Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3137352e35372e302f32342d3234203d3e203633343733.roa
File: 3138352e3137352e35372e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: zNY63wEFEKJk721EYXJJSVc43odUdq5zSI0kQ9SGtRM=
Subject key identifier: C2:F3:18:A7:64:1D:63:5C:E0:2E:4E:20:44:49:65:01:93:EB:11:03
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 6A9FCE4CE990E4152056A17F34D95E4C6925B889
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3137352e35372e302f32342d3234203d3e203633343733.roa
Signing time: Mon 04 Nov 2024 10:05:25 +0000
ROA not before: Mon 04 Nov 2024 10:00:25 +0000
ROA not after: Mon 03 Nov 2025 10:05:25 +0000
asID: 63473
IP address blocks: 185.175.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:9f:ce:4c:e9:90:e4:15:20:56:a1:7f:34:d9:5e:4c:69:25:b8:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Nov 4 10:00:25 2024 GMT
Not After : Nov 3 10:05:25 2025 GMT
Subject: CN=C2F318A7641D635CE02E4E204449650193EB1103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:18:81:c6:95:4e:63:32:b4:1c:9d:95:ac:3f:
a0:78:f2:0f:47:10:1d:b1:7c:a1:10:42:0e:c2:32:
2e:bc:1e:0f:7b:99:72:42:43:7d:82:1e:71:b2:41:
14:9e:34:77:6e:2e:92:a9:3d:2e:41:c1:00:32:9c:
9b:9e:86:51:d3:15:22:c4:51:6f:91:50:6b:c9:34:
d6:35:6e:f5:ea:2c:e3:9f:36:31:58:94:52:0e:a5:
5a:e9:00:1f:e5:0b:34:5d:0f:f7:ec:9e:30:b6:9e:
b1:81:a9:a6:52:14:59:42:7e:76:c0:c2:23:14:86:
12:fe:c9:d9:83:3f:1c:ce:9e:c5:70:0d:7f:3e:b5:
ba:57:ed:d9:b7:ac:a0:f9:16:c2:86:e8:0f:0b:47:
27:8d:e5:0d:8c:f1:8d:26:91:bd:80:bc:c1:40:63:
2c:35:32:2a:21:21:cc:0a:89:e8:c7:6c:a4:fd:dc:
98:c8:61:e7:c9:31:33:12:dd:c5:73:f2:dc:a3:89:
1d:cd:9a:9e:df:25:62:15:e2:90:4d:b4:17:9f:f1:
83:f0:4b:c0:42:60:37:ce:09:13:13:32:07:84:bb:
ff:4c:ca:fd:b8:1d:a7:1a:f6:6d:bf:16:01:46:8e:
51:d6:c3:87:5a:67:0e:31:06:e4:1d:50:70:e0:16:
64:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:F3:18:A7:64:1D:63:5C:E0:2E:4E:20:44:49:65:01:93:EB:11:03
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3137352e35372e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.57.0/24
Signature Algorithm: sha256WithRSAEncryption
63:5e:98:8e:ca:f4:29:45:86:7b:2e:ff:79:89:4c:07:91:c8:
9b:3a:ec:d8:7a:7b:84:57:33:8c:1a:43:51:09:f5:4a:14:50:
a2:b3:8d:42:71:91:6c:bf:e5:42:c2:52:06:6b:b4:ac:a8:0a:
07:12:7f:9b:f0:16:ac:dc:13:09:3a:75:f0:65:9a:77:79:1b:
fa:ee:81:92:44:67:9b:9e:d5:92:5f:ec:9d:44:bc:27:b8:69:
29:86:43:a2:0a:e9:42:28:25:13:ad:0e:64:2e:3b:ef:e9:96:
3c:a6:27:82:68:b6:c6:64:0b:63:6c:37:6d:b8:d0:7d:bb:9f:
e3:53:a4:5a:20:fa:19:20:58:5b:f2:3c:b7:58:51:c2:b2:b4:
54:ae:15:18:6d:63:e5:5f:c7:d4:84:01:e4:6d:f7:e2:46:9a:
5b:b5:9d:cc:2d:3e:cd:1d:03:43:47:6d:6d:10:62:1c:22:0a:
95:53:78:54:7f:12:5c:ff:8b:86:e7:84:a1:06:cc:4a:4d:38:
cf:96:67:1a:86:dc:46:95:c0:75:2b:fc:41:b3:4b:be:03:85:
63:c9:d6:1b:ec:7f:d9:f2:0c:f8:0f:d6:0f:ce:dc:b8:b7:51:
68:43:47:35:26:69:f3:32:a4:f6:a9:3f:c4:89:d3:a2:2d:2d:
21:d3:6b:91
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUap/OTOmQ5BUgVqF/NNleTGkluIkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDExMDQxMDAwMjVaFw0yNTExMDMxMDA1MjVaMDMxMTAvBgNV
BAMTKEMyRjMxOEE3NjQxRDYzNUNFMDJFNEUyMDQ0NDk2NTAxOTNFQjExMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzGIHGlU5jMrQcnZWsP6B48g9H
EB2xfKEQQg7CMi68Hg97mXJCQ32CHnGyQRSeNHduLpKpPS5BwQAynJuehlHTFSLE
UW+RUGvJNNY1bvXqLOOfNjFYlFIOpVrpAB/lCzRdD/fsnjC2nrGBqaZSFFlCfnbA
wiMUhhL+ydmDPxzOnsVwDX8+tbpX7dm3rKD5FsKG6A8LRyeN5Q2M8Y0mkb2AvMFA
Yyw1MiohIcwKiejHbKT93JjIYefJMTMS3cVz8tyjiR3Nmp7fJWIV4pBNtBef8YPw
S8BCYDfOCRMTMgeEu/9Myv24Haca9m2/FgFGjlHWw4daZw4xBuQdUHDgFmS5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUwvMYp2QdY1zgLk4gREllAZPrEQMwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMTM3MzUyZTM1
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ua85MA0GCSqGSIb3DQEBCwUAA4IBAQBjXpiOyvQpRYZ7Lv95iUwHkcibOuzYenuE
VzOMGkNRCfVKFFCis41CcZFsv+VCwlIGa7SsqAoHEn+b8Bas3BMJOnXwZZp3eRv6
7oGSRGebntWSX+ydRLwnuGkphkOiCulCKCUTrQ5kLjvv6ZY8pieCaLbGZAtjbDdt
uNB9u5/jU6RaIPoZIFhb8jy3WFHCsrRUrhUYbWPlX8fUhAHkbffiRppbtZ3MLT7N
HQNDR21tEGIcIgqVU3hUfxJc/4uG54ShBsxKTTjPlmcahtxGlcB1K/xBs0u+A4Vj
ydYb7H/Z8gz4D9YPzty4t1FoQ0c1JmnzMqT2qT/EidOiLS0h02uR
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org