73:
0b:7c:47:c6:8c:94:93:a0:9c:ed:90:3e:68:74:59:ed:7f:0f:
f6:4e:ad:00:66:3e:1b:37:04:8f:3b:ec:83:93:e2:13:1b:df:
fe:8f:ce:67:16:e8:44:49:d0:43:0b:38:0f:63:1f:fa:32:32:
0d:04:c0:90:a8:2d:38:8e:5e:4d:11:2a:4e:56:fb:96:0e:4b:
c2:94:20:79:c3:b3:47:fd:0e:33:e6:f9:82:64:49:3f:26:10:
0b:08:32:af:44:b1:3d:8e:dd:c2:09:2f:68:1b:ac:42:36:e9:
e5:55:d4:c3:8e:d4:df:7b:27:20:30:fc:50:d1:32:9f:35:49:
21:d5:a2:9e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKh7H3rvzGuGrrl2e8v8X5/C+54owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNDExMTUwNDM4MjhaFw0yNTExMTQwNDQzMjhaMDMxMTAvBgNV
BAMTKEVDNDJDMEYyN0Y3RDFCODE1NjFEMDYyNTM1NzkxNjZDMTQzQUYwNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk8iRmBS0l5uk4GuRAps++woJc
HDSn2kStnKGZhOWsanzk2qWdqU65fMIqHf5ISQMjGoZCdyHBxJ3632VJJkNpnMs2
8PtimenvOdHaSiIlQmxou4KHvVEnCEiHw3diJFYV5feRYXS+MIjTtWJ+Q017ETMx
YGYlFQNYd/fHcgnHN+sDSP7CthHt3xMAyi05LcMngoHPL30mvcHiGPqbkEIp6YOL
YU0ov8n5gtgCFmKRIutpDums9ek8J9y1GYxOD3vM2YFiB0dWSrJZZJ23/XBIInst
cX03etL/DVcJ9h9XDR7/dKazkwsU0/rxxFfyiAwP1UOnh2WK1p3SQuU+GEHVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU7ELA8n99G4FWHQYlNXkWbBQ68EUwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMxMzMyZTMy
MzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzIzMjMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
udXwMA0GCSqGSIb3DQEBCwUAA4IBAQBz7zwUXzB/BrIhpouTAsVhIRQzXwtLaEw8
ruhHZDNDEB43nbms3dhK5q4X2jSrAKlbbTLV0NQNtpJzSDht5AnguTWyR25aMzk+
pywyOnLe43ZnczyoYcPJKeXVmzmJC7DlybAwvafC/iYCuWs6cR1avd0mY7qSgHyU
00YjcnMLfEfGjJSToJztkD5odFntfw/2Tq0AZj4bNwSPO+yDk+ITG9/+j85nFuhE
SdBDCzgPYx/6MjINBMCQqC04jl5NESpOVvuWDkvClCB5w7NH/Q4z5vmCZEk/JhAL
CDKvRLE9jt3CCS9oG6xCNunlVdTDjtTfeycgMPxQ0TKfNUkh1aKe
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:20 2024 by rpki-client on console-ams.rpki-client.org