Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39342e302f32342d3234203d3e20333937343233.roa
File: 3138352e3234342e39342e302f32342d3234203d3e20333937343233.roa (raw, json)
Hash identifier: Os5pPaUq4wuSIVKgbNMacUddHXr+Tpw7Nr5HsfcIjhw=
Subject key identifier: 95:8D:44:65:B7:28:94:1B:94:76:30:B8:39:6D:84:11:F8:C2:EF:4D
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 238EE576D6039A420B9BB35803715B425ABDF347
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39342e302f32342d3234203d3e20333937343233.roa
Signing time: Tue 12 Mar 2024 12:59:43 +0000
ROA not before: Tue 12 Mar 2024 12:54:43 +0000
ROA not after: Tue 11 Mar 2025 12:59:43 +0000
asID: 397423
IP address blocks: 185.244.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:8e:e5:76:d6:03:9a:42:0b:9b:b3:58:03:71:5b:42:5a:bd:f3:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Mar 12 12:54:43 2024 GMT
Not After : Mar 11 12:59:43 2025 GMT
Subject: CN=958D4465B728941B947630B8396D8411F8C2EF4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bb:03:13:76:ab:02:19:11:c6:e0:94:63:82:
32:77:af:b4:bb:17:a0:4b:ac:d3:27:d4:f0:d6:d0:
a4:13:0a:da:0a:b4:33:d3:fa:a8:e7:b4:6f:8d:42:
a1:9f:6b:dc:a3:ff:45:80:e7:1e:8f:15:80:9b:90:
d9:50:8f:e6:57:05:f8:4c:0f:8b:21:a0:27:09:5d:
c3:cc:7b:6a:73:b5:0d:ed:b0:d4:b4:23:09:de:e9:
15:7b:e5:1a:05:07:95:ae:82:f3:13:59:5b:9a:30:
88:77:ac:8b:eb:e7:2d:e9:44:4d:90:b4:d5:5a:82:
9e:2d:fd:a8:44:91:19:a3:e2:3c:56:3b:d6:77:d4:
95:56:8e:85:71:05:fd:1b:0a:f0:cf:3c:b3:1e:56:
b4:b8:01:7e:ef:3d:0b:fd:45:e0:15:5c:4a:6d:69:
d7:eb:74:e0:15:6f:71:4f:4a:c8:cf:cf:e0:3f:7e:
65:46:48:3f:c0:60:83:b5:92:fd:9c:6a:99:df:3a:
7c:3a:bd:bc:a9:c8:b3:7e:55:6f:c9:9b:22:3a:05:
6b:51:16:fc:c1:73:09:e3:83:eb:88:04:33:1f:df:
29:dc:ea:34:9c:42:b1:43:8d:70:96:10:f6:41:92:
93:3f:d5:ef:6d:d4:57:dc:eb:e2:aa:4c:d8:f7:95:
30:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:8D:44:65:B7:28:94:1B:94:76:30:B8:39:6D:84:11:F8:C2:EF:4D
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39342e302f32342d3234203d3e20333937343233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.94.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:d2:04:cf:bf:32:f6:f3:3c:f2:b1:a4:89:78:90:94:14:1b:
7a:37:fc:c5:c4:ed:21:3a:bd:fe:ec:ec:9a:74:f1:bd:fd:ab:
3e:47:a0:4c:f0:2d:70:cb:fb:08:3a:a9:88:c6:80:c2:94:2a:
89:bf:3d:95:59:7d:68:46:c1:10:da:b0:68:56:e4:9b:1e:3c:
66:4a:24:a6:d2:c4:f0:3b:ca:c4:f1:d7:00:2b:11:3d:20:0b:
a3:43:56:24:e6:0a:9a:90:d8:e2:64:a1:2d:5b:3f:fd:82:45:
b5:33:4b:c3:0c:eb:ac:2f:c6:38:eb:55:78:39:ea:01:35:cb:
c2:a7:0f:8c:dd:fd:19:79:8f:76:96:2c:be:d6:a1:b5:27:e0:
9a:99:12:e2:e3:42:ff:04:09:e2:7b:f0:74:b2:45:8a:7e:94:
e9:90:e9:47:a2:a2:a8:5e:c4:a2:f1:e1:78:41:71:25:08:6e:
59:f9:a0:c5:8e:b8:01:ac:78:22:75:6d:4b:10:cd:4f:aa:04:
fd:ff:b6:2a:65:9b:f2:bb:5b:c3:e3:1d:8a:49:e5:64:1f:84:
08:b5:7b:2b:a8:3a:ea:33:eb:b5:a5:d8:de:ab:f3:05:60:84:
cf:f0:27:9b:dd:2f:47:25:e4:83:2f:23:44:26:80:5a:6a:6a:
07:ea:9d:f5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUI47ldtYDmkILm7NYA3FbQlq980cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNDAzMTIxMjU0NDNaFw0yNTAzMTExMjU5NDNaMDMxMTAvBgNV
BAMTKDk1OEQ0NDY1QjcyODk0MUI5NDc2MzBCODM5NkQ4NDExRjhDMkVGNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuuwMTdqsCGRHG4JRjgjJ3r7S7
F6BLrNMn1PDW0KQTCtoKtDPT+qjntG+NQqGfa9yj/0WA5x6PFYCbkNlQj+ZXBfhM
D4shoCcJXcPMe2pztQ3tsNS0Iwne6RV75RoFB5WugvMTWVuaMIh3rIvr5y3pRE2Q
tNVagp4t/ahEkRmj4jxWO9Z31JVWjoVxBf0bCvDPPLMeVrS4AX7vPQv9ReAVXEpt
adfrdOAVb3FPSsjPz+A/fmVGSD/AYIO1kv2capnfOnw6vbypyLN+VW/JmyI6BWtR
FvzBcwnjg+uIBDMf3ync6jScQrFDjXCWEPZBkpM/1e9t1Ffc6+KqTNj3lTDbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUlY1EZbcolBuUdjC4OW2EEfjC700wHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjM0MzQyZTM5
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzczNDMyMzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC59F4wDQYJKoZIhvcNAQELBQADggEBAKDSBM+/MvbzPPKxpIl4kJQUG3o3/MXE
7SE6vf7s7Jp08b39qz5HoEzwLXDL+wg6qYjGgMKUKom/PZVZfWhGwRDasGhW5Jse
PGZKJKbSxPA7ysTx1wArET0gC6NDViTmCpqQ2OJkoS1bP/2CRbUzS8MM66wvxjjr
VXg56gE1y8KnD4zd/Rl5j3aWLL7WobUn4JqZEuLjQv8ECeJ78HSyRYp+lOmQ6Uei
oqhexKLx4XhBcSUIbln5oMWOuAGseCJ1bUsQzU+qBP3/tiplm/K7W8PjHYpJ5WQf
hAi1eyuoOuoz67Wl2N6r8wVghM/wJ5vdL0cl5IMvI0QmgFpqagfqnfU=
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:51 2024 by rpki-client on console-fra.rpki-client.org