Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3137352e35362e302f32342d3234203d3e203633343733.roa
File: 3138352e3137352e35362e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: PlKyZ69dNH00YOXlE98hFMbNbcXrNKCTcnkheOOHDiA=
Subject key identifier: 4A:49:FF:60:9A:8A:6F:28:81:2D:FC:B9:B4:EF:09:5C:8B:4D:89:92
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 2E03506EB914C5ED7A682EC790E52FFB28000E7B
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3137352e35362e302f32342d3234203d3e203633343733.roa
Signing time: Mon 04 Nov 2024 10:05:26 +0000
ROA not before: Mon 04 Nov 2024 10:00:26 +0000
ROA not after: Mon 03 Nov 2025 10:05:26 +0000
asID: 63473
IP address blocks: 185.175.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:03:50:6e:b9:14:c5:ed:7a:68:2e:c7:90:e5:2f:fb:28:00:0e:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Nov 4 10:00:26 2024 GMT
Not After : Nov 3 10:05:26 2025 GMT
Subject: CN=4A49FF609A8A6F28812DFCB9B4EF095C8B4D8992
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:be:28:b7:a7:00:09:da:c2:81:d9:19:5c:6e:
37:dd:5c:20:79:d3:46:68:11:45:35:f3:5d:41:f2:
f4:89:7e:88:2b:28:5c:61:42:23:b7:f5:fe:d9:7f:
39:32:ec:c8:3c:6f:61:b9:5b:3b:cf:a7:0d:fe:c1:
f8:75:9f:f8:81:52:8b:24:c8:19:bd:d4:14:d1:6e:
f8:5f:c6:ed:9c:3d:3c:42:a5:f3:3b:e6:71:91:12:
41:b0:0d:80:60:30:eb:15:79:76:8f:6c:38:e1:cc:
87:f7:0d:e3:4c:b6:fa:4e:08:99:45:77:e1:3e:1f:
57:23:43:71:34:d7:81:95:2e:b4:5e:2f:a0:de:07:
59:a6:8c:0b:2f:06:94:7c:53:78:25:cb:85:06:b8:
89:c9:24:90:2d:e0:9c:3e:38:66:99:c4:79:9c:7e:
56:8a:43:fb:d2:dc:cb:a1:40:d5:ed:2a:9e:1d:ab:
54:a0:47:a9:04:3f:bf:c0:94:7a:66:10:61:a9:72:
a0:e7:09:5e:3f:44:60:66:fd:19:c3:48:69:5b:0e:
1a:69:d2:77:4f:1f:b4:cb:45:88:c7:e9:52:cd:f4:
91:1e:dc:64:34:d1:c2:db:2f:33:8b:ab:f5:ac:5c:
33:d6:e6:6e:60:4a:9b:e8:ab:ca:96:f1:41:f3:b4:
f7:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:49:FF:60:9A:8A:6F:28:81:2D:FC:B9:B4:EF:09:5C:8B:4D:89:92
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3137352e35362e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.56.0/24
Signature Algorithm: sha256WithRSAEncryption
93:f3:d5:9c:61:b8:d0:41:47:e9:37:44:6d:8e:68:65:f4:cb:
27:fc:51:12:14:97:f8:15:e7:6a:4f:32:0e:1b:95:e3:a0:e8:
cc:f0:f6:a4:43:76:12:3e:4c:9e:10:18:28:c0:50:03:8c:12:
69:d4:ab:36:cb:f3:b7:99:91:42:d7:a5:6d:2e:cc:0d:cc:48:
83:a2:06:de:49:0c:56:95:14:a3:15:f1:c5:fa:fd:f8:6a:88:
76:c1:d4:38:4d:c8:43:a2:cf:4b:9f:2f:5e:2f:8e:e1:da:47:
cc:de:dd:a2:40:5c:8b:77:b1:33:aa:99:6b:a1:35:a3:e2:4f:
3d:bd:c6:fc:5f:90:1c:e7:25:de:87:cd:5a:e3:4d:aa:7a:82:
e1:80:96:b4:9b:c8:da:a3:dd:d3:9a:70:4a:c7:ea:7f:f7:06:
31:59:3f:b5:21:86:92:b3:eb:d3:f8:b0:2d:67:4e:ea:81:20:
b3:97:cf:77:7f:9e:ba:ed:2b:3e:77:fc:34:c3:e9:f3:cf:7f:
64:ab:69:d6:8e:8f:6a:56:46:1e:e6:7c:97:c1:ed:8c:1e:b2:
a6:a4:37:55:d6:2b:fe:75:d6:28:0c:db:2f:1b:08:35:6d:86:
94:22:53:2a:28:80:83:cd:04:02:28:b7:33:5d:33:6f:4a:93:
a4:b2:07:3a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULgNQbrkUxe16aC7HkOUv+ygADnswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDExMDQxMDAwMjZaFw0yNTExMDMxMDA1MjZaMDMxMTAvBgNV
BAMTKDRBNDlGRjYwOUE4QTZGMjg4MTJERkNCOUI0RUYwOTVDOEI0RDg5OTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClvii3pwAJ2sKB2RlcbjfdXCB5
00ZoEUU1811B8vSJfogrKFxhQiO39f7Zfzky7Mg8b2G5WzvPpw3+wfh1n/iBUosk
yBm91BTRbvhfxu2cPTxCpfM75nGREkGwDYBgMOsVeXaPbDjhzIf3DeNMtvpOCJlF
d+E+H1cjQ3E014GVLrReL6DeB1mmjAsvBpR8U3gly4UGuInJJJAt4Jw+OGaZxHmc
flaKQ/vS3MuhQNXtKp4dq1SgR6kEP7/AlHpmEGGpcqDnCV4/RGBm/RnDSGlbDhpp
0ndPH7TLRYjH6VLN9JEe3GQ00cLbLzOLq/WsXDPW5m5gSpvoq8qW8UHztPf/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUSkn/YJqKbyiBLfy5tO8JXItNiZIwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMTM3MzUyZTM1
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ua84MA0GCSqGSIb3DQEBCwUAA4IBAQCT89WcYbjQQUfpN0Rtjmhl9Msn/FESFJf4
FedqTzIOG5XjoOjM8PakQ3YSPkyeEBgowFADjBJp1Ks2y/O3mZFC16VtLswNzEiD
ogbeSQxWlRSjFfHF+v34aoh2wdQ4TchDos9Lny9eL47h2kfM3t2iQFyLd7Ezqplr
oTWj4k89vcb8X5Ac5yXeh81a402qeoLhgJa0m8jao93TmnBKx+p/9wYxWT+1IYaS
s+vT+LAtZ07qgSCzl893f5667Ss+d/w0w+nzz39kq2nWjo9qVkYe5nyXwe2MHrKm
pDdV1iv+ddYoDNsvGwg1bYaUIlMqKICDzQQCKLczXTNvSpOksgc6
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:44 2024 by rpki-client on console-ams.rpki-client.org