Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234332e302f32342d3234203d3e20333936393938.roa
File: 3138352e3231332e3234332e302f32342d3234203d3e20333936393938.roa (raw, json)
Hash identifier: 493iUioL87nSCNizDrZzva0BFfg7iyRt7auwiZVPE6g=
Subject key identifier: CB:7F:7E:E3:40:D5:AF:05:E1:DA:D5:11:66:69:2A:85:08:71:FE:D0
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 70AF42A1E8D2D682EC610568338787DB4190BE10
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234332e302f32342d3234203d3e20333936393938.roa
Signing time: Sun 26 Nov 2023 14:05:26 +0000
ROA not before: Sun 26 Nov 2023 14:00:26 +0000
ROA not after: Sun 24 Nov 2024 14:05:26 +0000
asID: 396998
IP address blocks: 185.213.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:af:42:a1:e8:d2:d6:82:ec:61:05:68:33:87:87:db:41:90:be:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Nov 26 14:00:26 2023 GMT
Not After : Nov 24 14:05:26 2024 GMT
Subject: CN=CB7F7EE340D5AF05E1DAD51166692A850871FED0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f6:3a:27:13:70:70:c9:fa:a6:07:1b:4b:a2:
d8:95:c5:dc:72:19:f6:2e:4c:a0:a6:75:0f:68:7b:
2b:6c:be:ca:09:81:f7:af:b8:cd:e7:de:16:c6:e2:
cd:d7:89:25:cb:24:b7:a5:4f:00:af:39:73:49:42:
36:d0:26:67:81:3e:6c:aa:79:1f:ad:b7:0c:13:d9:
9a:23:56:c4:13:09:1a:82:c7:b0:8d:89:d3:78:37:
63:17:24:3a:0b:cf:b6:32:bd:26:4f:89:69:09:72:
73:c9:da:ac:09:c7:92:93:e5:66:57:d2:c1:8e:03:
bc:a8:fa:1c:98:39:08:23:54:29:2f:49:46:f2:1f:
b9:d2:37:3b:3a:ff:bc:6a:46:fa:30:ac:c9:ec:03:
31:fb:f3:e0:d8:62:3a:af:d8:9a:8e:c5:a3:44:29:
ef:06:da:02:8a:ac:ee:f6:96:99:cf:98:74:09:cf:
c4:28:24:b4:d4:13:7d:c6:bb:df:4e:e5:37:59:f5:
28:51:92:3b:10:c8:42:5e:96:53:f6:61:a2:d1:2b:
5d:41:ff:b8:54:cd:d5:a7:a0:13:99:80:05:57:7b:
13:3c:6f:ce:0f:5a:ef:39:a4:9f:2f:30:cd:6b:80:
1c:97:ea:7d:22:6b:8c:15:4e:c3:23:e7:d1:72:73:
29:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:7F:7E:E3:40:D5:AF:05:E1:DA:D5:11:66:69:2A:85:08:71:FE:D0
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234332e302f32342d3234203d3e20333936393938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.243.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:85:9e:65:2c:14:07:32:1d:27:84:90:04:77:3b:16:10:db:
78:bc:b8:14:af:69:fb:1e:60:be:17:92:31:04:2d:df:63:80:
3f:86:25:28:df:9a:a4:fd:0b:e2:dd:57:ad:3d:f3:ec:0a:83:
e6:00:f4:99:48:6e:72:c6:19:c3:b4:c9:32:a8:67:fa:3a:b1:
c6:e2:fb:a5:ff:2c:d3:b9:f3:6b:0d:54:88:67:04:dc:7a:48:
21:2b:61:f1:18:d2:42:66:02:45:a9:f2:7c:f9:fd:81:3b:b1:
fc:8a:73:a0:50:63:bd:fd:0b:9e:e5:9e:f1:9c:8f:a6:63:5c:
ab:d4:89:e9:87:9e:50:42:c8:70:11:35:6d:70:71:cc:57:2a:
a6:f9:e5:9d:30:d5:0c:12:26:89:36:19:e0:cf:79:9d:45:72:
c1:1c:d8:f5:97:d1:59:30:92:37:63:07:e0:2b:f7:04:25:76:
c3:7e:b8:c0:f1:a1:be:5a:7a:64:44:02:fb:ba:1d:8a:d7:7f:
12:33:93:df:34:38:50:2e:3a:84:b3:a4:d2:97:3f:aa:35:47:
3a:6c:94:72:f0:9d:36:11:cd:be:c4:9d:76:5a:d4:1a:84:25:
7c:8d:d8:a0:2c:bd:ab:62:fd:11:45:75:3f:68:a1:dd:84:49:
1a:9f:8f:2d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUcK9CoejS1oLsYQVoM4eH20GQvhAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzExMjYxNDAwMjZaFw0yNDExMjQxNDA1MjZaMDMxMTAvBgNV
BAMTKENCN0Y3RUUzNDBENUFGMDVFMURBRDUxMTY2NjkyQTg1MDg3MUZFRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN9jonE3BwyfqmBxtLotiVxdxy
GfYuTKCmdQ9oeytsvsoJgfevuM3n3hbG4s3XiSXLJLelTwCvOXNJQjbQJmeBPmyq
eR+ttwwT2ZojVsQTCRqCx7CNidN4N2MXJDoLz7YyvSZPiWkJcnPJ2qwJx5KT5WZX
0sGOA7yo+hyYOQgjVCkvSUbyH7nSNzs6/7xqRvowrMnsAzH78+DYYjqv2JqOxaNE
Ke8G2gKKrO72lpnPmHQJz8QoJLTUE33Gu99O5TdZ9ShRkjsQyEJellP2YaLRK11B
/7hUzdWnoBOZgAVXexM8b84PWu85pJ8vMM1rgByX6n0ia4wVTsMj59FycykFAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUy39+40DVrwXh2tURZmkqhQhx/tAwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMxMzMyZTMy
MzQzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzNjM5MzkzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnV8zANBgkqhkiG9w0BAQsFAAOCAQEAeoWeZSwUBzIdJ4SQBHc7FhDbeLy4
FK9p+x5gvheSMQQt32OAP4YlKN+apP0L4t1XrT3z7AqD5gD0mUhucsYZw7TJMqhn
+jqxxuL7pf8s07nzaw1UiGcE3HpIISth8RjSQmYCRanyfPn9gTux/IpzoFBjvf0L
nuWe8ZyPpmNcq9SJ6YeeUELIcBE1bXBxzFcqpvnlnTDVDBImiTYZ4M95nUVywRzY
9ZfRWTCSN2MH4Cv3BCV2w364wPGhvlp6ZEQC+7oditd/EjOT3zQ4UC46hLOk0pc/
qjVHOmyUcvCdNhHNvsSddlrUGoQlfI3YoCy9q2L9EUV1P2ih3YRJGp+PLQ==
-----END CERTIFICATE-----
Generated at Sun Apr 21 05:44:06 2024 by rpki-client on console-ams.rpki-client.org