Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136322e34362e302f32342d3234203d3e20323031333431.roa
File: 3138352e3136322e34362e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: XXVf1l3Aamyu4Fk2yBBmidmRJO0o15X7QjaCANazwpA=
Subject key identifier: E8:BB:6E:25:3C:38:CC:D9:10:A2:78:D1:58:D6:E8:31:53:8E:81:DE
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 0C543BCB9B81CD49776DF05B08284D77C2491CC9
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136322e34362e302f32342d3234203d3e20323031333431.roa
Signing time: Mon 26 Feb 2024 08:53:44 +0000
ROA not before: Mon 26 Feb 2024 08:48:44 +0000
ROA not after: Mon 24 Feb 2025 08:53:44 +0000
asID: 201341
IP address blocks: 185.162.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:54:3b:cb:9b:81:cd:49:77:6d:f0:5b:08:28:4d:77:c2:49:1c:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Feb 26 08:48:44 2024 GMT
Not After : Feb 24 08:53:44 2025 GMT
Subject: CN=E8BB6E253C38CCD910A278D158D6E831538E81DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ef:61:d7:82:27:8a:41:e7:22:ba:0f:4f:df:
86:68:51:d1:65:9a:5d:da:af:3f:01:fa:43:10:6d:
e8:ec:78:da:72:66:f8:21:fb:29:fb:65:4b:c0:b5:
45:88:4e:db:46:0e:e3:67:9f:36:b2:44:79:9b:12:
03:e6:ab:ba:a2:b2:e3:e0:65:ad:f8:0b:b3:83:0b:
15:23:dc:95:b0:1e:19:cc:d7:bd:28:69:22:e9:f9:
78:74:d3:3a:36:93:32:02:11:89:ca:70:5c:b3:19:
44:bd:19:42:a2:1e:6b:90:94:01:de:0e:0c:44:2a:
50:10:12:09:79:38:f2:2f:c9:80:3b:fc:e7:cb:72:
89:d3:bb:86:34:dd:5f:cf:ba:ca:e1:73:b0:fa:22:
40:c5:b1:2c:8c:56:91:f6:57:fc:b6:42:50:0e:e7:
3c:a4:80:84:1a:c2:b9:81:fb:a5:fd:aa:12:7e:08:
a3:9a:56:a3:5f:8f:ff:da:e5:41:e9:95:31:fe:21:
1d:4c:75:cd:5d:4a:8a:d2:d1:fc:da:6c:d3:0a:dd:
3c:14:22:ae:0f:e3:ae:98:91:bf:a4:f8:88:a0:83:
56:6e:a2:21:70:d4:cf:6d:3d:2d:a9:20:7a:29:16:
3b:08:6b:11:b4:28:26:02:69:f9:6c:42:49:ba:7a:
0c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:BB:6E:25:3C:38:CC:D9:10:A2:78:D1:58:D6:E8:31:53:8E:81:DE
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136322e34362e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.46.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:ab:0f:f7:01:44:ef:1f:9a:87:35:81:fa:88:3f:df:4a:e9:
df:3c:01:d2:c4:dc:68:b5:ab:2f:73:e3:12:88:a6:56:ec:3f:
ec:d0:f1:cb:7c:25:eb:86:48:49:2f:44:6e:57:2c:a4:f4:df:
4c:d5:8e:d0:bd:ed:30:d4:47:85:69:d6:50:f7:5f:d5:64:b7:
ad:62:68:e4:f9:4e:41:8a:57:c6:74:0d:af:89:80:95:f2:64:
de:90:05:4b:de:1d:8d:73:0b:65:b3:0a:fd:d4:60:90:47:be:
91:76:00:ed:90:c7:97:16:d8:f5:b5:75:37:22:1d:6a:a7:80:
7a:0d:02:07:d7:be:8f:e2:78:c4:c7:ea:a2:0d:fb:3a:a3:65:
be:ab:bd:31:83:1a:53:07:dd:1d:70:a2:ef:96:ad:85:b2:59:
bc:87:1a:a8:6b:11:84:b0:f2:d8:58:36:0a:0b:53:de:e7:1f:
2e:ac:8d:84:58:1a:b9:25:85:ca:e2:8f:bc:46:06:56:e0:43:
e7:04:e7:98:ce:f3:b2:3a:f9:83:6a:04:61:49:bf:da:85:06:
e4:58:9a:39:cb:6e:ea:53:8c:7e:ce:db:13:5e:5e:c4:8b:ef:
c7:b9:c4:e0:f2:d8:7b:f4:a4:d0:76:76:36:d9:3d:14:a6:f1:
6c:3d:b4:9b
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUDFQ7y5uBzUl3bfBbCChNd8JJHMkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDAyMjYwODQ4NDRaFw0yNTAyMjQwODUzNDRaMDMxMTAvBgNV
BAMTKEU4QkI2RTI1M0MzOENDRDkxMEEyNzhEMTU4RDZFODMxNTM4RTgxREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH72HXgieKQeciug9P34ZoUdFl
ml3arz8B+kMQbejseNpyZvgh+yn7ZUvAtUWITttGDuNnnzayRHmbEgPmq7qisuPg
Za34C7ODCxUj3JWwHhnM170oaSLp+Xh00zo2kzICEYnKcFyzGUS9GUKiHmuQlAHe
DgxEKlAQEgl5OPIvyYA7/OfLconTu4Y03V/Pusrhc7D6IkDFsSyMVpH2V/y2QlAO
5zykgIQawrmB+6X9qhJ+CKOaVqNfj//a5UHplTH+IR1Mdc1dSorS0fzabNMK3TwU
Iq4P466Ykb+k+Iigg1ZuoiFw1M9tPS2pIHopFjsIaxG0KCYCaflsQkm6egyVAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU6LtuJTw4zNkQonjRWNboMVOOgd4wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
MjJlMzQzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMTMzMzQzMS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmiLjANBgkqhkiG9w0BAQsFAAOCAQEAi6sP9wFE7x+ahzWB+og/30rp
3zwB0sTcaLWrL3PjEoimVuw/7NDxy3wl64ZISS9EblcspPTfTNWO0L3tMNRHhWnW
UPdf1WS3rWJo5PlOQYpXxnQNr4mAlfJk3pAFS94djXMLZbMK/dRgkEe+kXYA7ZDH
lxbY9bV1NyIdaqeAeg0CB9e+j+J4xMfqog37OqNlvqu9MYMaUwfdHXCi75athbJZ
vIcaqGsRhLDy2Fg2CgtT3ucfLqyNhFgauSWFyuKPvEYGVuBD5wTnmM7zsjr5g2oE
YUm/2oUG5FiaOctu6lOMfs7bE15exIvvx7nE4PLYe/Sk0HZ2Ntk9FKbxbD20mw==
-----END CERTIFICATE-----
Generated at Sun Nov 24 19:54:02 2024 by rpki-client on console-fra.rpki-client.org