Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234332e302f32342d3234203d3e20343030333935.roa
File: 3138352e3231332e3234332e302f32342d3234203d3e20343030333935.roa (raw, json)
Hash identifier: f9KHZfOJlQSrllEUQYx5pSalROH5h5sZrvaKduv5lEg=
Subject key identifier: 61:3E:75:7C:54:FF:DF:37:86:2E:38:81:76:9E:C9:6F:E3:95:66:D2
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 4AED4DBD3EB761ACAFBFAEC133A9FC4A2E5449B3
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234332e302f32342d3234203d3e20343030333935.roa
Signing time: Wed 22 Nov 2023 07:47:55 +0000
ROA not before: Wed 22 Nov 2023 07:42:55 +0000
ROA not after: Wed 20 Nov 2024 07:47:55 +0000
asID: 400395
IP address blocks: 185.213.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 11:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:ed:4d:bd:3e:b7:61:ac:af:bf:ae:c1:33:a9:fc:4a:2e:54:49:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Nov 22 07:42:55 2023 GMT
Not After : Nov 20 07:47:55 2024 GMT
Subject: CN=613E757C54FFDF37862E3881769EC96FE39566D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:f6:e2:db:55:8a:f1:0f:17:84:17:46:47:e2:
ab:40:92:3a:f6:ac:36:f6:f4:7d:05:5f:c9:e8:54:
79:dc:23:2d:f2:d0:00:ba:c1:b4:d9:c8:03:59:e9:
05:5f:e8:9b:fc:83:11:46:d0:e9:ae:35:14:3e:19:
fa:02:cd:4d:4e:bb:68:b5:f0:5d:4c:05:d7:5d:41:
be:0d:72:4f:f6:60:d8:da:89:a9:0a:9e:61:61:c4:
f5:58:ca:63:47:6b:40:07:59:e4:d7:22:58:d3:9e:
cb:06:26:27:a5:66:25:e3:de:51:99:6d:61:54:30:
0f:02:85:ba:b6:b7:04:92:8e:62:61:37:6d:4e:4c:
13:8c:75:18:f8:f6:08:41:20:29:4f:6d:e5:cc:01:
45:f9:79:6a:d3:f5:44:5d:c6:4d:89:a9:82:e7:ad:
b7:d6:84:ee:39:b4:3a:65:6a:29:1d:92:dd:ec:19:
b9:06:2c:97:06:bc:c9:52:8c:c3:c6:a1:21:59:fa:
59:71:ac:3d:67:cb:cd:c7:eb:09:c0:2c:65:ca:b4:
da:00:6d:b8:fc:e3:08:ac:18:97:d9:b6:4d:f4:59:
1b:a3:b9:7a:8a:fe:14:f1:b3:a8:89:7f:36:ee:13:
68:ab:81:da:a1:02:f6:31:34:1c:ae:ec:18:2f:73:
9a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:3E:75:7C:54:FF:DF:37:86:2E:38:81:76:9E:C9:6F:E3:95:66:D2
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234332e302f32342d3234203d3e20343030333935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.243.0/24
Signature Algorithm: sha256WithRSAEncryption
10:7f:f4:94:8c:99:82:5c:14:7f:2d:00:2e:95:26:db:72:1b:
a0:96:d1:64:9a:6b:69:2c:67:fa:93:bb:94:f2:89:3b:bf:75:
3a:8f:04:36:7b:c5:7d:fe:73:53:a7:fa:fe:e0:44:f2:d9:e9:
b6:a6:a4:a8:d2:95:d7:e1:b7:17:8d:98:13:7f:20:74:78:ee:
a9:b8:e4:e3:1d:6c:99:1b:d0:0d:4b:b9:33:ab:ac:2f:0f:b0:
54:e2:5d:c0:a9:8e:79:6c:56:37:41:10:a0:fa:f7:65:f5:3c:
b3:99:0c:16:79:4e:db:93:74:bb:a0:aa:fd:eb:17:4a:07:20:
0a:5f:55:ca:ac:80:f3:bf:75:45:10:36:53:cd:e9:86:c2:95:
ef:39:de:6a:86:c8:d9:2a:9a:88:24:54:0e:9b:f8:ce:05:95:
76:63:39:4b:9d:71:13:48:b1:0b:24:f2:64:b1:b3:a1:70:30:
ad:fc:c4:fc:6d:22:ac:36:60:44:97:17:31:cc:64:c2:95:50:
25:f3:f6:28:b6:ff:f6:9f:d5:8b:06:05:b3:0b:7e:db:d3:9d:
f1:55:ba:fe:6e:d8:20:98:c2:69:c6:c1:2c:6f:19:97:36:db:
e9:27:77:42:f6:13:6c:49:a5:31:72:e3:dd:dd:3f:ed:86:c1:
57:96:f2:bf
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUSu1NvT63Yayvv67BM6n8Si5USbMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzExMjIwNzQyNTVaFw0yNDExMjAwNzQ3NTVaMDMxMTAvBgNV
BAMTKDYxM0U3NTdDNTRGRkRGMzc4NjJFMzg4MTc2OUVDOTZGRTM5NTY2RDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDm9uLbVYrxDxeEF0ZH4qtAkjr2
rDb29H0FX8noVHncIy3y0AC6wbTZyANZ6QVf6Jv8gxFG0OmuNRQ+GfoCzU1Ou2i1
8F1MBdddQb4Nck/2YNjaiakKnmFhxPVYymNHa0AHWeTXIljTnssGJielZiXj3lGZ
bWFUMA8Chbq2twSSjmJhN21OTBOMdRj49ghBIClPbeXMAUX5eWrT9URdxk2JqYLn
rbfWhO45tDplaikdkt3sGbkGLJcGvMlSjMPGoSFZ+llxrD1ny83H6wnALGXKtNoA
bbj84wisGJfZtk30WRujuXqK/hTxs6iJfzbuE2irgdqhAvYxNByu7Bgvc5pDAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUYT51fFT/3zeGLjiBdp7Jb+OVZtIwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMxMzMyZTMy
MzQzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzAzMDMzMzkzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnV8zANBgkqhkiG9w0BAQsFAAOCAQEAEH/0lIyZglwUfy0ALpUm23IboJbR
ZJpraSxn+pO7lPKJO791Oo8ENnvFff5zU6f6/uBE8tnptqakqNKV1+G3F42YE38g
dHjuqbjk4x1smRvQDUu5M6usLw+wVOJdwKmOeWxWN0EQoPr3ZfU8s5kMFnlO25N0
u6Cq/esXSgcgCl9VyqyA8791RRA2U83phsKV7zneaobI2SqaiCRUDpv4zgWVdmM5
S51xE0ixCyTyZLGzoXAwrfzE/G0irDZgRJcXMcxkwpVQJfP2KLb/9p/ViwYFswt+
29Od8VW6/m7YIJjCacbBLG8Zlzbb6Sd3QvYTbEmlMXLj3d0/7YbBV5byvw==
-----END CERTIFICATE-----
Generated at Sat Apr 20 19:50:03 2024 by rpki-client on console-fra.rpki-client.org