Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3137352e35382e302f32342d3234203d3e203633343733.roa
File: 3138352e3137352e35382e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: hY1dbjKxq0C4bFOduZT5obn3Dpg4G+fCPOHyHUP3v18=
Subject key identifier: 71:03:10:2E:D3:DA:73:06:4B:10:3B:EF:E5:BB:69:08:14:02:38:48
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 5CD5B615AEBF74750BEAEC35430F212892508A26
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3137352e35382e302f32342d3234203d3e203633343733.roa
Signing time: Wed 30 Oct 2024 14:05:22 +0000
ROA not before: Wed 30 Oct 2024 14:00:22 +0000
ROA not after: Wed 29 Oct 2025 14:05:22 +0000
asID: 63473
IP address blocks: 185.175.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:d5:b6:15:ae:bf:74:75:0b:ea:ec:35:43:0f:21:28:92:50:8a:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Oct 30 14:00:22 2024 GMT
Not After : Oct 29 14:05:22 2025 GMT
Subject: CN=7103102ED3DA73064B103BEFE5BB690814023848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9c:55:6f:f4:24:78:69:ad:89:5f:ac:06:99:
c5:32:46:8c:1f:91:23:c1:a3:70:6c:f9:8a:7b:be:
6e:a9:b0:b2:37:e9:b1:2f:39:9c:c7:76:f0:59:b1:
12:b2:f0:cb:6d:6f:59:38:b8:fb:76:ac:92:6c:20:
b8:ee:72:3d:82:0e:3d:8d:0e:6e:7b:43:93:76:63:
ab:81:23:6c:57:54:dd:ae:13:a5:3d:60:e9:ea:5a:
2b:52:85:fa:50:89:1b:7b:86:43:86:d0:b9:6e:13:
d0:b0:b0:84:03:29:c5:68:dd:2e:e6:09:41:bd:6e:
14:05:33:16:02:68:cb:7b:d3:ed:50:27:b2:54:a5:
ac:e6:1b:ca:2d:f7:66:8d:45:ac:00:7f:21:65:07:
5d:a1:1d:79:a5:22:9b:c5:27:19:b2:08:7b:3c:6a:
22:3e:6f:75:91:49:e6:07:16:64:da:77:c1:35:52:
b3:b7:4b:93:5b:ab:6a:dd:3e:90:19:b8:7a:eb:4a:
64:19:33:63:03:9e:6c:a9:5a:8f:23:e1:6a:57:ba:
f7:c8:a9:ae:4b:27:a6:a7:e8:33:9f:c7:fc:cc:9c:
0e:cb:d8:84:60:d7:dd:29:b4:cd:35:5d:b5:ac:aa:
f2:bc:ae:fc:df:71:e1:5d:f0:38:1c:35:8e:e1:8f:
ef:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:03:10:2E:D3:DA:73:06:4B:10:3B:EF:E5:BB:69:08:14:02:38:48
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3137352e35382e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.58.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:94:7a:0f:86:05:74:37:65:4c:4d:9a:4c:e8:ad:12:1a:e6:
4b:1e:5d:44:d4:1b:9b:52:dd:b1:a9:7b:b4:cb:55:46:0f:c4:
cd:4b:26:7f:5f:9b:d1:f6:e5:1b:1e:ec:6d:7b:10:0f:61:3d:
03:47:fd:c6:c5:fe:91:52:b6:cd:89:e4:0b:a3:fa:a6:78:d6:
7b:58:a1:8a:4c:58:71:1d:fe:2e:56:19:1c:25:97:b1:23:e0:
dc:28:d2:3d:01:40:41:25:e2:09:d8:9e:1c:c5:8e:93:00:73:
ac:50:3f:2b:55:b3:42:60:f2:25:f1:36:82:e5:e2:72:75:1a:
05:a8:ba:0c:8f:ac:5f:23:92:e5:4b:c8:50:a8:8a:d5:67:80:
fc:d1:c3:40:aa:2d:38:3a:9c:ee:a7:3f:2e:56:44:81:a8:e9:
20:51:9d:de:ed:71:b7:78:dd:94:89:0d:3d:d3:bd:73:fc:cb:
9c:09:e8:6e:b4:c3:68:03:e7:68:54:99:35:44:aa:cd:f0:cd:
b8:d7:98:2a:66:02:54:5e:c1:94:4c:ce:34:26:86:a6:0e:a7:
f6:3e:ba:73:04:11:ac:3e:26:1f:4b:6a:18:e2:d7:c8:8f:99:
b7:f6:20:08:16:d6:ae:e3:00:eb:17:49:7e:52:5f:6e:7c:db:
d7:f9:ba:b5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXNW2Fa6/dHUL6uw1Qw8hKJJQiiYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDEwMzAxNDAwMjJaFw0yNTEwMjkxNDA1MjJaMDMxMTAvBgNV
BAMTKDcxMDMxMDJFRDNEQTczMDY0QjEwM0JFRkU1QkI2OTA4MTQwMjM4NDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKnFVv9CR4aa2JX6wGmcUyRowf
kSPBo3Bs+Yp7vm6psLI36bEvOZzHdvBZsRKy8Mttb1k4uPt2rJJsILjucj2CDj2N
Dm57Q5N2Y6uBI2xXVN2uE6U9YOnqWitShfpQiRt7hkOG0LluE9CwsIQDKcVo3S7m
CUG9bhQFMxYCaMt70+1QJ7JUpazmG8ot92aNRawAfyFlB12hHXmlIpvFJxmyCHs8
aiI+b3WRSeYHFmTad8E1UrO3S5Nbq2rdPpAZuHrrSmQZM2MDnmypWo8j4WpXuvfI
qa5LJ6an6DOfx/zMnA7L2IRg190ptM01XbWsqvK8rvzfceFd8DgcNY7hj+/1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUcQMQLtPacwZLEDvv5btpCBQCOEgwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMTM3MzUyZTM1
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ua86MA0GCSqGSIb3DQEBCwUAA4IBAQCxlHoPhgV0N2VMTZpM6K0SGuZLHl1E1Bub
Ut2xqXu0y1VGD8TNSyZ/X5vR9uUbHuxtexAPYT0DR/3Gxf6RUrbNieQLo/qmeNZ7
WKGKTFhxHf4uVhkcJZexI+DcKNI9AUBBJeIJ2J4cxY6TAHOsUD8rVbNCYPIl8TaC
5eJydRoFqLoMj6xfI5LlS8hQqIrVZ4D80cNAqi04Opzupz8uVkSBqOkgUZ3e7XG3
eN2UiQ09071z/MucCehutMNoA+doVJk1RKrN8M2415gqZgJUXsGUTM40JoamDqf2
PrpzBBGsPiYfS2oY4tfIj5m39iAIFtau4wDrF0l+Ul9ufNvX+bq1
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:44 2024 by rpki-client on console-ams.rpki-client.org