Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3138352e3132342e302f32342d3234203d3e20323034313730.roa
File: 3138352e3138352e3132342e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: 2jghKay7jN3rUu5jDOnfVh0Apr4HnSHyFlMFtF+078w=
Subject key identifier: 11:7A:80:05:08:D1:E6:E9:A2:A8:8C:20:76:14:C1:D9:A0:39:BF:C9
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 2E5442A65D4E2567A6F85FAB1CC776F921821F32
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3138352e3132342e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 25 Jun 2024 21:47:14 +0000
ROA not before: Tue 25 Jun 2024 21:42:14 +0000
ROA not after: Tue 24 Jun 2025 21:47:14 +0000
asID: 204170
IP address blocks: 185.185.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:54:42:a6:5d:4e:25:67:a6:f8:5f:ab:1c:c7:76:f9:21:82:1f:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Jun 25 21:42:14 2024 GMT
Not After : Jun 24 21:47:14 2025 GMT
Subject: CN=117A800508D1E6E9A2A88C207614C1D9A039BFC9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e8:ed:09:41:43:c7:e2:a3:92:d9:35:53:70:
99:2b:98:d4:e4:7d:b1:a9:55:07:fb:0f:ef:fe:72:
7e:3a:50:8a:53:78:5e:58:ed:d5:19:e0:b8:dd:a0:
17:23:72:6e:8d:f7:7a:5e:c7:2a:4b:fe:7e:c5:10:
0f:55:f7:0b:ca:45:f8:76:2d:0d:47:e0:92:95:90:
a4:03:3c:ae:03:db:68:df:e2:a7:39:c3:06:2d:e8:
1b:f7:12:60:ad:5b:b5:bd:64:66:9f:59:a0:f0:cb:
ab:ee:bb:71:77:7b:b1:d3:f5:cb:f7:5e:14:1c:b1:
e8:32:34:be:fa:27:b6:c9:9c:fd:cf:bd:6a:7e:a6:
5b:ec:0a:f8:d6:fb:6a:07:a3:8a:ae:5d:2c:44:be:
29:a5:f4:ed:66:cc:87:95:db:08:23:b5:c4:be:ae:
cb:87:c0:97:c5:17:fb:78:bb:b5:7b:f5:21:23:6b:
ce:6c:6b:a7:63:29:55:ca:86:75:e3:31:6d:76:82:
cd:07:04:88:68:01:55:74:b4:a5:68:b4:5c:fa:2c:
75:33:20:4b:f2:9b:e2:79:b3:41:31:44:f0:b2:92:
2e:e1:79:50:b3:b5:93:d7:33:c0:85:e9:e1:9b:94:
ec:67:65:41:5a:09:55:9e:e8:0a:97:c6:62:33:9c:
00:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:7A:80:05:08:D1:E6:E9:A2:A8:8C:20:76:14:C1:D9:A0:39:BF:C9
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3138352e3132342e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.124.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:61:1f:ce:ef:b7:6a:d1:11:e4:2b:4d:2f:b2:5b:71:ea:e1:
60:a6:23:98:9e:ba:15:2e:36:f7:a8:75:58:68:92:af:db:70:
d5:2a:67:6d:93:55:94:25:3d:83:26:96:48:95:f6:02:56:2a:
08:18:aa:d8:0d:4a:7c:b1:00:8f:fb:7f:d6:df:cd:98:ba:4b:
dd:b7:3d:18:56:92:d5:ea:d5:55:8b:a5:78:93:eb:e7:f0:5d:
16:fd:19:25:6a:6f:94:f6:a1:09:ff:fd:ca:d2:44:cf:b3:d7:
3f:29:d0:8c:a1:09:0b:d4:22:f4:ad:4b:ee:4b:30:48:7b:d4:
d9:89:62:07:7a:82:ed:a8:79:2b:83:f0:a3:59:64:e7:ab:94:
6d:1c:5a:a0:66:65:b1:f1:ef:bb:1c:62:2b:f7:1b:08:1a:82:
7f:eb:5e:ae:d9:2a:e1:3d:27:9e:56:c3:78:63:66:02:9a:d1:
43:14:99:21:4b:87:ca:66:28:3e:1c:20:69:8c:7e:39:f6:33:
d2:7e:32:f0:d3:20:0b:80:07:fd:6e:91:87:ba:ea:54:8b:c0:
37:52:fd:85:ac:e6:5d:0f:e9:48:74:20:6a:8f:fa:89:60:60:
32:b8:dd:cc:72:99:e4:b9:7c:d8:dc:e5:52:d8:4f:5c:45:ae:
65:4f:19:7c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIULlRCpl1OJWem+F+rHMd2+SGCHzIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDA2MjUyMTQyMTRaFw0yNTA2MjQyMTQ3MTRaMDMxMTAvBgNV
BAMTKDExN0E4MDA1MDhEMUU2RTlBMkE4OEMyMDc2MTRDMUQ5QTAzOUJGQzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG6O0JQUPH4qOS2TVTcJkrmNTk
fbGpVQf7D+/+cn46UIpTeF5Y7dUZ4LjdoBcjcm6N93pexypL/n7FEA9V9wvKRfh2
LQ1H4JKVkKQDPK4D22jf4qc5wwYt6Bv3EmCtW7W9ZGafWaDwy6vuu3F3e7HT9cv3
XhQcsegyNL76J7bJnP3PvWp+plvsCvjW+2oHo4quXSxEviml9O1mzIeV2wgjtcS+
rsuHwJfFF/t4u7V79SEja85sa6djKVXKhnXjMW12gs0HBIhoAVV0tKVotFz6LHUz
IEvym+J5s0ExRPCyki7heVCztZPXM8CF6eGblOxnZUFaCVWe6AqXxmIznACDAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUEXqABQjR5umiqIwgdhTB2aA5v8kwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMTM4MzUyZTMx
MzIzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALm5fDANBgkqhkiG9w0BAQsFAAOCAQEATmEfzu+3atER5CtNL7JbcerhYKYj
mJ66FS4296h1WGiSr9tw1SpnbZNVlCU9gyaWSJX2AlYqCBiq2A1KfLEAj/t/1t/N
mLpL3bc9GFaS1erVVYuleJPr5/BdFv0ZJWpvlPahCf/9ytJEz7PXPynQjKEJC9Qi
9K1L7kswSHvU2YliB3qC7ah5K4Pwo1lk56uUbRxaoGZlsfHvuxxiK/cbCBqCf+te
rtkq4T0nnlbDeGNmAprRQxSZIUuHymYoPhwgaYx+OfYz0n4y8NMgC4AH/W6Rh7rq
VIvAN1L9hazmXQ/pSHQgao/6iWBgMrjdzHKZ5Ll82NzlUthPXEWuZU8ZfA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org