Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38362e302f32342d3234203d3e20313336373837.roa
File: 3138352e3136352e38362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: faDcquo7YbFHA/Nlo/5j74PRldY2XwokY7fiF9+2lH0=
Subject key identifier: 7B:84:E6:4F:92:D3:AE:60:93:CE:3C:8D:0C:8A:05:A7:4C:5C:7B:4D
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 3E0551335DDFD03A4888625B7D00FD48A117269F
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38362e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 11 Jun 2023 11:01:37 +0000
ROA not before: Sun 11 Jun 2023 10:56:37 +0000
ROA not after: Sun 09 Jun 2024 11:01:37 +0000
asID: 136787
IP address blocks: 185.165.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:05:51:33:5d:df:d0:3a:48:88:62:5b:7d:00:fd:48:a1:17:26:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 11 10:56:37 2023 GMT
Not After : Jun 9 11:01:37 2024 GMT
Subject: CN=7B84E64F92D3AE6093CE3C8D0C8A05A74C5C7B4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:23:68:44:7c:93:6c:5a:96:fa:d6:17:51:d3:
77:ab:bf:c8:94:ce:69:14:d6:09:a6:6c:87:25:53:
9b:e7:b1:86:13:81:3e:a5:31:a3:d2:47:ce:f2:b2:
d7:b6:7e:ea:ca:f9:76:cf:8a:9c:fc:ab:b7:ca:87:
2a:ea:f2:9f:c6:fe:7e:a3:1a:b7:0a:c2:fc:c0:43:
b0:fd:ad:9d:36:ef:e5:c8:a2:9a:ea:68:d3:d7:ef:
5d:79:82:3d:18:66:0e:52:6b:4e:43:a7:c6:5a:0c:
02:94:88:97:d2:4c:2c:3c:8b:73:e7:46:14:d3:bd:
39:58:1e:23:43:25:b1:01:96:d4:6d:4e:5c:89:b5:
a5:4d:29:34:64:f5:ec:8d:78:2e:7c:78:03:03:7c:
8b:ba:19:a0:49:0c:8c:c5:3d:f7:b7:2d:ce:f0:94:
fc:e1:aa:bd:0e:af:2a:28:59:30:46:5d:35:74:bf:
c3:15:2f:33:c9:c3:41:7c:ba:b8:08:f6:60:84:de:
b7:24:91:dc:ff:d0:d5:07:74:1e:d3:fd:56:ab:69:
6d:9c:f6:9f:d8:a9:ea:a1:f8:66:40:87:61:57:9a:
14:4e:b0:56:cd:cc:21:4d:31:1f:ef:42:f3:6c:06:
7b:9e:19:88:b1:02:1a:32:31:d1:b1:85:d3:ac:4e:
b7:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:84:E6:4F:92:D3:AE:60:93:CE:3C:8D:0C:8A:05:A7:4C:5C:7B:4D
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.86.0/24
Signature Algorithm: sha256WithRSAEncryption
82:9e:5b:41:2e:27:d1:2d:64:5c:4e:c0:89:3b:e2:79:89:5c:
db:af:09:67:af:bb:ec:61:9e:0e:74:0b:e0:8c:08:38:fb:c7:
e8:53:1b:89:6a:87:7e:bb:9f:09:44:fa:66:59:98:fa:2c:7a:
0f:ca:1c:36:f0:44:61:ab:0b:4e:7a:0d:22:ed:52:c6:4f:7c:
d5:84:19:74:4f:c4:3d:fd:41:a2:41:93:a9:40:1b:07:c8:11:
11:83:12:d7:a9:35:8f:80:c8:fc:a6:0e:41:5b:0c:52:2a:5f:
cd:28:0e:a3:8a:7e:38:d6:a7:f1:26:76:d8:3d:ac:89:16:3c:
aa:f7:a9:53:bc:2c:40:0d:c5:c6:aa:52:4d:f9:9c:c3:02:29:
1d:33:91:8c:25:3a:cb:84:06:e9:d7:04:d6:bb:61:d8:8c:c5:
ee:49:72:10:41:7d:7a:58:d0:e9:9d:9b:1c:9b:0a:75:82:85:
97:1e:bf:85:7e:f7:12:88:d2:df:e6:36:c5:45:8d:30:10:47:
f8:af:fc:9e:42:a8:f2:77:be:25:b4:ff:7e:9c:07:5a:50:0d:
f6:5a:dd:92:98:26:4c:34:92:b6:30:51:01:d8:ca:1e:58:1c:
9f:e1:c1:69:eb:9d:39:0a:52:c3:2c:d0:2b:49:1e:46:84:d3:
be:1d:fe:5f
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUPgVRM13f0DpIiGJbfQD9SKEXJp8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yMzA2MTExMDU2MzdaFw0yNDA2MDkxMTAxMzdaMDMxMTAvBgNV
BAMTKDdCODRFNjRGOTJEM0FFNjA5M0NFM0M4RDBDOEEwNUE3NEM1QzdCNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8I2hEfJNsWpb61hdR03erv8iU
zmkU1gmmbIclU5vnsYYTgT6lMaPSR87yste2furK+XbPipz8q7fKhyrq8p/G/n6j
GrcKwvzAQ7D9rZ027+XIoprqaNPX7115gj0YZg5Sa05Dp8ZaDAKUiJfSTCw8i3Pn
RhTTvTlYHiNDJbEBltRtTlyJtaVNKTRk9eyNeC58eAMDfIu6GaBJDIzFPfe3Lc7w
lPzhqr0OryooWTBGXTV0v8MVLzPJw0F8urgI9mCE3rckkdz/0NUHdB7T/VaraW2c
9p/Yqeqh+GZAh2FXmhROsFbNzCFNMR/vQvNsBnueGYixAhoyMdGxhdOsTrdfAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUe4TmT5LTrmCTzjyNDIoFp0xce00wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
NTJlMzgzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmlVjANBgkqhkiG9w0BAQsFAAOCAQEAgp5bQS4n0S1kXE7AiTvieYlc
268JZ6+77GGeDnQL4IwIOPvH6FMbiWqHfrufCUT6ZlmY+ix6D8ocNvBEYasLTnoN
Iu1Sxk981YQZdE/EPf1BokGTqUAbB8gREYMS16k1j4DI/KYOQVsMUipfzSgOo4p+
ONan8SZ22D2siRY8qvepU7wsQA3FxqpSTfmcwwIpHTORjCU6y4QG6dcE1rth2IzF
7klyEEF9eljQ6Z2bHJsKdYKFlx6/hX73EojS3+Y2xUWNMBBH+K/8nkKo8ne+JbT/
fpwHWlAN9lrdkpgmTDSStjBRAdjKHlgcn+HBaeudOQpSwyzQK0keRoTTvh3+Xw==
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:23 2024 by rpki-client on console-fra.rpki-client.org