Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3138392e32372e302f32342d3234203d3e203333313832.roa
File: 3138352e3138392e32372e302f32342d3234203d3e203333313832.roa (raw, json)
Hash identifier: 3EkIvI9nTBzqvciVC9N5P5md/jzTtHNGa8nz1Xr+AVA=
Subject key identifier: D8:61:D8:E5:7D:CD:03:EA:DD:F0:35:B3:C0:E8:A5:E6:53:1B:40:C1
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 4270EE0ACF125BF9030DC3512CA6478555A12018
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3138392e32372e302f32342d3234203d3e203333313832.roa
Signing time: Mon 07 Oct 2024 15:35:21 +0000
ROA not before: Mon 07 Oct 2024 15:30:21 +0000
ROA not after: Mon 06 Oct 2025 15:35:21 +0000
asID: 33182
IP address blocks: 185.189.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:70:ee:0a:cf:12:5b:f9:03:0d:c3:51:2c:a6:47:85:55:a1:20:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Oct 7 15:30:21 2024 GMT
Not After : Oct 6 15:35:21 2025 GMT
Subject: CN=D861D8E57DCD03EADDF035B3C0E8A5E6531B40C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a2:e7:ea:95:b5:7d:f5:67:e9:58:62:ae:e0:
0b:57:a0:2b:1e:8c:e9:05:c9:33:89:18:d9:64:0a:
51:8b:01:3b:ed:aa:f5:10:5b:32:f0:5b:09:39:b7:
e8:f0:3f:f4:f7:db:4b:eb:fb:ca:a2:fa:7b:e8:b9:
b3:56:56:b1:48:b4:f4:a3:9c:fe:5f:c8:b9:ba:4e:
f4:5d:c4:0c:01:2f:65:77:2e:6d:81:60:23:39:26:
2e:c0:0b:e0:df:a0:2f:7c:50:92:3f:c3:93:35:dc:
6e:a7:b5:d9:fa:44:3c:7f:a5:4c:2f:32:9e:e6:19:
04:b5:3b:c3:31:79:d2:59:51:b4:d5:b1:51:64:b3:
d5:6e:84:70:df:2b:0a:2e:9b:03:d3:b8:fd:e7:ac:
6e:09:31:e4:d3:c8:40:d9:26:80:df:b7:83:02:26:
e8:1e:aa:aa:b9:57:69:23:d6:e1:d4:fc:61:c7:02:
c9:37:3e:02:6d:49:5a:de:1e:d2:0e:d7:9d:2f:df:
a9:ea:fd:86:90:7d:a4:80:65:53:d1:d0:ee:99:8a:
59:d9:d3:93:68:5b:9b:51:15:e6:d6:e7:43:9d:35:
65:57:b4:7a:7e:11:21:96:d3:0f:76:a1:e7:cb:8d:
84:66:33:43:2b:64:1b:03:3e:7d:37:0b:b0:ea:fd:
b0:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:61:D8:E5:7D:CD:03:EA:DD:F0:35:B3:C0:E8:A5:E6:53:1B:40:C1
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3138392e32372e302f32342d3234203d3e203333313832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.27.0/24
Signature Algorithm: sha256WithRSAEncryption
72:74:56:fe:bd:b5:b2:05:e7:60:ef:96:e7:9e:44:7a:a0:49:
54:be:89:94:b6:bf:89:23:8c:5e:89:93:ef:b6:9a:0e:41:6f:
23:3a:ea:db:79:62:3c:e9:21:26:0f:6a:9e:44:5b:00:45:61:
64:21:4b:3f:6a:fa:8f:05:5a:c1:46:79:9e:16:ca:a1:24:05:
68:2b:b4:f7:3d:09:b5:28:9c:4c:5d:c4:71:86:b5:c8:f1:5a:
8d:e1:bb:a6:2a:b3:02:d2:cc:6a:a5:ce:06:a6:e8:29:c5:62:
2d:fd:1d:71:0a:d6:cf:1e:1b:fb:2c:d7:e2:43:8f:5c:cf:b1:
79:5c:ef:ef:66:91:50:40:64:d4:8e:3b:dd:e5:f1:59:3d:f7:
c3:e0:06:18:10:8f:14:31:d3:44:7d:06:46:45:3a:79:1f:e7:
1b:8c:56:4b:6f:13:4b:c4:a5:71:83:e6:fc:13:c1:73:c8:85:
26:3e:fa:ab:6c:52:4e:09:5a:2e:24:d0:b3:71:58:25:92:9d:
34:1a:2e:db:1c:3c:35:d8:9c:28:eb:1b:3b:7e:41:ab:32:df:
6e:5f:7c:3e:85:3e:11:30:14:d5:38:a5:43:b6:8e:49:a2:6f:
6b:11:ad:66:c1:f2:5c:bc:e8:3e:7c:bb:6f:21:10:ae:c2:c8:
3e:55:08:07
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQnDuCs8SW/kDDcNRLKZHhVWhIBgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDEwMDcxNTMwMjFaFw0yNTEwMDYxNTM1MjFaMDMxMTAvBgNV
BAMTKEQ4NjFEOEU1N0RDRDAzRUFEREYwMzVCM0MwRThBNUU2NTMxQjQwQzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwoufqlbV99WfpWGKu4AtXoCse
jOkFyTOJGNlkClGLATvtqvUQWzLwWwk5t+jwP/T320vr+8qi+nvoubNWVrFItPSj
nP5fyLm6TvRdxAwBL2V3Lm2BYCM5Ji7AC+DfoC98UJI/w5M13G6ntdn6RDx/pUwv
Mp7mGQS1O8MxedJZUbTVsVFks9VuhHDfKwoumwPTuP3nrG4JMeTTyEDZJoDft4MC
Jugeqqq5V2kj1uHU/GHHAsk3PgJtSVreHtIO150v36nq/YaQfaSAZVPR0O6ZilnZ
05NoW5tRFebW50OdNWVXtHp+ESGW0w92oefLjYRmM0MrZBsDPn03C7Dq/bC1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU2GHY5X3NA+rd8DWzwOil5lMbQMEwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMTM4MzkyZTMy
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMzMzEzODMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ub0bMA0GCSqGSIb3DQEBCwUAA4IBAQBydFb+vbWyBedg75bnnkR6oElUvomUtr+J
I4xeiZPvtpoOQW8jOurbeWI86SEmD2qeRFsARWFkIUs/avqPBVrBRnmeFsqhJAVo
K7T3PQm1KJxMXcRxhrXI8VqN4bumKrMC0sxqpc4GpugpxWIt/R1xCtbPHhv7LNfi
Q49cz7F5XO/vZpFQQGTUjjvd5fFZPffD4AYYEI8UMdNEfQZGRTp5H+cbjFZLbxNL
xKVxg+b8E8FzyIUmPvqrbFJOCVouJNCzcVglkp00Gi7bHDw12Jwo6xs7fkGrMt9u
X3w+hT4RMBTVOKVDto5Jom9rEa1mwfJcvOg+fLtvIRCuwsg+VQgH
-----END CERTIFICATE-----
Generated at Mon Nov 25 01:46:59 2024 by rpki-client on console-fra.rpki-client.org