Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230302e302f32342d3234203d3e203139343337.roa
File: 3138352e3232392e3230302e302f32342d3234203d3e203139343337.roa (raw, json)
Hash identifier: 3pl8km3wVmgOfHwXywdZLa4qIXAmGtmNd6yZ62LPiT8=
Subject key identifier: 52:23:9B:BB:95:3D:26:D4:6A:8E:61:C4:E0:BE:F2:83:45:50:B4:0E
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 21801299CEC97B62801AC535A3DEB8727E7D955D
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230302e302f32342d3234203d3e203139343337.roa
Signing time: Tue 05 Dec 2023 17:05:08 +0000
ROA not before: Tue 05 Dec 2023 17:00:08 +0000
ROA not after: Tue 03 Dec 2024 17:05:08 +0000
asID: 19437
IP address blocks: 185.229.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 14:08:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:80:12:99:ce:c9:7b:62:80:1a:c5:35:a3:de:b8:72:7e:7d:95:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Dec 5 17:00:08 2023 GMT
Not After : Dec 3 17:05:08 2024 GMT
Subject: CN=52239BBB953D26D46A8E61C4E0BEF2834550B40E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b4:2c:a6:63:22:c3:46:20:c4:8f:a4:35:23:
e8:8c:5d:78:a3:b6:91:e9:1d:e5:6d:73:3c:50:b2:
e7:e7:2a:62:ae:61:9b:8d:34:8f:12:ba:29:18:40:
26:f8:d6:d6:e8:b6:96:09:fc:5e:51:bd:7d:13:b2:
03:63:36:49:b0:dc:50:9b:3c:de:fe:8e:fa:ce:29:
07:e9:7a:0b:61:29:46:4e:be:74:f4:11:69:7a:53:
0b:cc:7c:37:32:2d:10:4d:5c:54:30:af:51:b8:54:
dd:8b:ff:a6:01:30:66:7c:1e:ec:72:d8:6b:2b:79:
10:59:51:a3:15:e8:b7:5a:ad:10:50:db:6f:76:cd:
82:ee:4d:7f:91:dc:5a:a9:1f:f9:a8:c5:a7:a6:1e:
d1:19:da:ea:1c:ec:9f:80:a1:57:96:ae:44:c6:85:
a4:a9:a8:7a:d5:8d:81:c8:1d:a9:75:dc:f1:1e:87:
f9:bb:45:a3:a5:8b:38:7a:66:82:86:0e:03:65:5a:
38:7f:aa:95:57:ab:0c:af:92:c8:3d:2d:3b:27:c0:
e8:66:9a:5f:47:b0:8d:3c:a9:3f:07:46:90:ed:20:
fb:fa:e5:92:92:3d:f5:b7:af:0d:7c:51:4c:0c:da:
15:05:f7:ef:4e:09:1c:80:03:bc:5b:20:35:8e:dd:
28:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:23:9B:BB:95:3D:26:D4:6A:8E:61:C4:E0:BE:F2:83:45:50:B4:0E
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230302e302f32342d3234203d3e203139343337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.200.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:3e:d7:9c:b8:c1:af:68:2f:92:c9:33:9c:99:85:6c:fb:a2:
64:01:eb:9e:bf:b1:ae:7c:53:3c:8c:32:a8:74:da:92:a9:cf:
4f:7c:39:38:18:11:3a:89:0c:63:8a:a9:ed:cf:2f:f8:12:cc:
7a:c6:78:6f:14:f7:73:eb:56:74:44:5c:9b:2b:23:7b:30:9d:
ff:d5:87:5f:f0:c7:ad:f4:76:3c:9e:52:de:c2:61:fc:36:d7:
5f:e3:fb:73:18:ea:f8:31:85:0e:06:88:05:f8:9f:29:30:8a:
fd:bc:b6:e9:97:74:75:19:1a:2f:ea:8c:29:60:e8:c1:e9:a3:
76:63:23:c8:85:8d:29:03:85:23:4e:e0:d9:d5:9e:68:ec:1e:
3f:21:04:60:0a:6e:47:da:8c:26:f6:a7:48:d8:21:ec:55:4e:
ee:ff:32:14:1c:3c:48:e9:dd:35:fa:a6:f7:f0:e2:5a:aa:00:
e7:99:4d:67:66:b1:a3:06:bb:75:6e:90:59:b4:76:5d:3a:5a:
1f:ba:e4:89:78:39:91:06:e3:20:e8:ac:95:9a:50:45:71:5e:
b9:9b:d3:6c:2f:83:42:b3:62:70:bc:32:a2:31:bd:23:d4:12:
1e:d8:44:05:19:55:c2:ba:36:46:ea:20:4a:ed:3e:e9:d2:72:
65:9a:4e:4a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIYASmc7Je2KAGsU1o964cn59lV0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzEyMDUxNzAwMDhaFw0yNDEyMDMxNzA1MDhaMDMxMTAvBgNV
BAMTKDUyMjM5QkJCOTUzRDI2RDQ2QThFNjFDNEUwQkVGMjgzNDU1MEI0MEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5tCymYyLDRiDEj6Q1I+iMXXij
tpHpHeVtczxQsufnKmKuYZuNNI8SuikYQCb41tbotpYJ/F5RvX0TsgNjNkmw3FCb
PN7+jvrOKQfpegthKUZOvnT0EWl6UwvMfDcyLRBNXFQwr1G4VN2L/6YBMGZ8Huxy
2GsreRBZUaMV6LdarRBQ2292zYLuTX+R3FqpH/moxaemHtEZ2uoc7J+AoVeWrkTG
haSpqHrVjYHIHal13PEeh/m7RaOlizh6ZoKGDgNlWjh/qpVXqwyvksg9LTsnwOhm
ml9HsI08qT8HRpDtIPv65ZKSPfW3rw18UUwM2hUF9+9OCRyAA7xbIDWO3ShvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUUiObu5U9JtRqjmHE4L7yg0VQtA4wHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMyMzkyZTMy
MzAzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzkzNDMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC55cgwDQYJKoZIhvcNAQELBQADggEBAMs+15y4wa9oL5LJM5yZhWz7omQB656/
sa58UzyMMqh02pKpz098OTgYETqJDGOKqe3PL/gSzHrGeG8U93PrVnREXJsrI3sw
nf/Vh1/wx630djyeUt7CYfw211/j+3MY6vgxhQ4GiAX4nykwiv28tumXdHUZGi/q
jClg6MHpo3ZjI8iFjSkDhSNO4NnVnmjsHj8hBGAKbkfajCb2p0jYIexVTu7/MhQc
PEjp3TX6pvfw4lqqAOeZTWdmsaMGu3VukFm0dl06Wh+65Il4OZEG4yDorJWaUEVx
Xrmb02wvg0KzYnC8MqIxvSPUEh7YRAUZVcK6NkbqIErtPunScmWaTko=
-----END CERTIFICATE-----
Generated at Sat May 11 18:18:50 2024 by rpki-client on console-ams.rpki-client.org