Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3137352e35372e302f32342d3234203d3e203633343733.roa
File: 3138352e3137352e35372e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: AWXgjB6Qmk+vzFoUAgvQQGu8aZZdpe5RH3GlHOFnF/k=
Subject key identifier: 67:5A:30:7C:94:81:0D:A8:65:15:6F:4F:18:86:7D:05:83:EC:76:D5
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 3C96AB062A4FFF9183A4B027FDBDDA81AED0A134
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3137352e35372e302f32342d3234203d3e203633343733.roa
Signing time: Mon 04 Dec 2023 09:34:40 +0000
ROA not before: Mon 04 Dec 2023 09:29:40 +0000
ROA not after: Mon 02 Dec 2024 09:34:40 +0000
asID: 63473
IP address blocks: 185.175.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 May 2024 02:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:96:ab:06:2a:4f:ff:91:83:a4:b0:27:fd:bd:da:81:ae:d0:a1:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Dec 4 09:29:40 2023 GMT
Not After : Dec 2 09:34:40 2024 GMT
Subject: CN=675A307C94810DA865156F4F18867D0583EC76D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:18:e7:cb:2e:01:10:8c:77:dc:2b:9c:cf:8a:
69:97:bf:6c:21:dc:72:b8:28:80:ad:21:0d:e3:23:
d5:22:ba:7a:87:cf:5d:bf:33:ac:1d:54:e1:0a:37:
fa:56:22:fb:a2:d1:39:e5:59:28:1e:fd:aa:6d:ab:
51:a5:51:7b:32:d2:97:34:f4:dd:13:f8:fe:8b:3c:
cf:dd:77:a4:e2:e5:c2:9d:f1:b8:88:c2:c9:90:32:
63:f4:d0:ec:e8:19:2c:38:c2:1f:0d:6a:8a:d0:90:
cf:b5:09:11:fa:4b:93:8a:ca:38:8b:a2:2b:bc:c6:
e9:87:c4:8e:63:01:6e:b6:a9:a5:26:ed:c8:ae:1c:
fe:ea:50:a4:0d:bc:25:f5:46:d9:85:fa:bd:57:1c:
9f:10:ca:d5:ca:55:02:d3:27:c1:f0:fc:fb:5e:8d:
89:d7:70:aa:b7:2f:98:57:51:fc:e1:1e:b9:0d:c6:
ec:59:84:cd:da:e5:0c:db:cf:26:65:67:d8:c5:3d:
50:a8:a8:79:1e:04:1e:d8:3e:75:e4:9a:2c:71:15:
be:e2:91:90:3c:2d:2a:23:df:d9:c3:96:75:ad:3e:
eb:1c:ae:13:99:58:2b:e7:33:67:fd:c6:fa:c2:e9:
79:63:e5:04:90:1b:c2:7c:87:83:64:5e:25:4c:d4:
04:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:5A:30:7C:94:81:0D:A8:65:15:6F:4F:18:86:7D:05:83:EC:76:D5
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3137352e35372e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.57.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:06:72:11:4f:20:84:ee:1a:dd:73:e8:41:f4:0b:3e:f8:49:
68:fc:a3:fe:62:be:bd:a4:fb:8a:83:a1:1c:f6:83:23:6b:3c:
92:cb:7c:47:26:ac:18:e2:31:57:09:d8:9b:ce:39:e2:38:9f:
49:2e:8a:95:ed:07:40:a9:6c:29:e3:6c:fe:f4:fc:6e:36:0d:
52:18:be:4d:f4:f0:00:e8:ef:a4:1f:9b:a7:e3:f8:fa:89:fd:
91:63:92:7b:2e:5d:40:b5:d9:73:83:7b:aa:52:55:76:ce:a2:
ac:a5:99:41:df:92:7b:18:57:9e:44:62:81:52:6c:d3:e5:a6:
fe:21:72:1a:04:ef:a8:13:6d:c0:d3:d3:ac:5c:fe:7b:45:22:
0e:6b:04:e2:14:dc:1a:d3:4a:eb:25:00:da:e8:e5:ae:f2:11:
72:a5:8f:ef:e6:5f:be:9d:39:7a:70:67:8a:bb:fb:a9:50:ee:
3b:1f:84:08:1e:42:38:12:87:b5:de:d8:42:97:05:b6:94:d4:
70:9f:51:b1:0c:d6:a1:a2:c5:28:54:50:2f:3d:e2:ae:35:e6:
88:03:9a:aa:56:3c:94:2e:b9:f4:d2:45:e5:6e:a2:e2:0d:35:
49:e5:3e:0d:5c:8b:f3:41:1c:e9:63:21:cf:c9:ee:23:96:79:
88:2b:e5:30
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPJarBipP/5GDpLAn/b3aga7QoTQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yMzEyMDQwOTI5NDBaFw0yNDEyMDIwOTM0NDBaMDMxMTAvBgNV
BAMTKDY3NUEzMDdDOTQ4MTBEQTg2NTE1NkY0RjE4ODY3RDA1ODNFQzc2RDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdGOfLLgEQjHfcK5zPimmXv2wh
3HK4KICtIQ3jI9UiunqHz12/M6wdVOEKN/pWIvui0TnlWSge/aptq1GlUXsy0pc0
9N0T+P6LPM/dd6Ti5cKd8biIwsmQMmP00OzoGSw4wh8NaorQkM+1CRH6S5OKyjiL
oiu8xumHxI5jAW62qaUm7ciuHP7qUKQNvCX1RtmF+r1XHJ8QytXKVQLTJ8Hw/Pte
jYnXcKq3L5hXUfzhHrkNxuxZhM3a5QzbzyZlZ9jFPVCoqHkeBB7YPnXkmixxFb7i
kZA8LSoj39nDlnWtPuscrhOZWCvnM2f9xvrC6Xlj5QSQG8J8h4NkXiVM1ASRAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUZ1owfJSBDahlFW9PGIZ9BYPsdtUwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMTM3MzUyZTM1
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ua85MA0GCSqGSIb3DQEBCwUAA4IBAQALBnIRTyCE7hrdc+hB9As++Elo/KP+Yr69
pPuKg6Ec9oMjazySy3xHJqwY4jFXCdibzjniOJ9JLoqV7QdAqWwp42z+9PxuNg1S
GL5N9PAA6O+kH5un4/j6if2RY5J7Ll1Atdlzg3uqUlV2zqKspZlB35J7GFeeRGKB
UmzT5ab+IXIaBO+oE23A09OsXP57RSIOawTiFNwa00rrJQDa6OWu8hFypY/v5l++
nTl6cGeKu/upUO47H4QIHkI4Eoe13thClwW2lNRwn1GxDNahosUoVFAvPeKuNeaI
A5qqVjyULrn00kXlbqLiDTVJ5T4NXIvzQRzpYyHPye4jlnmIK+Uw
-----END CERTIFICATE-----
Generated at Mon May 27 10:17:49 2024 by rpki-client on console-ams.rpki-client.org