Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38352e302f32342d3234203d3e20313336373837.roa
File: 3138352e3136352e38352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 7g4OmaEa9XU8AI1nhk8elX7BiclVvOdH0pzO5ciDEDU=
Subject key identifier: 3B:29:F9:01:B2:63:6A:3D:3B:CE:EA:92:F9:E7:50:7D:95:D6:7C:93
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 50BCBC29C279EB323BBADB3239D374B95ADD1F8E
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38352e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 12 Oct 2023 21:14:22 +0000
ROA not before: Thu 12 Oct 2023 21:09:22 +0000
ROA not after: Thu 10 Oct 2024 21:14:22 +0000
asID: 136787
IP address blocks: 185.165.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:bc:bc:29:c2:79:eb:32:3b:ba:db:32:39:d3:74:b9:5a:dd:1f:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Oct 12 21:09:22 2023 GMT
Not After : Oct 10 21:14:22 2024 GMT
Subject: CN=3B29F901B2636A3D3BCEEA92F9E7507D95D67C93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c5:bd:30:f6:35:ba:3b:44:b8:b1:cf:4f:28:
42:3b:6c:bb:f2:40:98:93:44:5e:fe:36:91:9b:78:
6c:5b:62:56:9a:7f:3d:b9:85:81:15:e4:0a:d2:07:
58:50:e3:ee:a5:2c:90:82:52:9c:8a:73:41:39:42:
82:59:5c:9a:97:0b:94:17:7b:26:0c:2d:e8:41:2f:
09:83:27:08:61:cd:b9:bd:be:18:43:7e:5c:f6:18:
5d:fd:01:60:48:77:4e:e4:b4:f6:dd:dd:a5:d2:31:
8c:9e:2e:3e:1f:c4:0f:f9:09:fb:b0:73:e5:18:52:
7d:33:0b:03:7d:a6:bd:82:f4:4f:c0:cc:23:1d:51:
13:65:32:94:62:b4:a5:6a:a2:47:e3:3e:d7:d7:f9:
40:d7:3b:b1:5f:79:12:10:8d:e5:06:b5:58:f3:65:
13:d6:d0:df:26:61:e6:e9:05:f0:bc:d5:12:14:c3:
69:43:af:60:d4:81:e8:4c:0e:df:3f:9b:a1:1d:80:
9d:25:7c:ce:16:71:f8:41:c1:a4:fd:69:14:f4:23:
49:6b:d3:95:d3:f5:e3:26:cd:ef:ed:3f:2d:7c:52:
e5:1f:b8:26:9d:1a:08:c4:f0:8d:ba:cf:7b:99:2c:
dc:95:ae:39:b7:69:7f:45:da:3e:79:28:7d:70:6c:
ce:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:29:F9:01:B2:63:6A:3D:3B:CE:EA:92:F9:E7:50:7D:95:D6:7C:93
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.85.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:5a:77:67:31:be:07:df:9d:77:5d:c1:78:f2:30:b7:03:d5:
cc:7d:68:e0:2b:a7:9f:42:ea:00:b6:b2:7b:ce:12:0b:2a:18:
49:53:1e:88:98:20:cc:2c:06:ae:07:c0:15:78:85:aa:4a:11:
0f:8e:f0:6a:d0:01:00:f6:c9:b3:5b:ef:f2:50:45:0e:54:31:
33:1e:ec:9a:a1:64:3e:12:00:18:92:64:7d:d7:78:3e:e4:2e:
5f:51:44:e0:ad:7f:98:8d:5a:78:87:eb:ab:f5:93:2b:92:18:
54:c1:31:2f:70:1c:29:36:4d:06:9e:4b:d9:b9:6d:3b:35:43:
b4:ae:cc:42:2f:6f:f6:7e:59:58:b6:c8:57:ae:9b:dd:d0:03:
e7:a2:b6:1f:ed:cc:92:25:91:a5:95:6f:82:a6:25:d6:d7:5f:
37:5c:79:79:3d:4b:49:64:82:86:4a:d3:74:4f:d6:bd:eb:91:
69:09:5f:8b:a5:0d:e2:1e:59:ae:81:34:d6:03:90:e0:a0:85:
46:5b:bf:08:ab:d6:74:24:80:a8:ce:16:f2:1a:fe:ed:53:fe:
c6:de:58:a7:8e:77:05:bc:66:05:83:32:40:54:24:27:d5:4e:
41:8c:c1:fb:e4:73:6b:55:e0:56:2f:fa:62:ff:9d:f4:cd:be:
cf:ba:7a:8f
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUULy8KcJ56zI7utsyOdN0uVrdH44wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yMzEwMTIyMTA5MjJaFw0yNDEwMTAyMTE0MjJaMDMxMTAvBgNV
BAMTKDNCMjlGOTAxQjI2MzZBM0QzQkNFRUE5MkY5RTc1MDdEOTVENjdDOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMxb0w9jW6O0S4sc9PKEI7bLvy
QJiTRF7+NpGbeGxbYlaafz25hYEV5ArSB1hQ4+6lLJCCUpyKc0E5QoJZXJqXC5QX
eyYMLehBLwmDJwhhzbm9vhhDflz2GF39AWBId07ktPbd3aXSMYyeLj4fxA/5Cfuw
c+UYUn0zCwN9pr2C9E/AzCMdURNlMpRitKVqokfjPtfX+UDXO7FfeRIQjeUGtVjz
ZRPW0N8mYebpBfC81RIUw2lDr2DUgehMDt8/m6EdgJ0lfM4WcfhBwaT9aRT0I0lr
05XT9eMmze/tPy18UuUfuCadGgjE8I26z3uZLNyVrjm3aX9F2j55KH1wbM77AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUOyn5AbJjaj07zuqS+edQfZXWfJMwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
NTJlMzgzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmlVTANBgkqhkiG9w0BAQsFAAOCAQEA01p3ZzG+B9+dd13BePIwtwPV
zH1o4Cunn0LqALaye84SCyoYSVMeiJggzCwGrgfAFXiFqkoRD47watABAPbJs1vv
8lBFDlQxMx7smqFkPhIAGJJkfdd4PuQuX1FE4K1/mI1aeIfrq/WTK5IYVMExL3Ac
KTZNBp5L2bltOzVDtK7MQi9v9n5ZWLbIV66b3dAD56K2H+3MkiWRpZVvgqYl1tdf
N1x5eT1LSWSChkrTdE/WveuRaQlfi6UN4h5ZroE01gOQ4KCFRlu/CKvWdCSAqM4W
8hr+7VP+xt5Yp453BbxmBYMyQFQkJ9VOQYzB++Rza1XgVi/6Yv+d9M2+z7p6jw==
-----END CERTIFICATE-----
Generated at Tue May 7 21:04:26 2024 by rpki-client on console-fra.rpki-client.org