Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3235312e32332e302f32342d3234203d3e20323030303137.roa
File: 3138352e3235312e32332e302f32342d3234203d3e20323030303137.roa (raw, json)
Hash identifier: TmHskL7d/CrETX7m67HlLoDlq/EzRgb25G7SpaoybUs=
Subject key identifier: 71:65:4C:1B:D7:2D:A3:02:AA:79:E0:F2:D7:54:98:A8:5B:59:64:F9
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 39588799A68EF307E7B3F408B115FE75C360059B
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3235312e32332e302f32342d3234203d3e20323030303137.roa
Signing time: Thu 09 Nov 2023 07:36:25 +0000
ROA not before: Thu 09 Nov 2023 07:31:25 +0000
ROA not after: Thu 07 Nov 2024 07:36:25 +0000
asID: 200017
IP address blocks: 185.251.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:58:87:99:a6:8e:f3:07:e7:b3:f4:08:b1:15:fe:75:c3:60:05:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Nov 9 07:31:25 2023 GMT
Not After : Nov 7 07:36:25 2024 GMT
Subject: CN=71654C1BD72DA302AA79E0F2D75498A85B5964F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:93:2b:b3:d4:32:50:cd:f4:d1:34:f5:d7:a6:
7d:7e:48:3e:a1:99:8a:f4:36:7d:1e:30:87:15:66:
6b:d5:f5:f8:64:78:95:90:0b:d7:09:cd:d4:78:76:
ca:82:11:16:4a:f0:c3:96:24:c6:a4:9c:1c:c0:5d:
2a:1a:0b:c9:38:53:f1:3d:e7:c0:e3:b5:33:ab:26:
2b:f9:71:10:df:6e:fc:ab:11:49:6b:1f:43:e0:66:
f3:15:7e:73:bf:7d:4a:df:0c:9a:1d:f9:f0:0c:91:
53:4b:56:5a:4b:ff:12:65:82:b7:45:3e:80:3b:02:
f1:88:05:59:26:26:b0:a6:e5:a3:58:2e:a5:a1:9d:
d6:ce:5c:6e:0a:20:20:1a:32:78:c1:09:01:ad:40:
d8:3d:c6:fe:c7:43:c1:cb:b4:5c:18:e0:49:76:58:
52:d6:83:92:e3:02:81:b4:b3:37:67:2a:e9:d7:fd:
29:92:07:de:20:26:ac:8d:d2:78:ad:57:8f:b8:31:
36:97:22:de:73:8c:b5:47:23:cc:86:db:10:82:c2:
b2:41:08:03:30:97:b1:e6:b9:87:86:4d:24:3d:94:
1a:8e:3c:ae:a6:da:f3:f7:6e:69:8f:fb:16:66:ce:
a3:5b:3c:d1:49:b9:fd:30:3e:70:63:e8:9d:f5:f4:
0f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:65:4C:1B:D7:2D:A3:02:AA:79:E0:F2:D7:54:98:A8:5B:59:64:F9
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3235312e32332e302f32342d3234203d3e20323030303137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.23.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:b8:78:61:15:81:bf:0a:26:9c:c0:4b:b5:76:e9:e4:94:45:
0f:c0:1b:08:18:99:73:8d:fa:b3:6e:62:5a:bf:96:35:9a:2a:
e1:70:57:ad:07:9f:19:2a:fe:6d:43:10:f4:48:bc:4e:fa:86:
b6:1f:77:7f:4f:4e:3d:01:ca:61:43:d8:5d:70:cf:ea:ec:38:
91:af:47:cc:f2:68:9b:24:c7:81:86:54:69:7f:17:51:95:f5:
19:a2:22:12:0c:75:cf:8d:17:b4:60:52:6e:35:39:45:dd:c2:
42:15:07:58:c6:52:49:85:d0:9d:b1:f1:b7:a2:37:8b:41:3f:
e1:a4:a4:cb:8a:31:54:e6:38:82:e2:ef:5b:6c:42:7b:b6:7c:
30:33:fc:d2:b9:fd:d1:0e:dc:17:18:af:40:c9:42:0f:02:a8:
b6:8d:1c:c8:6d:f9:e0:fe:86:e8:63:5c:fa:07:1c:b6:2c:ae:
49:28:da:f4:a8:c8:02:78:d4:a4:c2:f4:e3:76:db:8d:d6:b1:
c8:b8:37:14:d0:85:82:0f:1b:5a:9f:11:63:ce:05:9c:6e:ba:
1d:46:20:cc:8a:d7:2c:f2:5a:34:37:9e:b3:93:d8:ba:3f:ae:
5e:fe:4a:cb:63:6d:0f:5e:70:bb:c0:ab:cd:1a:0e:5d:37:44:
bf:a5:4c:83
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOViHmaaO8wfns/QIsRX+dcNgBZswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yMzExMDkwNzMxMjVaFw0yNDExMDcwNzM2MjVaMDMxMTAvBgNV
BAMTKDcxNjU0QzFCRDcyREEzMDJBQTc5RTBGMkQ3NTQ5OEE4NUI1OTY0RjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChkyuz1DJQzfTRNPXXpn1+SD6h
mYr0Nn0eMIcVZmvV9fhkeJWQC9cJzdR4dsqCERZK8MOWJMaknBzAXSoaC8k4U/E9
58DjtTOrJiv5cRDfbvyrEUlrH0PgZvMVfnO/fUrfDJod+fAMkVNLVlpL/xJlgrdF
PoA7AvGIBVkmJrCm5aNYLqWhndbOXG4KICAaMnjBCQGtQNg9xv7HQ8HLtFwY4El2
WFLWg5LjAoG0szdnKunX/SmSB94gJqyN0nitV4+4MTaXIt5zjLVHI8yG2xCCwrJB
CAMwl7HmuYeGTSQ9lBqOPK6m2vP3bmmP+xZmzqNbPNFJuf0wPnBj6J319A/dAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUcWVMG9ctowKqeeDy11SYqFtZZPkwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzODM1MmUzMjM1MzEyZTMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzAzMDMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5+xcwDQYJKoZIhvcNAQELBQADggEBAFq4eGEVgb8KJpzAS7V26eSURQ/AGwgY
mXON+rNuYlq/ljWaKuFwV60Hnxkq/m1DEPRIvE76hrYfd39PTj0BymFD2F1wz+rs
OJGvR8zyaJskx4GGVGl/F1GV9RmiIhIMdc+NF7RgUm41OUXdwkIVB1jGUkmF0J2x
8beiN4tBP+GkpMuKMVTmOILi71tsQnu2fDAz/NK5/dEO3BcYr0DJQg8CqLaNHMht
+eD+huhjXPoHHLYsrkko2vSoyAJ41KTC9ON2243Wsci4NxTQhYIPG1qfEWPOBZxu
uh1GIMyK1yzyWjQ3nrOT2Lo/rl7+SstjbQ9ecLvAq80aDl03RL+lTIM=
-----END CERTIFICATE-----
Generated at Fri May 17 11:31:41 2024 by rpki-client on console-fra.rpki-client.org