Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234312e302f32342d3234203d3e203631323732.roa
File: 3138352e3231332e3234312e302f32342d3234203d3e203631323732.roa (raw, json)
Hash identifier: KhYwWjM/5tZMAc1Ys2Qi/Z3IxKzkYaHG79mNsaA679A=
Subject key identifier: 01:A8:CF:29:23:39:DB:16:C6:B1:2C:9F:97:C2:EF:F5:7C:0B:C9:96
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 249FB2175B797A9FC1D2575CBE11C73E176E5E7A
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234312e302f32342d3234203d3e203631323732.roa
Signing time: Tue 05 Nov 2024 17:43:27 +0000
ROA not before: Tue 05 Nov 2024 17:38:27 +0000
ROA not after: Tue 04 Nov 2025 17:43:27 +0000
asID: 61272
IP address blocks: 185.213.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:9f:b2:17:5b:79:7a:9f:c1:d2:57:5c:be:11:c7:3e:17:6e:5e:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Nov 5 17:38:27 2024 GMT
Not After : Nov 4 17:43:27 2025 GMT
Subject: CN=01A8CF292339DB16C6B12C9F97C2EFF57C0BC996
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0f:51:bc:b7:9f:d0:4f:1c:c8:64:06:ab:e9:
de:47:99:2d:2b:78:7c:a2:50:70:2c:cd:a5:26:be:
65:8d:27:5b:3a:43:a9:52:83:59:2b:58:6b:67:29:
1c:36:8e:37:01:ca:fa:8f:24:74:3e:cd:99:5d:04:
49:b0:53:9f:61:8c:e3:4b:ae:8c:94:1b:27:f0:e6:
0d:c4:33:75:d8:51:15:35:9c:d1:85:d7:9c:eb:87:
6c:40:eb:c2:b0:cb:3c:83:0a:6d:cf:1c:83:c4:73:
7e:ab:0c:3c:5b:60:d6:92:0d:d8:91:b3:fd:5b:8c:
ed:12:0b:2c:06:02:6d:5a:ae:8f:b7:2a:b3:1b:9e:
56:a9:68:0a:24:9b:52:47:bb:20:a9:06:56:6b:2e:
16:f8:05:90:0d:26:80:4f:25:65:de:f0:73:3b:94:
cb:a5:bb:72:dd:56:b0:94:bd:aa:14:c4:a7:aa:96:
2e:c5:2d:8d:0c:97:e9:88:df:02:39:36:bb:99:ee:
b7:97:57:1c:da:05:6b:02:c2:0c:bc:a3:42:81:40:
da:9d:54:85:4c:07:21:77:e2:6e:a0:8e:2d:c3:92:
5f:5f:75:08:26:69:79:a5:b0:f3:4e:f4:34:bf:bb:
96:e6:e4:3b:ca:d6:05:40:f7:dd:6c:21:9f:de:74:
d3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A8:CF:29:23:39:DB:16:C6:B1:2C:9F:97:C2:EF:F5:7C:0B:C9:96
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234312e302f32342d3234203d3e203631323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.241.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:76:ae:60:34:d3:a9:79:e2:46:3f:88:0f:90:78:2c:fc:4c:
1f:e8:61:f7:a2:5c:39:d5:20:df:df:89:75:ed:db:fc:db:64:
33:b3:9c:66:00:06:ed:90:b3:40:c5:52:c5:28:9a:87:f1:2e:
10:6a:e8:49:84:bf:f5:08:be:fd:01:9a:b8:e1:45:dd:72:8d:
84:09:45:7d:77:a4:2e:6c:1a:d5:1a:57:bc:9d:5e:a3:b3:f6:
5d:dc:89:0d:72:8b:10:90:e1:a3:18:ec:94:b2:99:83:f6:94:
6e:32:b1:51:86:54:4f:8d:d4:81:90:b6:c0:82:16:ad:59:10:
ca:10:6e:d5:12:d1:d9:dc:f7:46:ef:66:c6:e6:9a:d3:a1:eb:
82:6a:96:ba:1d:01:33:34:47:ef:e0:6b:22:5c:2b:03:96:6b:
10:1c:88:3f:b1:fa:b4:1e:d3:30:9c:72:56:18:dc:0b:00:e8:
d2:e0:02:a1:a4:5f:7c:35:b2:57:36:5b:53:61:c9:73:b7:08:
1e:58:4e:87:e5:40:a2:92:bf:fb:97:6c:91:9e:cd:5b:90:5b:
7a:c8:05:5f:9d:af:40:fa:f2:e8:65:67:7e:84:f7:82:93:98:
d1:85:df:f5:14:89:7d:bb:2a:00:75:fa:9c:83:67:df:66:70:
2a:a0:ed:7e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJJ+yF1t5ep/B0ldcvhHHPhduXnowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNDExMDUxNzM4MjdaFw0yNTExMDQxNzQzMjdaMDMxMTAvBgNV
BAMTKDAxQThDRjI5MjMzOURCMTZDNkIxMkM5Rjk3QzJFRkY1N0MwQkM5OTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3D1G8t5/QTxzIZAar6d5HmS0r
eHyiUHAszaUmvmWNJ1s6Q6lSg1krWGtnKRw2jjcByvqPJHQ+zZldBEmwU59hjONL
royUGyfw5g3EM3XYURU1nNGF15zrh2xA68KwyzyDCm3PHIPEc36rDDxbYNaSDdiR
s/1bjO0SCywGAm1aro+3KrMbnlapaAokm1JHuyCpBlZrLhb4BZANJoBPJWXe8HM7
lMulu3LdVrCUvaoUxKeqli7FLY0Ml+mI3wI5NruZ7reXVxzaBWsCwgy8o0KBQNqd
VIVMByF34m6gji3Dkl9fdQgmaXmlsPNO9DS/u5bm5DvK1gVA991sIZ/edNNDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUAajPKSM52xbGsSyfl8Lv9XwLyZYwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMxMzMyZTMy
MzQzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMjM3MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51fEwDQYJKoZIhvcNAQELBQADggEBAC52rmA006l54kY/iA+QeCz8TB/oYfei
XDnVIN/fiXXt2/zbZDOznGYABu2Qs0DFUsUomofxLhBq6EmEv/UIvv0BmrjhRd1y
jYQJRX13pC5sGtUaV7ydXqOz9l3ciQ1yixCQ4aMY7JSymYP2lG4ysVGGVE+N1IGQ
tsCCFq1ZEMoQbtUS0dnc90bvZsbmmtOh64JqlrodATM0R+/gayJcKwOWaxAciD+x
+rQe0zCcclYY3AsA6NLgAqGkX3w1slc2W1NhyXO3CB5YToflQKKSv/uXbJGezVuQ
W3rIBV+dr0D68uhlZ36E94KTmNGF3/UUiX27KgB1+pyDZ99mcCqg7X4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:41:51 2024 by rpki-client on console-ams.rpki-client.org