Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234312e302f32342d3234203d3e203631323732.roa
File: 3138352e3231332e3234312e302f32342d3234203d3e203631323732.roa (raw, json)
Hash identifier: 6YnzlrjY88T40z0tQQ09Pmkbr5Q0WFDoNksNtQWLh3U=
Subject key identifier: EB:B8:E2:13:E3:49:42:3A:EF:27:9E:B2:72:73:09:95:90:DB:FD:A8
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 589AE1A3B830345CC5FC75FBEDA233AADCC913E6
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234312e302f32342d3234203d3e203631323732.roa
Signing time: Tue 05 Dec 2023 17:05:08 +0000
ROA not before: Tue 05 Dec 2023 17:00:08 +0000
ROA not after: Tue 03 Dec 2024 17:05:08 +0000
asID: 61272
IP address blocks: 185.213.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:9a:e1:a3:b8:30:34:5c:c5:fc:75:fb:ed:a2:33:aa:dc:c9:13:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Dec 5 17:00:08 2023 GMT
Not After : Dec 3 17:05:08 2024 GMT
Subject: CN=EBB8E213E349423AEF279EB27273099590DBFDA8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5a:0a:f2:fb:c7:c3:fe:99:05:be:51:7d:3e:
81:f3:15:c0:cd:6b:8b:78:57:4a:22:c3:bf:e3:6c:
79:02:93:ec:6e:fa:72:3b:d2:27:86:d3:98:f7:92:
e6:c4:d4:c8:11:27:14:c0:30:ee:c7:56:83:f1:ac:
4e:ae:30:4c:5f:ec:8c:71:95:19:56:52:f6:ac:2b:
74:75:ec:65:02:1d:76:0e:2c:4d:84:69:09:9a:a5:
e4:37:55:61:d8:30:dc:83:a7:8f:bb:a7:c9:69:64:
75:38:4a:96:18:b5:b0:77:6f:38:55:6b:29:42:c3:
19:2f:a8:4f:14:d1:27:c0:37:0d:d9:98:ca:f5:63:
87:08:34:63:55:02:69:de:ac:79:94:9d:ba:cc:cf:
7a:7a:93:e9:9c:0e:db:ce:bc:52:0f:1a:a0:b9:79:
20:53:af:54:d0:30:fe:de:42:cd:ac:d0:eb:b3:5a:
64:ac:79:8e:35:d2:d6:3e:92:d6:fc:70:34:4c:bd:
ad:48:1a:24:c7:0e:39:7b:d0:6f:60:69:bc:7f:ae:
f7:6f:47:1d:48:23:3d:0d:06:79:84:dc:7b:cb:fa:
a6:8e:c0:0e:48:cb:64:2c:8c:47:39:34:b9:0e:d6:
ed:9e:5a:bb:f2:93:b4:50:4b:ed:64:b1:a5:f5:6a:
20:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B8:E2:13:E3:49:42:3A:EF:27:9E:B2:72:73:09:95:90:DB:FD:A8
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234312e302f32342d3234203d3e203631323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.241.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:dd:5f:0e:77:bf:0f:a5:86:e8:56:db:32:09:ca:55:f8:ca:
1a:59:55:99:e4:78:23:61:e1:eb:59:60:43:7b:51:d7:ab:e5:
52:ab:1e:f6:25:90:3a:31:28:2b:16:2e:6f:0b:33:11:6e:a5:
c8:09:71:0c:38:4f:83:3c:8a:f0:42:6e:91:e7:4e:4d:2d:c5:
3c:25:ef:c2:3c:8c:5a:a9:0f:db:8c:61:d2:63:7f:e7:92:a0:
a2:a5:db:f8:ce:e9:b4:85:67:cd:b3:7c:7d:46:79:36:1c:25:
7a:84:14:64:cb:1d:c4:3b:6e:f0:2e:84:cb:07:97:9d:7d:6e:
13:78:cb:17:b9:4a:7e:d5:3a:02:77:ed:32:f5:b2:7f:6c:83:
6f:89:91:0d:fc:a6:5f:fd:86:18:be:35:67:74:bc:5a:26:ae:
14:65:4b:8d:f3:fe:66:39:2f:41:7c:9b:24:0e:d6:8b:36:6e:
46:8b:d7:ad:e4:14:ef:15:0f:64:0b:d8:ac:e3:4c:d5:21:ab:
e7:eb:3a:88:46:80:b8:f6:89:39:25:40:46:65:dd:6c:e3:34:
26:8c:94:7a:a1:26:f4:ae:0e:53:5e:1e:88:fb:0f:7e:a6:8a:
4a:da:28:49:30:23:58:cf:3f:ec:b2:67:2a:9c:3f:03:d9:13:
ea:8f:89:59
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWJrho7gwNFzF/HX77aIzqtzJE+YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzEyMDUxNzAwMDhaFw0yNDEyMDMxNzA1MDhaMDMxMTAvBgNV
BAMTKEVCQjhFMjEzRTM0OTQyM0FFRjI3OUVCMjcyNzMwOTk1OTBEQkZEQTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBWgry+8fD/pkFvlF9PoHzFcDN
a4t4V0oiw7/jbHkCk+xu+nI70ieG05j3kubE1MgRJxTAMO7HVoPxrE6uMExf7Ixx
lRlWUvasK3R17GUCHXYOLE2EaQmapeQ3VWHYMNyDp4+7p8lpZHU4SpYYtbB3bzhV
aylCwxkvqE8U0SfANw3ZmMr1Y4cINGNVAmnerHmUnbrMz3p6k+mcDtvOvFIPGqC5
eSBTr1TQMP7eQs2s0OuzWmSseY410tY+ktb8cDRMva1IGiTHDjl70G9gabx/rvdv
Rx1IIz0NBnmE3HvL+qaOwA5Iy2QsjEc5NLkO1u2eWrvyk7RQS+1ksaX1aiDJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU67jiE+NJQjrvJ56ycnMJlZDb/agwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMxMzMyZTMy
MzQzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMjM3MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51fEwDQYJKoZIhvcNAQELBQADggEBANXdXw53vw+lhuhW2zIJylX4yhpZVZnk
eCNh4etZYEN7Uder5VKrHvYlkDoxKCsWLm8LMxFupcgJcQw4T4M8ivBCbpHnTk0t
xTwl78I8jFqpD9uMYdJjf+eSoKKl2/jO6bSFZ82zfH1GeTYcJXqEFGTLHcQ7bvAu
hMsHl519bhN4yxe5Sn7VOgJ37TL1sn9sg2+JkQ38pl/9hhi+NWd0vFomrhRlS43z
/mY5L0F8myQO1os2bkaL163kFO8VD2QL2KzjTNUhq+frOohGgLj2iTklQEZl3Wzj
NCaMlHqhJvSuDlNeHoj7D36mikraKEkwI1jPP+yyZyqcPwPZE+qPiVk=
-----END CERTIFICATE-----
Generated at Sun May 5 00:40:50 2024 by rpki-client on console-fra.rpki-client.org