Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e203136353039.roa
File: 3138352e3234342e39352e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: 7MRl2ndToXr+/Nwpi0fWFQSP/EKXsP73R/4IMWd5dgM=
Subject key identifier: 07:71:46:65:26:E2:39:CF:98:69:F7:BE:18:8C:3B:C4:09:4E:0C:E6
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 4CA005C3902DC32317EC620679A272DFA844ABB0
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e203136353039.roa
Signing time: Sat 09 Nov 2024 08:43:27 +0000
ROA not before: Sat 09 Nov 2024 08:38:27 +0000
ROA not after: Sat 08 Nov 2025 08:43:27 +0000
asID: 16509
IP address blocks: 185.244.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:a0:05:c3:90:2d:c3:23:17:ec:62:06:79:a2:72:df:a8:44:ab:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Nov 9 08:38:27 2024 GMT
Not After : Nov 8 08:43:27 2025 GMT
Subject: CN=0771466526E239CF9869F7BE188C3BC4094E0CE6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:89:60:f8:e1:70:f4:20:d8:3a:42:25:d9:d9:
1f:f6:d3:5a:0e:53:d1:07:3a:66:46:51:3d:ca:47:
60:43:e6:a6:4d:1b:6d:d6:f0:fb:48:79:6e:70:03:
bc:a4:1d:ec:49:55:0f:49:f2:70:ec:34:79:4f:5f:
4f:80:8a:a7:05:3f:9e:b0:7e:42:af:22:66:7f:18:
c3:fe:61:21:f7:ea:2e:85:23:c4:22:e9:f1:fa:57:
47:30:b4:d1:3d:33:41:72:86:b3:28:e9:db:f3:bc:
e4:fd:e1:56:41:f7:cf:d0:a6:01:60:75:c0:9c:3e:
3a:36:e8:d3:e0:ce:c0:fa:bf:27:4b:b3:f4:5c:b4:
57:4f:2b:fe:7f:04:5f:74:9c:72:e5:93:9b:5b:bc:
8b:09:f6:06:29:7b:9f:bb:86:a2:af:b0:ea:92:85:
b1:c7:57:55:8b:23:a2:b5:2f:53:a6:b4:db:67:40:
46:38:25:77:41:e5:c0:13:6e:57:69:e4:f4:15:0a:
e2:f5:12:d0:f9:68:c4:f5:dd:6b:73:e8:f4:11:0c:
66:33:32:0a:fe:18:62:d7:ea:91:7e:3d:2e:0d:d7:
80:28:50:cf:60:4b:fe:c2:ad:78:02:08:4a:68:82:
96:68:8a:19:db:27:a3:b1:e8:21:32:8d:38:13:bd:
62:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:71:46:65:26:E2:39:CF:98:69:F7:BE:18:8C:3B:C4:09:4E:0C:E6
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.95.0/24
Signature Algorithm: sha256WithRSAEncryption
15:74:f7:d5:d9:95:d2:62:ac:f3:dd:a9:ba:fe:c0:48:11:de:
ee:01:04:a4:00:cc:fc:5c:c0:cc:e4:0f:f2:9c:57:ed:8e:cf:
1e:95:ac:26:9d:a1:3f:e8:99:c6:52:37:35:e8:ab:90:26:c2:
3a:59:1e:a8:a2:df:6f:83:9c:1b:09:7e:8a:83:fe:1d:e0:8d:
4c:44:66:c2:d4:1c:6d:21:a0:99:86:9d:10:67:de:cd:60:50:
80:93:8a:48:90:ce:36:21:0a:a9:34:32:c2:1c:8d:e0:23:ad:
cf:9c:e3:f6:06:99:23:d0:e1:a2:eb:6d:1c:53:48:98:a2:01:
43:5e:65:9d:45:e0:dd:74:29:4d:6b:ee:f4:61:a5:50:68:c9:
94:c0:5e:53:b0:21:4e:33:95:3a:99:69:ac:93:6b:eb:16:2a:
ad:02:5b:da:53:41:ab:39:bb:8b:87:58:ce:21:7c:cf:02:ff:
ee:9e:e5:09:b2:1b:c0:d3:09:0b:3c:bc:3f:5f:02:39:e7:7b:
e8:34:1f:86:25:11:d2:d7:7d:ba:5d:40:82:3a:bc:4c:81:cc:
53:e9:9c:90:14:39:f5:37:7b:82:98:49:5c:7f:05:fe:12:ad:
c7:35:ea:79:30:2e:64:f6:7d:1f:5d:4f:60:4c:89:3c:ed:a7:
17:07:a4:15
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTKAFw5AtwyMX7GIGeaJy36hEq7AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNDExMDkwODM4MjdaFw0yNTExMDgwODQzMjdaMDMxMTAvBgNV
BAMTKDA3NzE0NjY1MjZFMjM5Q0Y5ODY5RjdCRTE4OEMzQkM0MDk0RTBDRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdiWD44XD0INg6QiXZ2R/201oO
U9EHOmZGUT3KR2BD5qZNG23W8PtIeW5wA7ykHexJVQ9J8nDsNHlPX0+AiqcFP56w
fkKvImZ/GMP+YSH36i6FI8Qi6fH6V0cwtNE9M0FyhrMo6dvzvOT94VZB98/QpgFg
dcCcPjo26NPgzsD6vydLs/RctFdPK/5/BF90nHLlk5tbvIsJ9gYpe5+7hqKvsOqS
hbHHV1WLI6K1L1OmtNtnQEY4JXdB5cATbldp5PQVCuL1EtD5aMT13Wtz6PQRDGYz
Mgr+GGLX6pF+PS4N14AoUM9gS/7CrXgCCEpogpZoihnbJ6Ox6CEyjTgTvWKbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUB3FGZSbiOc+Yafe+GIw7xAlODOYwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjM0MzQyZTM5
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM2MzUzMDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ufRfMA0GCSqGSIb3DQEBCwUAA4IBAQAVdPfV2ZXSYqzz3am6/sBIEd7uAQSkAMz8
XMDM5A/ynFftjs8elawmnaE/6JnGUjc16KuQJsI6WR6oot9vg5wbCX6Kg/4d4I1M
RGbC1BxtIaCZhp0QZ97NYFCAk4pIkM42IQqpNDLCHI3gI63PnOP2Bpkj0OGi620c
U0iYogFDXmWdReDddClNa+70YaVQaMmUwF5TsCFOM5U6mWmsk2vrFiqtAlvaU0Gr
ObuLh1jOIXzPAv/unuUJshvA0wkLPLw/XwI553voNB+GJRHS1326XUCCOrxMgcxT
6ZyQFDn1N3uCmElcfwX+Eq3HNep5MC5k9n0fXU9gTIk87acXB6QV
-----END CERTIFICATE-----
Generated at Sun Nov 24 13:50:23 2024 by rpki-client on console-fra.rpki-client.org