Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3137352e35392e302f32342d3234203d3e203633343733.roa
File: 3138352e3137352e35392e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: /qXlDULe0gsnsyFE8TIQJ1ozLUjVPrWf6snw52P1YJc=
Subject key identifier: 2A:0E:36:15:AF:A8:D5:25:33:3C:CA:DB:2D:A9:1E:5D:29:96:F8:44
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 32AB95E79C70114D882354F641AA84F8E2095277
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3137352e35392e302f32342d3234203d3e203633343733.roa
Signing time: Wed 30 Oct 2024 14:05:22 +0000
ROA not before: Wed 30 Oct 2024 14:00:22 +0000
ROA not after: Wed 29 Oct 2025 14:05:22 +0000
asID: 63473
IP address blocks: 185.175.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:ab:95:e7:9c:70:11:4d:88:23:54:f6:41:aa:84:f8:e2:09:52:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Oct 30 14:00:22 2024 GMT
Not After : Oct 29 14:05:22 2025 GMT
Subject: CN=2A0E3615AFA8D525333CCADB2DA91E5D2996F844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:4f:1d:db:9e:75:f1:80:cc:ec:70:6d:20:e8:
b6:72:91:12:35:2a:b9:6e:0b:48:cc:e3:ec:fb:07:
3f:3a:e1:c8:22:db:7e:be:f2:ea:cd:4d:74:c8:c9:
46:25:34:a3:4e:98:ea:6b:6b:fb:52:89:b2:32:22:
c7:13:3e:7e:f9:ea:a0:c0:a0:e0:8d:4b:d7:b8:5b:
b0:2c:54:ed:ff:f5:e3:63:24:7c:41:99:67:ab:82:
27:95:9b:9f:e2:10:b8:6a:99:3b:59:86:61:30:08:
43:1d:ab:8e:85:6b:45:19:16:dd:e4:cf:22:33:b3:
1c:59:a8:d3:3a:a6:d9:59:18:ae:64:3a:c8:f5:5b:
da:24:67:14:11:c1:e1:f5:c5:90:eb:6f:5c:9c:9b:
ca:f8:bd:20:63:ef:b3:a6:ad:44:9b:2f:6a:55:6b:
7d:d9:cf:7a:5f:44:5d:91:36:b8:40:23:9f:7c:1f:
a5:17:a4:ba:7d:81:fd:75:cf:1f:92:be:fc:57:65:
7c:1a:a2:9e:93:ac:fa:b4:0c:1c:c5:90:89:e5:b9:
de:4b:76:fa:83:53:fd:98:23:ce:55:97:d1:2e:0c:
dc:24:2f:1d:70:4e:b8:a5:d4:81:8b:ab:9f:f3:d1:
04:5b:50:ba:62:c6:d2:7c:e8:b4:8d:b8:7f:69:e9:
e4:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0E:36:15:AF:A8:D5:25:33:3C:CA:DB:2D:A9:1E:5D:29:96:F8:44
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3137352e35392e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.59.0/24
Signature Algorithm: sha256WithRSAEncryption
65:fe:ba:ea:5e:a3:da:1e:2e:e5:c9:51:20:19:ee:0d:c3:40:
3f:56:0b:e2:9d:34:bf:69:41:09:c4:c5:e8:e6:12:51:fa:b1:
bf:1a:69:92:5a:dd:33:3a:37:5b:dd:df:90:6d:9d:aa:17:5c:
77:3a:4e:7b:ee:d8:e9:9c:e2:3d:4c:08:56:f1:de:c7:a8:ae:
fd:8e:b9:68:77:8b:65:2c:d9:b4:ec:30:7e:51:2b:2e:d3:d6:
ee:51:b9:7e:43:ee:ed:e6:f9:0a:05:bf:7c:52:90:f9:bb:1c:
6c:f6:82:d5:77:aa:30:51:e7:89:0d:ef:8d:e8:5b:00:ca:31:
78:40:42:fa:06:15:80:d7:03:18:e7:db:84:4b:95:21:45:97:
85:39:3b:6e:f0:de:18:06:07:3a:51:c7:ca:de:7d:aa:74:bd:
2f:87:18:00:6a:6f:e2:e9:b8:bd:2c:af:24:cf:f4:28:15:a9:
f3:0c:99:61:1d:1d:cc:f6:18:d5:39:70:88:bb:88:d0:c6:c3:
f4:27:f2:76:c8:c7:02:78:c5:3f:4d:33:7d:37:88:d6:9f:8e:
5b:1b:ca:14:3c:08:5f:73:86:60:a1:77:d0:45:19:66:16:b4:
32:e7:8c:11:e6:85:68:0c:d8:0c:47:27:4c:7a:ae:8c:62:14:
14:54:30:1b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMquV55xwEU2II1T2QaqE+OIJUncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDEwMzAxNDAwMjJaFw0yNTEwMjkxNDA1MjJaMDMxMTAvBgNV
BAMTKDJBMEUzNjE1QUZBOEQ1MjUzMzNDQ0FEQjJEQTkxRTVEMjk5NkY4NDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYTx3bnnXxgMzscG0g6LZykRI1
KrluC0jM4+z7Bz864cgi236+8urNTXTIyUYlNKNOmOpra/tSibIyIscTPn756qDA
oOCNS9e4W7AsVO3/9eNjJHxBmWergieVm5/iELhqmTtZhmEwCEMdq46Fa0UZFt3k
zyIzsxxZqNM6ptlZGK5kOsj1W9okZxQRweH1xZDrb1ycm8r4vSBj77OmrUSbL2pV
a33Zz3pfRF2RNrhAI598H6UXpLp9gf11zx+SvvxXZXwaop6TrPq0DBzFkInlud5L
dvqDU/2YI85Vl9EuDNwkLx1wTril1IGLq5/z0QRbULpixtJ86LSNuH9p6eTvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUKg42Fa+o1SUzPMrbLakeXSmW+EQwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMTM3MzUyZTM1
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ua87MA0GCSqGSIb3DQEBCwUAA4IBAQBl/rrqXqPaHi7lyVEgGe4Nw0A/VgvinTS/
aUEJxMXo5hJR+rG/GmmSWt0zOjdb3d+QbZ2qF1x3Ok577tjpnOI9TAhW8d7HqK79
jrlod4tlLNm07DB+USsu09buUbl+Q+7t5vkKBb98UpD5uxxs9oLVd6owUeeJDe+N
6FsAyjF4QEL6BhWA1wMY59uES5UhRZeFOTtu8N4YBgc6UcfK3n2qdL0vhxgAam/i
6bi9LK8kz/QoFanzDJlhHR3M9hjVOXCIu4jQxsP0J/J2yMcCeMU/TTN9N4jWn45b
G8oUPAhfc4ZgoXfQRRlmFrQy54wR5oVoDNgMRydMeq6MYhQUVDAb
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org