Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38352e302f32342d3234203d3e20313336373837.roa
File: 3138352e3136352e38352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: J3spaxlT5iP6QVCkVhD11/IQu3iPYygJfKB+JPtPeIM=
Subject key identifier: 6C:81:4B:3D:A0:E4:1D:31:F0:45:F5:7B:1A:90:63:BE:3D:BA:43:61
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 32BBE4672F202DD3135A9BA3E169DD66F7C45D36
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38352e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 12 Sep 2024 22:04:47 +0000
ROA not before: Thu 12 Sep 2024 21:59:47 +0000
ROA not after: Thu 11 Sep 2025 22:04:47 +0000
asID: 136787
IP address blocks: 185.165.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:bb:e4:67:2f:20:2d:d3:13:5a:9b:a3:e1:69:dd:66:f7:c4:5d:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Sep 12 21:59:47 2024 GMT
Not After : Sep 11 22:04:47 2025 GMT
Subject: CN=6C814B3DA0E41D31F045F57B1A9063BE3DBA4361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7d:d2:52:6c:f1:ca:fb:43:91:3c:4d:fe:5c:
a2:fa:96:9a:29:a1:bd:7c:3a:3a:23:16:9a:70:59:
81:56:05:93:5f:cf:97:aa:3e:39:0c:bb:6b:9d:37:
5d:8f:d8:75:f8:fa:1e:51:16:aa:8d:16:ab:33:c1:
28:66:5e:a0:06:28:f2:28:85:32:2f:6f:ef:bb:f5:
f9:4f:09:e3:88:31:e6:2c:ef:53:5a:09:29:6f:b4:
e7:81:a6:51:c5:e7:30:c9:0b:57:74:5a:45:35:f5:
00:d3:5d:c2:05:21:2e:b7:8f:f4:cd:be:64:0c:2e:
68:64:b9:ed:3d:55:c1:7f:3b:5e:41:26:3c:cc:8d:
f8:c0:3e:46:67:68:37:b4:85:a0:d7:b1:77:21:3d:
91:4e:af:fd:48:99:e7:43:e2:ff:c8:21:cc:34:13:
5f:b6:10:8c:d8:56:f0:ba:7d:83:3d:b5:1e:62:26:
88:8b:10:8b:22:2d:f0:42:58:c4:32:0d:90:4f:ce:
78:14:1b:e4:7a:84:58:bc:7d:71:b4:2c:84:dd:93:
ca:36:90:7b:f5:61:cf:90:25:52:0a:76:bb:68:d4:
15:41:7d:ad:10:4d:2a:00:bd:09:36:43:22:ad:ac:
de:e6:b1:88:2f:1d:8e:d9:b4:be:46:27:bc:38:20:
b8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:81:4B:3D:A0:E4:1D:31:F0:45:F5:7B:1A:90:63:BE:3D:BA:43:61
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.85.0/24
Signature Algorithm: sha256WithRSAEncryption
59:b6:a5:8c:69:7c:34:f0:2b:e3:ab:b6:32:57:28:31:a6:42:
b2:bb:f3:51:17:2a:15:7e:89:f5:55:aa:9a:9d:f7:eb:36:51:
dc:62:a6:c4:7c:75:6d:f6:ae:9a:a1:33:23:97:7f:50:8b:ac:
92:92:ba:b2:c7:78:7e:e3:5b:81:59:03:99:af:84:14:2e:f3:
2f:97:cd:35:c3:e5:72:4b:bc:77:5b:10:e7:09:8b:bb:0b:19:
ce:75:86:2d:8f:5d:9e:c4:f0:46:4c:8f:ea:5b:ed:6b:72:07:
fd:45:e2:5b:11:d4:07:e5:ba:95:0c:a8:62:ab:2f:3d:a9:e2:
9b:89:9a:f3:fd:96:51:01:69:34:e9:52:f1:7c:d2:0c:8a:08:
68:11:e8:bb:25:b9:0c:31:f2:7c:a2:aa:56:ef:b7:62:fb:2a:
52:62:11:64:ca:8b:4d:63:30:ee:94:35:2b:08:0b:d3:c9:4c:
16:21:db:1f:33:fb:16:c0:52:59:19:28:b5:52:b8:7e:08:32:
73:48:ec:23:ce:ce:1c:ea:3f:f6:0d:68:85:af:3f:a8:95:fe:
89:2f:0b:c2:c0:54:08:57:38:06:e5:38:3e:b6:6c:0b:55:d8:
09:60:53:28:e3:19:db:18:df:e3:67:60:3a:e5:89:cb:71:91:
d1:c4:e8:b6
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUMrvkZy8gLdMTWpuj4WndZvfEXTYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDA5MTIyMTU5NDdaFw0yNTA5MTEyMjA0NDdaMDMxMTAvBgNV
BAMTKDZDODE0QjNEQTBFNDFEMzFGMDQ1RjU3QjFBOTA2M0JFM0RCQTQzNjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkfdJSbPHK+0ORPE3+XKL6lpop
ob18OjojFppwWYFWBZNfz5eqPjkMu2udN12P2HX4+h5RFqqNFqszwShmXqAGKPIo
hTIvb++79flPCeOIMeYs71NaCSlvtOeBplHF5zDJC1d0WkU19QDTXcIFIS63j/TN
vmQMLmhkue09VcF/O15BJjzMjfjAPkZnaDe0haDXsXchPZFOr/1ImedD4v/IIcw0
E1+2EIzYVvC6fYM9tR5iJoiLEIsiLfBCWMQyDZBPzngUG+R6hFi8fXG0LITdk8o2
kHv1Yc+QJVIKdrto1BVBfa0QTSoAvQk2QyKtrN7msYgvHY7ZtL5GJ7w4ILirAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUbIFLPaDkHTHwRfV7GpBjvj26Q2EwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
NTJlMzgzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmlVTANBgkqhkiG9w0BAQsFAAOCAQEAWbaljGl8NPAr46u2MlcoMaZC
srvzURcqFX6J9VWqmp336zZR3GKmxHx1bfaumqEzI5d/UIuskpK6ssd4fuNbgVkD
ma+EFC7zL5fNNcPlcku8d1sQ5wmLuwsZznWGLY9dnsTwRkyP6lvta3IH/UXiWxHU
B+W6lQyoYqsvPanim4ma8/2WUQFpNOlS8XzSDIoIaBHouyW5DDHyfKKqVu+3Yvsq
UmIRZMqLTWMw7pQ1KwgL08lMFiHbHzP7FsBSWRkotVK4fggyc0jsI87OHOo/9g1o
ha8/qJX+iS8LwsBUCFc4BuU4PrZsC1XYCWBTKOMZ2xjf42dgOuWJy3GR0cTotg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org