Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3138392e32352e302f32342d3234203d3e20313336373837.roa
File: 3138352e3138392e32352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: RSQFVwO/M1UjalOfuALeWfHOGrbC8Exgx9vFLH/USII=
Subject key identifier: 9A:F2:80:2B:57:5B:5D:92:55:2F:A8:A8:0E:99:D5:5D:33:2E:A6:7B
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 58524A490C37163BD0FF75AF3B59441A11CB1D9B
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3138392e32352e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:34 +0000
ROA not before: Mon 26 Feb 2024 08:48:34 +0000
ROA not after: Mon 24 Feb 2025 08:53:34 +0000
asID: 136787
IP address blocks: 185.189.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:52:4a:49:0c:37:16:3b:d0:ff:75:af:3b:59:44:1a:11:cb:1d:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Feb 26 08:48:34 2024 GMT
Not After : Feb 24 08:53:34 2025 GMT
Subject: CN=9AF2802B575B5D92552FA8A80E99D55D332EA67B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:40:15:ea:79:41:25:a2:7a:36:e1:bd:be:b5:
c2:b8:81:0d:8b:0a:e4:b9:be:a0:96:d9:92:da:ff:
92:e9:04:b0:c1:fd:78:02:65:4d:4c:a2:43:4d:11:
00:8e:95:6a:16:6d:bd:47:87:39:92:95:a2:68:89:
c7:c2:53:c9:45:f3:4c:cd:da:61:29:f2:da:89:cb:
a9:a8:17:5f:7b:a2:68:55:23:17:98:66:2c:e8:ee:
7c:a3:33:57:90:24:23:e1:a2:38:31:7d:18:8e:7c:
e0:4d:7f:bd:78:32:6b:eb:60:70:9d:96:c6:0b:c9:
93:b2:83:c0:7c:83:f5:ef:ba:cc:14:1b:b4:ee:2a:
a8:08:a3:40:0c:3d:e1:7e:74:a5:4e:57:a4:7e:21:
ce:6a:85:5f:da:1b:8a:d6:99:e7:94:21:bd:96:94:
e6:c8:e7:c6:6e:41:e3:dc:2c:6b:59:0f:9d:56:36:
21:b1:c6:a0:89:a7:fb:f9:8f:a8:90:05:dd:46:51:
7d:0f:ed:e5:80:46:df:4f:b1:98:b0:ab:dc:3c:ca:
fc:75:35:c2:03:4c:00:f8:04:47:5f:87:71:e7:c7:
7d:7a:ec:c6:71:7c:cb:9d:bf:3d:c9:de:6f:08:f6:
dc:08:6c:ec:1a:de:71:df:ea:c9:80:b6:61:f2:22:
64:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F2:80:2B:57:5B:5D:92:55:2F:A8:A8:0E:99:D5:5D:33:2E:A6:7B
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3138392e32352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.25.0/24
Signature Algorithm: sha256WithRSAEncryption
03:ee:be:e7:fa:40:12:ac:af:08:2f:2e:0a:e6:12:e0:e2:85:
17:de:10:11:9e:b9:90:ca:71:36:be:ea:6b:0b:d5:30:d3:ae:
fa:79:87:6c:27:41:fd:d9:f4:65:6a:56:03:16:40:6a:69:75:
b6:3c:e0:41:86:df:02:e9:ed:89:a6:4e:fc:1d:cd:01:d5:f7:
73:20:df:d3:a7:0e:63:5a:10:71:de:25:90:9e:24:a1:0b:23:
9c:3a:b5:71:ba:e5:40:c6:ed:2e:ee:07:16:58:48:22:b0:a3:
19:24:d8:29:c9:bf:6c:8a:bb:79:ab:66:61:58:9e:bf:f1:e2:
0c:7b:12:ac:07:e4:31:da:b9:02:bc:ac:bf:0c:a9:f4:69:af:
96:de:29:08:4f:b5:d1:a2:f7:08:7b:34:1a:02:7d:0b:6e:79:
d2:f0:11:1e:70:35:d7:4a:9f:30:6d:95:ce:08:d0:68:a1:47:
f6:8b:80:09:bd:b0:ea:2c:cb:c9:e7:03:44:7d:bd:92:fa:fd:
b2:03:58:85:43:c4:cb:fe:ac:4a:04:ef:74:99:9b:ef:bd:2e:
e3:35:7a:01:f9:1e:9e:08:f0:05:74:a3:e4:9c:9f:7f:58:89:
67:77:18:97:0d:4e:9a:aa:02:73:e9:c1:3f:21:e6:7d:27:db:
1f:8b:9b:eb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWFJKSQw3FjvQ/3WvO1lEGhHLHZswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDAyMjYwODQ4MzRaFw0yNTAyMjQwODUzMzRaMDMxMTAvBgNV
BAMTKDlBRjI4MDJCNTc1QjVEOTI1NTJGQThBODBFOTlENTVEMzMyRUE2N0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHQBXqeUElono24b2+tcK4gQ2L
CuS5vqCW2ZLa/5LpBLDB/XgCZU1MokNNEQCOlWoWbb1HhzmSlaJoicfCU8lF80zN
2mEp8tqJy6moF197omhVIxeYZizo7nyjM1eQJCPhojgxfRiOfOBNf714MmvrYHCd
lsYLyZOyg8B8g/XvuswUG7TuKqgIo0AMPeF+dKVOV6R+Ic5qhV/aG4rWmeeUIb2W
lObI58ZuQePcLGtZD51WNiGxxqCJp/v5j6iQBd1GUX0P7eWARt9PsZiwq9w8yvx1
NcIDTAD4BEdfh3Hnx3167MZxfMudvz3J3m8I9twIbOwa3nHf6smAtmHyImRpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUmvKAK1dbXZJVL6ioDpnVXTMupnswHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMTM4MzkyZTMy
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5vRkwDQYJKoZIhvcNAQELBQADggEBAAPuvuf6QBKsrwgvLgrmEuDihRfeEBGe
uZDKcTa+6msL1TDTrvp5h2wnQf3Z9GVqVgMWQGppdbY84EGG3wLp7YmmTvwdzQHV
93Mg39OnDmNaEHHeJZCeJKELI5w6tXG65UDG7S7uBxZYSCKwoxkk2CnJv2yKu3mr
ZmFYnr/x4gx7EqwH5DHauQK8rL8MqfRpr5beKQhPtdGi9wh7NBoCfQtuedLwER5w
NddKnzBtlc4I0GihR/aLgAm9sOosy8nnA0R9vZL6/bIDWIVDxMv+rEoE73SZm++9
LuM1egH5Hp4I8AV0o+Scn39YiWd3GJcNTpqqAnPpwT8h5n0n2x+Lm+s=
-----END CERTIFICATE-----
Generated at Mon Nov 25 01:33:35 2024 by rpki-client on console-ams.rpki-client.org