Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234322e302f32342d3234203d3e203631333137.roa
File: 3138352e3231332e3234322e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: YpOGfFau+S5Y+DBSpKWeiuLGORXUY8ZVscP56Eehcgg=
Subject key identifier: 16:C8:82:F0:7A:42:54:6B:B7:09:6A:01:F2:B6:A5:FB:83:39:F0:0C
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 670162E81D5C2092722E1C2D5808CF3B285CD8B5
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234322e302f32342d3234203d3e203631333137.roa
Signing time: Tue 05 Dec 2023 17:05:08 +0000
ROA not before: Tue 05 Dec 2023 17:00:08 +0000
ROA not after: Tue 03 Dec 2024 17:05:08 +0000
asID: 61317
IP address blocks: 185.213.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Apr 2024 08:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:01:62:e8:1d:5c:20:92:72:2e:1c:2d:58:08:cf:3b:28:5c:d8:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Dec 5 17:00:08 2023 GMT
Not After : Dec 3 17:05:08 2024 GMT
Subject: CN=16C882F07A42546BB7096A01F2B6A5FB8339F00C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3b:26:69:7d:f8:16:68:51:d9:46:d0:4d:63:
32:39:8c:35:e9:47:e7:7a:35:6b:5a:33:57:f8:93:
61:a8:6d:e3:2b:3b:8e:27:fe:46:9a:c4:55:30:7f:
2b:86:06:c7:df:29:a2:90:d9:77:41:9f:3d:6a:11:
04:57:db:97:bc:a0:e1:b1:61:e2:af:01:78:b3:a0:
81:b6:9e:3c:79:a3:d0:e3:7b:4d:dc:18:e5:1d:53:
2e:93:20:9a:71:14:fd:75:0e:48:7f:e4:3f:a3:52:
67:11:a7:dc:03:33:a6:ab:61:c8:bf:43:ba:b8:ac:
e2:f9:50:98:15:76:7f:d0:f5:15:9b:d2:04:f3:07:
12:ea:6a:fd:c2:c1:5d:3a:4a:de:77:e6:69:cc:3e:
e2:80:05:8a:26:1f:7c:3d:a8:77:47:58:fe:e6:05:
74:7c:04:2b:ff:18:08:68:2c:5e:f7:95:27:10:89:
e7:c6:58:5d:df:9d:8e:f9:45:a1:47:bd:28:07:9b:
18:66:36:64:c6:5c:fa:59:64:ed:9c:5c:ae:1f:e2:
b3:d8:d1:54:65:60:7e:d3:b9:de:03:bf:f2:1c:02:
01:9d:43:50:d2:d2:04:10:cc:47:2f:98:f9:ba:4e:
9d:95:ab:20:ef:85:39:65:60:23:dc:6c:e7:46:e6:
a0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:C8:82:F0:7A:42:54:6B:B7:09:6A:01:F2:B6:A5:FB:83:39:F0:0C
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234322e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.242.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:f6:40:5c:a8:af:a9:46:9a:45:2e:8d:00:be:0f:40:8a:f8:
6a:34:c2:2c:c5:83:f8:26:8d:26:95:0e:a7:43:ec:26:2a:eb:
07:26:f4:1e:23:ba:ad:8a:98:04:75:bd:a8:26:95:0f:78:53:
98:e7:28:5a:8b:93:4c:f9:cd:91:a7:ba:0a:ae:22:3e:d7:f1:
ed:2a:75:72:a3:2e:84:6b:6f:5e:c4:81:a8:2d:f6:1b:3b:9a:
20:71:92:85:80:e2:7a:5d:df:2c:ff:56:22:7f:72:ea:01:15:
ad:52:26:b3:58:83:2f:89:38:55:0f:b5:15:a5:7a:6f:f3:86:
d0:ba:0d:56:6a:45:81:5c:c9:1f:47:fd:72:b3:5f:3c:81:fe:
97:6d:0f:34:fc:29:7f:0c:94:ae:4f:d2:67:d4:2f:60:de:39:
34:35:00:97:a0:64:37:9b:63:a6:e5:7e:91:0c:33:d0:7d:cf:
de:32:39:81:b5:c2:dc:db:3c:30:47:49:6d:ee:51:ef:ac:ef:
ce:00:db:9d:7d:1a:91:ae:d8:c3:8c:26:a2:f5:de:24:3b:cc:
0b:19:ff:db:d3:09:2e:b3:1a:98:3e:cc:79:1f:13:79:c6:df:
7b:ba:c4:5e:1e:82:f0:f8:a7:68:29:3f:20:71:5b:66:4c:5b:
fd:c2:80:bf
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZwFi6B1cIJJyLhwtWAjPOyhc2LUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzEyMDUxNzAwMDhaFw0yNDEyMDMxNzA1MDhaMDMxMTAvBgNV
BAMTKDE2Qzg4MkYwN0E0MjU0NkJCNzA5NkEwMUYyQjZBNUZCODMzOUYwMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkOyZpffgWaFHZRtBNYzI5jDXp
R+d6NWtaM1f4k2GobeMrO44n/kaaxFUwfyuGBsffKaKQ2XdBnz1qEQRX25e8oOGx
YeKvAXizoIG2njx5o9Dje03cGOUdUy6TIJpxFP11Dkh/5D+jUmcRp9wDM6arYci/
Q7q4rOL5UJgVdn/Q9RWb0gTzBxLqav3CwV06St535mnMPuKABYomH3w9qHdHWP7m
BXR8BCv/GAhoLF73lScQiefGWF3fnY75RaFHvSgHmxhmNmTGXPpZZO2cXK4f4rPY
0VRlYH7Tud4Dv/IcAgGdQ1DS0gQQzEcvmPm6Tp2VqyDvhTllYCPcbOdG5qBhAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUFsiC8HpCVGu3CWoB8ral+4M58AwwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMxMzMyZTMy
MzQzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51fIwDQYJKoZIhvcNAQELBQADggEBAFz2QFyor6lGmkUujQC+D0CK+Go0wizF
g/gmjSaVDqdD7CYq6wcm9B4juq2KmAR1vagmlQ94U5jnKFqLk0z5zZGnugquIj7X
8e0qdXKjLoRrb17Egagt9hs7miBxkoWA4npd3yz/ViJ/cuoBFa1SJrNYgy+JOFUP
tRWlem/zhtC6DVZqRYFcyR9H/XKzXzyB/pdtDzT8KX8MlK5P0mfUL2DeOTQ1AJeg
ZDebY6blfpEMM9B9z94yOYG1wtzbPDBHSW3uUe+s784A2519GpGu2MOMJqL13iQ7
zAsZ/9vTCS6zGpg+zHkfE3nG33u6xF4egvD4p2gpPyBxW2ZMW/3CgL8=
-----END CERTIFICATE-----
Generated at Tue Apr 16 11:56:34 2024 by rpki-client on console-fra.rpki-client.org