Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3138352e3132352e302f32342d3234203d3e20323034313730.roa
File: 3138352e3138352e3132352e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: pDS+I2C1Cl/LQjXPOGai4fNZATcibHdlW2IQwWwHc4c=
Subject key identifier: 34:E4:89:75:87:E3:75:6B:19:47:6C:8B:59:43:69:59:F2:54:09:D9
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 1A8FB4FFEB9C2702472FC4816A2FE36F03882907
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3138352e3132352e302f32342d3234203d3e20323034313730.roa
Signing time: Mon 26 Feb 2024 08:53:34 +0000
ROA not before: Mon 26 Feb 2024 08:48:34 +0000
ROA not after: Mon 24 Feb 2025 08:53:34 +0000
asID: 204170
IP address blocks: 185.185.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:8f:b4:ff:eb:9c:27:02:47:2f:c4:81:6a:2f:e3:6f:03:88:29:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Feb 26 08:48:34 2024 GMT
Not After : Feb 24 08:53:34 2025 GMT
Subject: CN=34E4897587E3756B19476C8B59436959F25409D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:94:e7:b5:3e:8c:ac:b4:5d:6c:4a:1e:78:aa:
1e:ce:33:18:16:c4:88:d3:ba:2f:af:02:7a:c0:62:
4d:7f:bf:cf:ee:c5:96:1d:62:f3:ef:e2:a2:7a:ab:
73:ba:92:a9:fd:3b:3e:f3:a8:5e:9d:3f:58:be:46:
6c:8c:a4:48:e7:41:a0:a5:40:d0:fe:45:b7:d1:ba:
b0:ba:2b:b4:82:c7:3e:be:66:ef:94:32:21:e0:0e:
57:40:da:f5:48:07:1d:3f:8c:09:91:bc:3b:54:a7:
d4:89:5e:09:27:75:84:db:d4:0d:76:0d:d2:a1:f2:
16:c4:44:db:01:e1:4e:d5:fd:51:44:2d:81:7e:74:
67:cd:e9:f6:96:4b:29:6d:e0:06:b9:76:24:28:c9:
cc:aa:c4:97:69:96:01:c9:5b:d2:2a:c8:64:bd:65:
b6:ff:0f:01:7c:c4:7e:71:8a:23:67:40:40:d0:74:
57:14:05:19:6c:94:82:c3:89:ea:f2:fd:aa:0b:2a:
20:13:a9:15:b2:de:bf:8c:12:af:84:9b:a1:0b:b3:
da:91:45:22:d8:20:9f:3c:75:0f:1b:ca:c5:de:a9:
92:f5:5f:ff:b0:4b:8c:15:22:58:ea:a7:42:ab:60:
3e:64:df:24:ea:d8:2a:72:f6:36:63:80:52:7c:7a:
5b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E4:89:75:87:E3:75:6B:19:47:6C:8B:59:43:69:59:F2:54:09:D9
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3138352e3132352e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.125.0/24
Signature Algorithm: sha256WithRSAEncryption
61:9b:74:3e:ce:21:71:4e:4e:bc:c9:76:71:2d:4a:65:da:42:
20:4b:5e:cd:9a:01:8d:ce:14:2f:15:30:72:d5:79:b1:07:e5:
05:6a:3a:aa:3d:d2:a4:a7:7b:54:37:1a:7f:95:f0:f0:ce:02:
5a:d3:7d:18:10:d0:4d:ce:00:5d:30:f7:ce:f5:7e:5b:05:72:
18:e5:09:13:ff:29:18:4a:bc:5a:9a:03:d4:a3:89:23:55:34:
92:67:14:3a:ab:f8:80:b1:85:d7:89:ba:a1:ff:66:b2:9d:6d:
7b:d6:02:40:14:09:71:bd:09:6e:e5:45:fc:08:e9:d8:c9:86:
da:36:a0:f8:75:84:c6:6b:97:c4:fb:cf:b1:05:a4:7a:20:91:
74:ed:b3:8a:01:95:58:ab:0e:58:d9:cb:86:2c:bc:14:4d:29:
fb:89:8a:7d:63:08:fa:ce:5c:0f:16:f5:fa:4e:76:57:e6:b8:
05:11:e4:ac:ce:77:2d:3e:ed:f0:94:d5:7d:a6:85:ab:91:96:
20:2e:bc:27:5c:f6:42:df:1a:59:aa:b6:bd:c4:24:bc:89:86:
c5:35:29:47:73:14:b0:0a:fa:3f:c6:15:f2:9e:ef:ff:1e:17:
0f:c5:b3:82:57:e7:32:37:13:7e:26:5d:d6:0e:8a:03:4f:76:
d2:b3:1a:80
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUGo+0/+ucJwJHL8SBai/jbwOIKQcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDAyMjYwODQ4MzRaFw0yNTAyMjQwODUzMzRaMDMxMTAvBgNV
BAMTKDM0RTQ4OTc1ODdFMzc1NkIxOTQ3NkM4QjU5NDM2OTU5RjI1NDA5RDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDlOe1PoystF1sSh54qh7OMxgW
xIjTui+vAnrAYk1/v8/uxZYdYvPv4qJ6q3O6kqn9Oz7zqF6dP1i+RmyMpEjnQaCl
QND+RbfRurC6K7SCxz6+Zu+UMiHgDldA2vVIBx0/jAmRvDtUp9SJXgkndYTb1A12
DdKh8hbERNsB4U7V/VFELYF+dGfN6faWSylt4Aa5diQoycyqxJdplgHJW9IqyGS9
Zbb/DwF8xH5xiiNnQEDQdFcUBRlslILDiery/aoLKiATqRWy3r+MEq+Em6ELs9qR
RSLYIJ88dQ8bysXeqZL1X/+wS4wVIljqp0KrYD5k3yTq2Cpy9jZjgFJ8eluhAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUNOSJdYfjdWsZR2yLWUNpWfJUCdkwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMTM4MzUyZTMx
MzIzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALm5fTANBgkqhkiG9w0BAQsFAAOCAQEAYZt0Ps4hcU5OvMl2cS1KZdpCIEte
zZoBjc4ULxUwctV5sQflBWo6qj3SpKd7VDcaf5Xw8M4CWtN9GBDQTc4AXTD3zvV+
WwVyGOUJE/8pGEq8WpoD1KOJI1U0kmcUOqv4gLGF14m6of9msp1te9YCQBQJcb0J
buVF/Ajp2MmG2jag+HWExmuXxPvPsQWkeiCRdO2zigGVWKsOWNnLhiy8FE0p+4mK
fWMI+s5cDxb1+k52V+a4BRHkrM53LT7t8JTVfaaFq5GWIC68J1z2Qt8aWaq2vcQk
vImGxTUpR3MUsAr6P8YV8p7v/x4XD8WzglfnMjcTfiZd1g6KA0920rMagA==
-----END CERTIFICATE-----
Generated at Sun Jun 2 00:22:50 2024 by rpki-client on console-fra.rpki-client.org