Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230302e302f32342d3234203d3e203139343337.roa
File: 3138352e3232392e3230302e302f32342d3234203d3e203139343337.roa (raw, json)
Hash identifier: EP6RD+ZuD8/aeGRdu5DeM51xsrxE2M7oAfAneTY5Btg=
Subject key identifier: CE:88:B1:52:71:3F:64:B0:40:14:28:43:F8:E8:8F:D9:96:40:54:62
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 23E51F2140B90B9E5B07FD913AF8DA981CB21BA0
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230302e302f32342d3234203d3e203139343337.roa
Signing time: Tue 05 Nov 2024 17:43:27 +0000
ROA not before: Tue 05 Nov 2024 17:38:27 +0000
ROA not after: Tue 04 Nov 2025 17:43:27 +0000
asID: 19437
IP address blocks: 185.229.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:e5:1f:21:40:b9:0b:9e:5b:07:fd:91:3a:f8:da:98:1c:b2:1b:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Nov 5 17:38:27 2024 GMT
Not After : Nov 4 17:43:27 2025 GMT
Subject: CN=CE88B152713F64B040142843F8E88FD996405462
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:96:87:ff:52:80:c8:d8:a1:7b:15:98:69:14:
bf:14:77:fe:d8:40:46:60:5a:97:53:6b:c1:72:f7:
9d:c3:9e:3a:81:a3:3f:cd:ce:e5:57:01:68:40:ae:
fd:41:61:4b:d1:87:cf:90:89:53:fb:5f:4e:e3:7c:
cf:d5:24:cc:25:61:84:6b:2e:bf:30:d9:bd:5f:74:
81:fc:81:e7:b2:8e:4b:cf:11:f7:5d:5d:de:d6:42:
da:0e:b5:8f:f6:bd:a9:98:17:bf:d2:df:76:05:51:
29:06:4d:a0:35:04:89:34:00:19:b7:1a:5f:db:30:
f8:31:59:03:ab:3b:32:6f:9e:48:17:e0:b6:c6:d0:
4a:e6:f8:27:a2:4c:b9:0f:3a:d5:a6:2a:ee:e5:c3:
71:ca:1b:18:3d:97:92:90:82:60:f6:8a:70:8c:bd:
fc:d5:7a:0d:ef:44:2e:20:4b:9f:e7:96:f7:49:09:
7c:78:f5:6b:96:54:50:c5:62:d0:09:43:91:f5:65:
71:ff:a9:86:72:0a:b5:fb:3e:30:b3:a6:e7:56:f5:
a0:a3:f3:a8:e2:ec:44:1c:87:7b:55:43:30:f8:bc:
2d:13:44:d3:61:3c:73:3c:39:7a:29:9a:a4:33:46:
1c:6e:29:ac:3a:78:25:65:12:31:c2:fc:7b:72:90:
6d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:88:B1:52:71:3F:64:B0:40:14:28:43:F8:E8:8F:D9:96:40:54:62
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230302e302f32342d3234203d3e203139343337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.200.0/24
Signature Algorithm: sha256WithRSAEncryption
05:d7:18:8d:04:97:12:55:23:17:86:3f:65:80:97:75:3b:b3:
21:3b:0c:b7:e3:11:92:9e:fb:a8:8c:9e:c1:12:60:11:b2:af:
df:ed:85:5c:d0:29:cd:ea:0c:ae:0d:8b:71:50:79:fe:ac:5f:
be:a4:f4:7a:bc:43:df:8d:14:0e:f2:3a:df:48:6b:5f:ce:23:
43:46:95:81:ca:39:29:90:18:ab:b8:6a:dd:cf:ab:91:81:6a:
55:1f:d6:fb:57:a3:bb:eb:c2:c6:b2:42:f4:09:6c:73:d9:17:
89:94:89:d5:ec:ae:22:f2:91:1d:41:06:94:28:2e:d7:85:86:
99:3a:44:98:f6:fd:39:1c:01:0e:38:9e:aa:79:09:a3:a7:34:
f1:91:98:68:ca:57:c8:6e:cd:f6:e4:74:7c:14:62:bb:ba:2d:
84:84:f0:10:67:f6:70:1c:52:a3:83:08:e3:82:10:fa:00:e0:
44:4d:62:53:fc:58:4f:19:4e:1e:b3:8a:7f:de:50:1d:59:1b:
32:67:6a:19:0a:4e:8f:64:f8:a2:ce:b2:55:d7:e0:f4:47:e6:
11:47:19:30:14:0b:f8:38:6a:f3:13:b0:e2:43:e3:46:98:09:
fa:7c:2b:ea:1f:00:19:d9:87:43:59:af:5d:e9:05:6b:7e:c3:
c0:74:a7:d7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUI+UfIUC5C55bB/2ROvjamByyG6AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNDExMDUxNzM4MjdaFw0yNTExMDQxNzQzMjdaMDMxMTAvBgNV
BAMTKENFODhCMTUyNzEzRjY0QjA0MDE0Mjg0M0Y4RTg4RkQ5OTY0MDU0NjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDilof/UoDI2KF7FZhpFL8Ud/7Y
QEZgWpdTa8Fy953DnjqBoz/NzuVXAWhArv1BYUvRh8+QiVP7X07jfM/VJMwlYYRr
Lr8w2b1fdIH8geeyjkvPEfddXd7WQtoOtY/2vamYF7/S33YFUSkGTaA1BIk0ABm3
Gl/bMPgxWQOrOzJvnkgX4LbG0Erm+CeiTLkPOtWmKu7lw3HKGxg9l5KQgmD2inCM
vfzVeg3vRC4gS5/nlvdJCXx49WuWVFDFYtAJQ5H1ZXH/qYZyCrX7PjCzpudW9aCj
86ji7EQch3tVQzD4vC0TRNNhPHM8OXopmqQzRhxuKaw6eCVlEjHC/HtykG0rAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUzoixUnE/ZLBAFChD+OiP2ZZAVGIwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMyMzkyZTMy
MzAzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzkzNDMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC55cgwDQYJKoZIhvcNAQELBQADggEBAAXXGI0ElxJVIxeGP2WAl3U7syE7DLfj
EZKe+6iMnsESYBGyr9/thVzQKc3qDK4Ni3FQef6sX76k9Hq8Q9+NFA7yOt9Ia1/O
I0NGlYHKOSmQGKu4at3Pq5GBalUf1vtXo7vrwsayQvQJbHPZF4mUidXsriLykR1B
BpQoLteFhpk6RJj2/TkcAQ44nqp5CaOnNPGRmGjKV8huzfbkdHwUYru6LYSE8BBn
9nAcUqODCOOCEPoA4ERNYlP8WE8ZTh6zin/eUB1ZGzJnahkKTo9k+KLOslXX4PRH
5hFHGTAUC/g4avMTsOJD40aYCfp8K+ofABnZh0NZr13pBWt+w8B0p9c=
-----END CERTIFICATE-----
Generated at Fri Nov 22 07:03:46 2024 by rpki-client on console-fra.rpki-client.org