Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230332e302f32342d3234203d3e20323132323338.roa
File: 3138352e3232392e3230332e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: HIYoTjZwFdPVetPqxHm+7ZOQzUw6sixmuNTwHyPSHpQ=
Subject key identifier: 24:A9:23:08:2C:99:E6:E2:6F:71:C7:CB:E2:A1:6A:AD:5D:FB:03:47
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 42577245F9184BE857E0847EE4BB7A8440985035
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230332e302f32342d3234203d3e20323132323338.roa
Signing time: Mon 15 Jan 2024 22:15:18 +0000
ROA not before: Mon 15 Jan 2024 22:10:18 +0000
ROA not after: Mon 13 Jan 2025 22:15:18 +0000
asID: 212238
IP address blocks: 185.229.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:57:72:45:f9:18:4b:e8:57:e0:84:7e:e4:bb:7a:84:40:98:50:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Jan 15 22:10:18 2024 GMT
Not After : Jan 13 22:15:18 2025 GMT
Subject: CN=24A923082C99E6E26F71C7CBE2A16AAD5DFB0347
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:28:6a:4a:bd:2b:eb:de:3c:ca:86:1b:3b:a4:
af:27:d7:3e:84:71:8b:9b:c7:48:62:5f:a5:df:1b:
5d:57:ac:ce:b6:a0:f7:c4:bc:5a:02:74:b1:7e:e6:
fd:e0:bb:0f:1c:5f:bb:38:84:8a:4b:28:80:ca:70:
f8:35:00:0c:9c:b5:05:98:b1:fa:bf:f3:6a:64:f4:
df:49:18:61:d0:1b:51:f8:0d:ad:62:2d:be:3c:c4:
34:a5:58:0d:f8:bc:b7:3d:6f:56:57:bf:c0:bc:24:
91:18:41:4d:f0:bf:26:4b:38:12:8d:fb:d5:4c:33:
06:cc:bd:52:ad:b1:8a:bf:ca:bb:b0:43:b5:8b:77:
45:1d:3c:48:16:85:11:8a:ea:34:0a:27:12:de:fa:
55:9e:f7:c3:94:62:4e:68:d1:c0:0f:09:59:f3:59:
3d:0c:81:33:01:cd:81:ed:c2:c7:86:7a:88:f7:92:
ee:a8:78:a8:d1:a4:07:64:a5:32:b9:5b:4b:47:aa:
94:f1:e7:47:58:5d:04:86:8a:40:6e:ed:47:f3:ab:
b1:1f:ed:3f:9c:eb:46:f8:95:77:21:2f:60:8d:f8:
b1:26:81:a6:51:9e:27:24:d0:df:b6:94:b3:c9:52:
03:72:1c:88:d1:34:d7:4c:88:2c:19:de:b5:fe:49:
66:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:A9:23:08:2C:99:E6:E2:6F:71:C7:CB:E2:A1:6A:AD:5D:FB:03:47
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230332e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.203.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:b3:6a:6e:96:ff:2a:8a:bc:74:a5:5d:64:f3:0c:2a:ac:db:
7b:d2:93:bc:71:6f:14:77:77:1a:2d:40:36:1f:f4:83:90:82:
d9:40:37:96:43:ca:1e:c8:73:1a:24:87:84:9d:d3:03:19:ce:
e3:d2:7c:fb:06:3f:eb:26:2f:67:b2:bb:b1:04:cc:d2:e4:b0:
af:df:69:14:9d:5c:72:45:12:fe:1e:2b:97:e5:f8:84:27:d3:
7c:b4:d8:0e:72:99:dc:a1:5d:5f:3e:db:8e:6b:48:99:14:07:
99:b6:96:4f:96:08:20:df:bc:5d:25:43:15:56:44:76:0a:e7:
ce:45:7d:52:85:85:e9:00:8c:81:cf:5d:59:81:ec:59:f7:cb:
e5:bc:db:71:cc:63:99:37:00:75:3e:3c:e7:9f:2c:72:9c:b1:
a2:a7:c8:47:a5:b1:23:7c:cb:f7:97:0f:a6:2a:31:fd:40:f0:
c4:77:69:09:54:e1:8b:79:4d:4c:81:c3:6d:76:e4:3c:d3:60:
6b:e5:88:61:70:0f:73:f3:38:ad:73:4d:4f:04:d2:2e:ac:65:
14:c4:f0:cb:ed:ea:00:7c:e1:4b:b1:31:cf:c3:c5:8e:2d:5f:
3e:f1:b6:13:02:9d:6e:9b:07:44:51:9a:a4:9a:be:47:48:ad:
52:fe:02:d0
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUQldyRfkYS+hX4IR+5Lt6hECYUDUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNDAxMTUyMjEwMThaFw0yNTAxMTMyMjE1MThaMDMxMTAvBgNV
BAMTKDI0QTkyMzA4MkM5OUU2RTI2RjcxQzdDQkUyQTE2QUFENURGQjAzNDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoKGpKvSvr3jzKhhs7pK8n1z6E
cYubx0hiX6XfG11XrM62oPfEvFoCdLF+5v3guw8cX7s4hIpLKIDKcPg1AAyctQWY
sfq/82pk9N9JGGHQG1H4Da1iLb48xDSlWA34vLc9b1ZXv8C8JJEYQU3wvyZLOBKN
+9VMMwbMvVKtsYq/yruwQ7WLd0UdPEgWhRGK6jQKJxLe+lWe98OUYk5o0cAPCVnz
WT0MgTMBzYHtwseGeoj3ku6oeKjRpAdkpTK5W0tHqpTx50dYXQSGikBu7Ufzq7Ef
7T+c60b4lXchL2CN+LEmgaZRnick0N+2lLPJUgNyHIjRNNdMiCwZ3rX+SWbJAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUJKkjCCyZ5uJvccfL4qFqrV37A0cwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMyMzkyZTMy
MzAzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnlyzANBgkqhkiG9w0BAQsFAAOCAQEAjrNqbpb/Koq8dKVdZPMMKqzbe9KT
vHFvFHd3Gi1ANh/0g5CC2UA3lkPKHshzGiSHhJ3TAxnO49J8+wY/6yYvZ7K7sQTM
0uSwr99pFJ1cckUS/h4rl+X4hCfTfLTYDnKZ3KFdXz7bjmtImRQHmbaWT5YIIN+8
XSVDFVZEdgrnzkV9UoWF6QCMgc9dWYHsWffL5bzbccxjmTcAdT48558scpyxoqfI
R6WxI3zL95cPpiox/UDwxHdpCVThi3lNTIHDbXbkPNNga+WIYXAPc/M4rXNNTwTS
LqxlFMTwy+3qAHzhS7Exz8PFji1fPvG2EwKdbpsHRFGapJq+R0itUv4C0A==
-----END CERTIFICATE-----
Generated at Sun Apr 28 05:52:17 2024 by rpki-client on console-ams.rpki-client.org