Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38372e302f32342d3234203d3e20313336373837.roa
File: 3138352e3136352e38372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Kv4PwzbsWerOFaXUMXpyyPSMoboEcIHU31pejUilSM0=
Subject key identifier: FF:63:6D:F1:66:8A:8C:80:C2:3A:81:FB:19:FC:BE:90:94:FE:D2:E2
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 2FE87A3072E2E27EC1A70D729402B06DDEBDC5F3
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38372e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 12 Oct 2023 21:14:37 +0000
ROA not before: Thu 12 Oct 2023 21:09:37 +0000
ROA not after: Thu 10 Oct 2024 21:14:37 +0000
asID: 136787
IP address blocks: 185.165.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:e8:7a:30:72:e2:e2:7e:c1:a7:0d:72:94:02:b0:6d:de:bd:c5:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Oct 12 21:09:37 2023 GMT
Not After : Oct 10 21:14:37 2024 GMT
Subject: CN=FF636DF1668A8C80C23A81FB19FCBE9094FED2E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e8:c6:6e:a5:75:4a:fc:d9:8c:cb:b4:ee:c5:
44:b5:f8:a0:a7:94:51:52:2a:8f:29:1e:e3:8f:7b:
e9:f8:6a:4f:66:7f:8c:03:f5:9c:05:0e:c4:bf:7a:
da:a8:1c:4b:dc:c8:b9:17:3c:d1:e8:bc:f7:04:0d:
57:5b:44:11:48:0a:6a:02:be:e1:54:6b:80:9b:9c:
5c:f1:fe:fb:f8:32:b9:63:6c:f1:f9:b4:9b:3b:e1:
0c:f4:35:f8:57:6e:a3:d0:91:89:60:6b:82:d3:4f:
7a:20:57:fc:22:2d:23:af:c6:6a:a3:3f:40:99:10:
ea:26:95:c4:cb:31:22:5e:18:75:46:64:8d:1d:a9:
93:d8:20:69:51:35:01:78:37:7c:50:44:2d:ba:8f:
dd:5f:20:13:6d:b5:ec:d7:4f:01:07:cd:13:1e:ac:
0c:c5:64:aa:54:87:99:4b:60:aa:a3:58:6b:78:6d:
be:d0:32:a9:51:1d:da:8d:14:f8:fb:94:81:0c:ae:
b4:a4:15:e6:f1:b0:97:24:57:e4:83:86:e7:0f:79:
c5:ae:35:32:ab:8f:ce:33:a8:61:20:bc:d0:d3:f8:
87:60:d0:ed:eb:0d:85:68:c3:08:d4:68:21:86:2f:
c7:bd:b8:c6:aa:6a:e8:43:58:7f:9e:82:18:67:cf:
a1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:63:6D:F1:66:8A:8C:80:C2:3A:81:FB:19:FC:BE:90:94:FE:D2:E2
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.87.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:b5:e8:aa:17:86:8f:f5:34:06:3b:d9:9e:19:b0:2a:72:b6:
5c:1b:a3:5a:06:2f:68:d1:e9:c6:d0:76:7e:89:04:66:a9:b1:
2a:32:44:e9:76:10:11:f3:89:c1:bb:5d:d7:8b:c7:07:9c:93:
84:b7:ca:3b:da:b0:6e:79:2f:aa:37:c7:67:8a:1e:0e:63:3b:
3f:c7:c3:a3:00:6c:b2:67:50:8a:02:9d:32:c8:29:60:94:4c:
fd:e7:69:75:ad:30:f4:0e:d3:dc:7f:96:49:03:b5:df:0c:ab:
27:81:47:71:ed:70:b4:9c:5c:dc:9a:91:0c:1b:2a:16:b8:7f:
bd:2e:ad:f2:68:b4:0a:8c:8c:91:96:c4:38:c9:b5:c2:d9:23:
d8:ca:77:f3:39:93:52:ac:fd:ff:35:c7:49:ac:a7:e5:de:10:
4e:7f:77:ac:3f:e1:ca:de:3e:8b:f8:00:62:72:62:37:ac:fc:
85:47:67:0d:10:91:e5:fc:a0:3f:99:b6:98:37:10:e2:fa:b1:
a3:f5:eb:c1:ee:6e:c4:35:64:70:61:da:a3:aa:52:88:8c:4a:
df:38:b7:d7:0b:77:4e:f8:36:67:93:e6:e1:73:56:27:92:da:
0f:e7:66:e1:cc:f1:77:05:bf:90:ec:58:52:47:3d:1f:fd:b3:
0a:24:93:0c
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUL+h6MHLi4n7Bpw1ylAKwbd69xfMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yMzEwMTIyMTA5MzdaFw0yNDEwMTAyMTE0MzdaMDMxMTAvBgNV
BAMTKEZGNjM2REYxNjY4QThDODBDMjNBODFGQjE5RkNCRTkwOTRGRUQyRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD6MZupXVK/NmMy7TuxUS1+KCn
lFFSKo8pHuOPe+n4ak9mf4wD9ZwFDsS/etqoHEvcyLkXPNHovPcEDVdbRBFICmoC
vuFUa4CbnFzx/vv4MrljbPH5tJs74Qz0NfhXbqPQkYlga4LTT3ogV/wiLSOvxmqj
P0CZEOomlcTLMSJeGHVGZI0dqZPYIGlRNQF4N3xQRC26j91fIBNttezXTwEHzRMe
rAzFZKpUh5lLYKqjWGt4bb7QMqlRHdqNFPj7lIEMrrSkFebxsJckV+SDhucPecWu
NTKrj84zqGEgvNDT+Idg0O3rDYVowwjUaCGGL8e9uMaqauhDWH+eghhnz6FJAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU/2Nt8WaKjIDCOoH7Gfy+kJT+0uIwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
NTJlMzgzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmlVzANBgkqhkiG9w0BAQsFAAOCAQEAPrXoqheGj/U0BjvZnhmwKnK2
XBujWgYvaNHpxtB2fokEZqmxKjJE6XYQEfOJwbtd14vHB5yThLfKO9qwbnkvqjfH
Z4oeDmM7P8fDowBssmdQigKdMsgpYJRM/edpda0w9A7T3H+WSQO13wyrJ4FHce1w
tJxc3JqRDBsqFrh/vS6t8mi0CoyMkZbEOMm1wtkj2Mp38zmTUqz9/zXHSayn5d4Q
Tn93rD/hyt4+i/gAYnJiN6z8hUdnDRCR5fygP5m2mDcQ4vqxo/Xrwe5uxDVkcGHa
o6pSiIxK3zi31wt3Tvg2Z5Pm4XNWJ5LaD+dm4czxdwW/kOxYUkc9H/2zCiSTDA==
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:23 2024 by rpki-client on console-fra.rpki-client.org