Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3138392e32342e302f32342d3234203d3e20313336373837.roa
File: 3138352e3138392e32342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 0vzwjT7E4yJSOk+HXEnTMXNRHEtZPY2GiiYngZle5PA=
Subject key identifier: 46:C8:86:01:97:04:70:39:B4:DD:22:A4:D2:07:03:0D:7B:8A:E1:4D
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 4834D383C352E7A37576ED1DFD285873A7147702
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3138392e32342e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 12 Oct 2023 21:14:50 +0000
ROA not before: Thu 12 Oct 2023 21:09:50 +0000
ROA not after: Thu 10 Oct 2024 21:14:50 +0000
asID: 136787
IP address blocks: 185.189.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:34:d3:83:c3:52:e7:a3:75:76:ed:1d:fd:28:58:73:a7:14:77:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Oct 12 21:09:50 2023 GMT
Not After : Oct 10 21:14:50 2024 GMT
Subject: CN=46C8860197047039B4DD22A4D207030D7B8AE14D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:25:df:68:09:ab:11:ae:69:3e:0a:e7:c5:af:
93:e4:13:98:75:87:75:a0:a6:97:9f:9a:8e:c8:3a:
91:c6:87:d4:2c:0b:b8:9e:e2:f8:c3:fc:c5:f3:ff:
20:c8:a3:80:a9:64:40:d8:c3:f0:39:d0:28:5e:6f:
6e:84:39:7d:48:d4:4b:b2:d3:fc:d3:7a:c2:d8:15:
af:bc:dd:2c:e2:e7:47:a8:d1:d9:cc:95:c9:04:eb:
1a:8b:fe:75:eb:30:fa:30:ea:55:14:88:23:e1:89:
4d:a6:ca:fd:1e:27:21:7e:74:4f:1a:21:bc:c5:f3:
ab:6e:5f:68:20:b6:a5:dc:d2:18:e2:b0:14:2b:5f:
52:91:f2:a9:d1:c8:a3:fb:70:bc:46:15:a7:4c:5c:
56:5c:de:18:91:d8:94:f5:7a:c2:1c:15:1c:92:0e:
8c:e9:dd:3c:2a:5f:f1:fe:4b:a2:b6:e0:6a:1c:b1:
27:2f:4e:e2:6e:76:62:16:ad:bb:8c:54:7f:68:ad:
07:44:fa:69:e4:89:3f:04:13:df:fd:7d:33:9d:aa:
ae:eb:32:f5:88:f0:bb:cc:de:cd:93:9d:60:89:77:
7c:3c:46:ea:70:56:13:03:09:6f:91:7d:84:45:c7:
69:f7:c3:7d:67:58:e7:70:84:1c:21:75:8c:cf:e2:
ff:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:C8:86:01:97:04:70:39:B4:DD:22:A4:D2:07:03:0D:7B:8A:E1:4D
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3138392e32342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.24.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:52:69:d4:db:1b:ed:32:77:0a:4b:7e:ca:e1:ba:5e:f3:eb:
6b:81:60:e3:57:b3:e7:31:b1:53:cf:ae:80:17:ef:95:29:48:
85:37:63:99:50:93:a8:c8:92:1c:3e:8a:36:11:06:30:a7:39:
89:13:81:9f:28:f8:d9:17:b5:f6:8d:a0:5d:c7:49:ad:7c:6c:
bc:f9:ac:82:63:50:9d:06:2c:f2:80:41:f7:c8:6f:93:1b:fb:
04:f6:18:60:3a:1a:06:13:6e:4c:e7:af:c7:8c:85:5c:f5:bd:
e0:86:8b:86:bd:1c:db:4c:2e:dc:3b:cd:35:79:9d:97:e7:e9:
53:a4:da:dd:b2:26:60:1f:63:c9:ff:af:fb:31:64:ff:b0:8b:
60:d0:bc:18:cf:57:1b:8c:05:be:e9:37:df:95:b5:db:02:b7:
d1:27:29:22:a7:f9:eb:2e:1f:f3:69:b3:b9:ac:7b:7b:07:ad:
27:06:51:cd:40:3b:d1:1b:f1:c7:03:84:13:0a:53:7a:41:75:
8c:bc:7a:70:bb:67:22:17:86:ff:26:20:11:c8:23:fa:c7:ad:
e3:eb:72:ba:da:d5:a8:3d:7c:09:31:a5:ce:7f:96:db:e1:b9:
4f:a4:75:c5:7f:0f:85:3e:30:cf:e6:24:79:11:1d:03:73:bc:
64:a3:81:64
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSDTTg8NS56N1du0d/ShYc6cUdwIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yMzEwMTIyMTA5NTBaFw0yNDEwMTAyMTE0NTBaMDMxMTAvBgNV
BAMTKDQ2Qzg4NjAxOTcwNDcwMzlCNEREMjJBNEQyMDcwMzBEN0I4QUUxNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNJd9oCasRrmk+CufFr5PkE5h1
h3Wgppefmo7IOpHGh9QsC7ie4vjD/MXz/yDIo4CpZEDYw/A50Cheb26EOX1I1Euy
0/zTesLYFa+83Szi50eo0dnMlckE6xqL/nXrMPow6lUUiCPhiU2myv0eJyF+dE8a
IbzF86tuX2ggtqXc0hjisBQrX1KR8qnRyKP7cLxGFadMXFZc3hiR2JT1esIcFRyS
Dozp3TwqX/H+S6K24GocsScvTuJudmIWrbuMVH9orQdE+mnkiT8EE9/9fTOdqq7r
MvWI8LvM3s2TnWCJd3w8RupwVhMDCW+RfYRFx2n3w31nWOdwhBwhdYzP4v//AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQURsiGAZcEcDm03SKk0gcDDXuK4U0wHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMTM4MzkyZTMy
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5vRgwDQYJKoZIhvcNAQELBQADggEBALBSadTbG+0ydwpLfsrhul7z62uBYONX
s+cxsVPProAX75UpSIU3Y5lQk6jIkhw+ijYRBjCnOYkTgZ8o+NkXtfaNoF3HSa18
bLz5rIJjUJ0GLPKAQffIb5Mb+wT2GGA6GgYTbkznr8eMhVz1veCGi4a9HNtMLtw7
zTV5nZfn6VOk2t2yJmAfY8n/r/sxZP+wi2DQvBjPVxuMBb7pN9+VtdsCt9EnKSKn
+esuH/Nps7mse3sHrScGUc1AO9Eb8ccDhBMKU3pBdYy8enC7ZyIXhv8mIBHII/rH
rePrcrra1ag9fAkxpc5/ltvhuU+kdcV/D4U+MM/mJHkRHQNzvGSjgWQ=
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:23 2024 by rpki-client on console-fra.rpki-client.org