Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e203136353039.roa
File: 3138352e3234342e39352e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: bmSSNgWk8ixwZN9lpWw7U4gLkGs5JBUHKIDpICZCQwQ=
Subject key identifier: A0:43:EE:EC:2F:C5:03:E1:44:46:9F:44:7D:31:B5:BC:3E:FA:9E:4D
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 2B332D9CF06252481C431D6EB282180225FD8976
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e203136353039.roa
Signing time: Sat 09 Dec 2023 08:33:00 +0000
ROA not before: Sat 09 Dec 2023 08:28:00 +0000
ROA not after: Sat 07 Dec 2024 08:33:00 +0000
asID: 16509
IP address blocks: 185.244.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:33:2d:9c:f0:62:52:48:1c:43:1d:6e:b2:82:18:02:25:fd:89:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Dec 9 08:28:00 2023 GMT
Not After : Dec 7 08:33:00 2024 GMT
Subject: CN=A043EEEC2FC503E144469F447D31B5BC3EFA9E4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fc:7b:6f:2c:a2:d2:94:fe:d9:2f:69:28:9b:
e8:b1:31:a1:7a:1d:15:7d:22:32:db:32:cc:cf:f2:
de:8c:dd:0e:0a:e7:4a:e5:8c:0e:34:a0:2a:b7:d0:
9b:62:78:6d:98:ec:d6:8a:42:e2:0e:71:b7:cb:f3:
01:19:b9:60:00:91:9c:10:de:f4:b0:fa:97:71:13:
8e:2f:dc:09:ef:e8:cb:6e:9f:75:1d:34:8f:80:be:
5f:44:cd:81:ee:f8:03:71:eb:6c:f6:20:93:42:00:
80:b6:42:e7:8b:e1:a6:20:67:50:99:1a:60:5a:10:
98:90:d8:56:51:ec:ea:8c:76:f8:0b:a1:7f:3b:b9:
47:bb:0a:56:a3:c2:c9:d8:8a:7b:03:01:71:95:df:
f5:cf:83:43:91:9b:59:96:34:f7:69:e2:40:7b:f6:
cb:f2:72:b5:50:eb:e4:fd:7c:ad:fc:21:bb:d5:a5:
ca:8a:46:d3:50:6e:79:17:33:82:8a:5c:cc:c5:42:
f7:55:88:1c:58:97:07:00:38:18:26:c9:e1:d4:d8:
2f:c3:06:2e:8c:7b:27:03:9f:87:2b:f1:e3:27:86:
36:9d:52:e0:0f:2a:9f:63:37:ce:14:b1:c9:d8:36:
36:73:38:15:d5:43:70:60:44:52:c4:97:a6:70:89:
7e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:43:EE:EC:2F:C5:03:E1:44:46:9F:44:7D:31:B5:BC:3E:FA:9E:4D
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.95.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:d1:84:02:3c:0e:bc:0b:4f:8f:04:fb:32:e1:2e:85:a1:e2:
28:78:b8:38:6a:8c:22:77:0b:f1:d7:c4:c1:13:c1:7f:32:ff:
cc:af:97:de:b2:30:81:9d:cb:95:e5:4d:ec:92:0f:fa:b8:f3:
2c:36:98:4e:d3:df:56:66:39:5f:fc:5c:b2:b8:f6:5c:5d:f5:
f5:9e:52:db:da:7e:15:63:65:0d:e9:34:65:11:97:39:57:3e:
25:17:63:fe:90:18:be:fb:11:68:d7:cc:b5:b3:81:fe:f9:1d:
20:1f:ee:3f:03:a8:94:08:fb:ba:dc:30:e0:84:8c:4e:24:5c:
3a:15:08:47:d3:86:9f:fb:9a:59:17:f7:48:0c:77:6a:f7:2e:
34:30:a9:c2:94:d1:78:4b:85:19:a1:ef:aa:af:ca:fb:20:56:
ce:c7:5c:77:67:34:1f:9d:f0:a1:ff:83:ad:7d:ad:cd:e6:74:
14:54:0d:58:1d:6d:91:e4:79:53:e4:ef:3a:af:c7:95:2f:3c:
5a:60:97:1b:94:8a:c8:bb:53:77:8d:6d:b9:a1:08:be:c9:5b:
7e:25:25:b7:fc:a4:6b:ad:23:b4:74:3a:e2:cd:b8:1e:16:3f:
6d:37:39:38:0d:6b:09:8d:c1:cd:7b:d7:32:af:75:7e:95:fe:
fa:2d:94:69
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKzMtnPBiUkgcQx1usoIYAiX9iXYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzEyMDkwODI4MDBaFw0yNDEyMDcwODMzMDBaMDMxMTAvBgNV
BAMTKEEwNDNFRUVDMkZDNTAzRTE0NDQ2OUY0NDdEMzFCNUJDM0VGQTlFNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa/HtvLKLSlP7ZL2kom+ixMaF6
HRV9IjLbMszP8t6M3Q4K50rljA40oCq30JtieG2Y7NaKQuIOcbfL8wEZuWAAkZwQ
3vSw+pdxE44v3Anv6Mtun3UdNI+Avl9EzYHu+ANx62z2IJNCAIC2QueL4aYgZ1CZ
GmBaEJiQ2FZR7OqMdvgLoX87uUe7ClajwsnYinsDAXGV3/XPg0ORm1mWNPdp4kB7
9svycrVQ6+T9fK38IbvVpcqKRtNQbnkXM4KKXMzFQvdViBxYlwcAOBgmyeHU2C/D
Bi6MeycDn4cr8eMnhjadUuAPKp9jN84UscnYNjZzOBXVQ3BgRFLEl6ZwiX7VAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUoEPu7C/FA+FERp9EfTG1vD76nk0wHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjM0MzQyZTM5
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM2MzUzMDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ufRfMA0GCSqGSIb3DQEBCwUAA4IBAQBr0YQCPA68C0+PBPsy4S6FoeIoeLg4aowi
dwvx18TBE8F/Mv/Mr5fesjCBncuV5U3skg/6uPMsNphO099WZjlf/FyyuPZcXfX1
nlLb2n4VY2UN6TRlEZc5Vz4lF2P+kBi++xFo18y1s4H++R0gH+4/A6iUCPu63DDg
hIxOJFw6FQhH04af+5pZF/dIDHdq9y40MKnClNF4S4UZoe+qr8r7IFbOx1x3ZzQf
nfCh/4Otfa3N5nQUVA1YHW2R5HlT5O86r8eVLzxaYJcblIrIu1N3jW25oQi+yVt+
JSW3/KRrrSO0dDrizbgeFj9tNzk4DWsJjcHNe9cyr3V+lf76LZRp
-----END CERTIFICATE-----
Generated at Thu May 2 18:54:25 2024 by rpki-client on console-ams.rpki-client.org