Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3138352e3132362e302f32342d3234203d3e203333313832.roa
File: 3138352e3138352e3132362e302f32342d3234203d3e203333313832.roa (raw, json)
Hash identifier: Lz+7W1SkC5Qg2TO+QZyiGKwy2BgbG3e8giaRb+C9N4k=
Subject key identifier: F7:B1:AF:60:3D:DC:33:79:4D:F0:37:BE:EF:AC:DD:01:9E:75:A7:0C
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 5E0D1F6890C143C5A8BA53CD08D859622910EBA1
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3138352e3132362e302f32342d3234203d3e203333313832.roa
Signing time: Mon 07 Oct 2024 15:35:04 +0000
ROA not before: Mon 07 Oct 2024 15:30:04 +0000
ROA not after: Mon 06 Oct 2025 15:35:04 +0000
asID: 33182
IP address blocks: 185.185.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:0d:1f:68:90:c1:43:c5:a8:ba:53:cd:08:d8:59:62:29:10:eb:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Oct 7 15:30:04 2024 GMT
Not After : Oct 6 15:35:04 2025 GMT
Subject: CN=F7B1AF603DDC33794DF037BEEFACDD019E75A70C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:45:f5:55:34:61:6f:64:c9:ab:80:5d:bf:51:
b6:d5:31:1d:de:a3:f6:19:87:a2:e3:7a:57:8b:7d:
80:c6:aa:27:59:f5:0b:c1:a5:47:be:82:17:a5:9c:
2b:9f:2d:87:5e:6b:79:5d:8a:17:71:cf:d0:b3:91:
f6:a8:4d:56:ae:74:e2:da:43:3a:92:60:c2:db:4b:
f7:d3:40:ca:c8:01:24:8d:5c:11:32:76:24:24:9d:
db:e7:65:7d:6f:75:52:0e:3e:2a:23:fe:e2:88:1f:
ba:82:de:0b:59:4c:ff:b9:81:b8:0c:a9:de:3b:8b:
8f:01:cc:b6:97:7f:24:75:16:9f:28:43:ed:29:54:
59:0e:d6:56:f3:ab:65:b3:41:9e:a9:3e:54:92:75:
f8:44:20:f1:d0:39:fd:6a:11:c5:d0:c0:fc:fc:71:
e1:ea:f9:97:5e:86:61:c9:99:41:0f:3f:78:6e:ce:
6c:17:83:bf:c9:61:13:65:2a:16:a5:b9:a9:a7:1d:
5a:b5:d7:ee:58:a0:fb:0b:df:d2:e5:b4:25:0d:32:
bf:e0:9f:f5:83:e6:60:a2:df:a6:ed:70:6f:a2:4a:
ab:be:7c:31:06:ad:95:cc:0f:e4:10:7e:51:51:ee:
3b:0b:bc:0b:d1:6e:86:64:98:57:1a:68:d1:bc:c3:
0b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:B1:AF:60:3D:DC:33:79:4D:F0:37:BE:EF:AC:DD:01:9E:75:A7:0C
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3138352e3132362e302f32342d3234203d3e203333313832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.126.0/24
Signature Algorithm: sha256WithRSAEncryption
22:7c:cc:56:0a:94:76:15:de:2a:1e:b2:a0:97:df:66:70:17:
a9:da:1f:4c:a5:e3:aa:e3:d9:c1:47:35:ea:b0:08:86:d2:9c:
74:87:80:a2:4f:b2:15:97:19:fe:33:5c:28:51:f5:96:13:d7:
f7:e1:71:32:b1:e9:c9:b8:35:ce:76:8e:67:3e:08:59:48:a3:
87:a2:9b:37:b1:7d:45:0b:ec:09:2b:cf:53:59:f2:4f:47:4a:
c1:86:e8:0f:d5:f5:0e:20:45:fc:7d:39:ec:14:6b:ab:e6:8b:
22:5f:de:b5:42:71:ba:e1:fb:f1:24:67:57:9b:71:6d:99:d9:
08:8c:ba:98:cf:21:2e:e3:87:59:95:f7:15:c9:f7:e8:d7:3f:
4d:5f:88:1a:9a:8f:ec:9b:c3:f2:bd:38:7a:47:07:4b:ee:00:
f8:54:93:31:47:2e:ef:e7:80:f7:2e:80:a9:a9:b6:7c:14:cc:
9e:7e:4d:53:90:ee:e6:e9:8c:61:0a:03:ec:ec:5e:91:4a:40:
87:19:9e:60:52:c7:47:33:87:59:eb:f6:9a:de:0b:73:51:d9:
5b:33:26:64:45:9b:fe:54:c6:7a:ae:2f:5d:f4:b5:88:af:d9:
e6:c5:3d:1e:5a:dd:cf:8a:d6:b1:f2:6e:de:19:58:a4:fc:e4:
f8:d3:de:34
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXg0faJDBQ8WoulPNCNhZYikQ66EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDEwMDcxNTMwMDRaFw0yNTEwMDYxNTM1MDRaMDMxMTAvBgNV
BAMTKEY3QjFBRjYwM0REQzMzNzk0REYwMzdCRUVGQUNERDAxOUU3NUE3MEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJRfVVNGFvZMmrgF2/UbbVMR3e
o/YZh6LjeleLfYDGqidZ9QvBpUe+ghelnCufLYdea3ldihdxz9CzkfaoTVaudOLa
QzqSYMLbS/fTQMrIASSNXBEydiQkndvnZX1vdVIOPioj/uKIH7qC3gtZTP+5gbgM
qd47i48BzLaXfyR1Fp8oQ+0pVFkO1lbzq2WzQZ6pPlSSdfhEIPHQOf1qEcXQwPz8
ceHq+ZdehmHJmUEPP3huzmwXg7/JYRNlKhaluamnHVq11+5YoPsL39LltCUNMr/g
n/WD5mCi36btcG+iSqu+fDEGrZXMD+QQflFR7jsLvAvRboZkmFcaaNG8wwvFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU97GvYD3cM3lN8De+76zdAZ51pwwwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMTM4MzUyZTMx
MzIzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzMzMTM4MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5uX4wDQYJKoZIhvcNAQELBQADggEBACJ8zFYKlHYV3ioesqCX32ZwF6naH0yl
46rj2cFHNeqwCIbSnHSHgKJPshWXGf4zXChR9ZYT1/fhcTKx6cm4Nc52jmc+CFlI
o4eimzexfUUL7Akrz1NZ8k9HSsGG6A/V9Q4gRfx9OewUa6vmiyJf3rVCcbrh+/Ek
Z1ebcW2Z2QiMupjPIS7jh1mV9xXJ9+jXP01fiBqaj+ybw/K9OHpHB0vuAPhUkzFH
Lu/ngPcugKmptnwUzJ5+TVOQ7ubpjGEKA+zsXpFKQIcZnmBSx0czh1nr9preC3NR
2VszJmRFm/5UxnquL130tYiv2ebFPR5a3c+K1rHybt4ZWKT85PjT3jQ=
-----END CERTIFICATE-----
Generated at Mon Nov 25 01:46:59 2024 by rpki-client on console-fra.rpki-client.org