Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3139362e32332e302f32342d3234203d3e203230383630.roa
File: 3138352e3139362e32332e302f32342d3234203d3e203230383630.roa (raw, json)
Hash identifier: zrQLsR48EO6RR5welkkW65TPfwyq7lQ0kLWJ7751Ji0=
Subject key identifier: C3:FF:38:CC:C0:B8:25:9D:19:1B:2B:D2:02:CD:07:0B:1A:42:84:98
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 4E72BA8751809E0015B1E07D45221CEC16AB6BF5
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3139362e32332e302f32342d3234203d3e203230383630.roa
Signing time: Mon 07 Oct 2024 15:35:30 +0000
ROA not before: Mon 07 Oct 2024 15:30:30 +0000
ROA not after: Mon 06 Oct 2025 15:35:30 +0000
asID: 20860
IP address blocks: 185.196.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:72:ba:87:51:80:9e:00:15:b1:e0:7d:45:22:1c:ec:16:ab:6b:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Oct 7 15:30:30 2024 GMT
Not After : Oct 6 15:35:30 2025 GMT
Subject: CN=C3FF38CCC0B8259D191B2BD202CD070B1A428498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:04:be:41:65:04:60:99:92:d4:fa:23:dc:9b:
de:af:4c:e4:19:73:e1:82:ae:ee:7e:fa:75:42:4c:
79:ac:ff:26:d9:80:3f:e8:98:16:28:e0:f1:86:64:
fc:67:8e:06:85:92:8e:70:e9:b5:fd:33:07:78:88:
dc:66:8e:ee:dd:aa:91:29:b7:51:12:81:dd:2f:43:
09:1b:1b:ce:78:8e:36:57:69:1b:a3:08:2c:46:34:
8f:e2:e9:a1:c9:03:0e:17:c7:bf:79:b8:47:4a:04:
b8:8c:f7:af:93:fa:ef:9c:e7:a9:1b:74:61:11:81:
d1:70:03:d1:a6:63:07:72:eb:47:f0:d2:08:85:90:
c1:3b:d2:65:5b:27:0e:b2:58:f0:84:1d:c6:35:77:
93:03:e3:95:aa:7a:24:3c:fd:b0:81:66:d8:35:33:
10:d5:39:17:09:1b:70:8a:89:8c:38:f6:ba:77:3b:
a2:4a:fe:72:20:01:b2:6b:9f:63:d5:bb:72:aa:9b:
29:2e:a0:e4:a3:23:54:99:9e:70:04:aa:96:06:f5:
63:ee:dc:5e:6a:72:39:1b:18:8d:63:ca:90:c5:d8:
87:a2:6d:f7:bb:f3:d4:8d:b7:1f:d7:38:82:b0:e0:
03:0c:3f:41:b7:fe:b7:ca:2e:b9:b2:59:51:7b:60:
19:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:FF:38:CC:C0:B8:25:9D:19:1B:2B:D2:02:CD:07:0B:1A:42:84:98
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3139362e32332e302f32342d3234203d3e203230383630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.23.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:66:30:30:41:14:c6:14:68:f1:3a:3d:82:8a:7d:e8:44:b6:
75:b7:66:21:c7:be:1a:54:96:c1:94:1d:a9:76:b9:f3:19:fe:
39:7d:b0:a7:19:5c:6e:3a:2a:b0:26:8e:c3:0e:30:29:2e:77:
65:61:4a:0c:d6:6c:dd:ee:68:a0:89:69:a1:b3:d6:13:7c:de:
0e:d7:6a:73:55:87:fc:fd:be:9d:d5:67:51:ae:e4:83:85:7b:
d6:83:39:0e:eb:f3:bb:92:60:2d:98:ef:a5:06:b5:42:c0:4d:
64:2d:44:76:45:cc:5c:c3:f2:86:a0:37:2c:6e:66:0e:1c:42:
67:8f:4e:6f:49:a9:4b:ee:c7:a6:64:19:a1:00:de:20:1a:d5:
9a:3a:84:9f:dd:f0:2f:8a:85:26:31:0f:79:11:3b:45:6d:f6:
1f:d0:d6:6a:7a:e8:dd:19:01:39:96:a0:52:a9:0a:fe:23:cd:
f2:ad:82:ee:5d:6f:c2:dc:0a:4e:fc:03:d7:cb:ff:f3:7c:72:
af:bf:23:90:e0:2d:b1:a8:5f:0c:3f:ca:9d:fa:80:a1:ae:f3:
b1:89:1f:39:0f:45:a8:08:25:c6:f6:51:54:9f:d2:c6:a2:59:
04:8c:76:12:18:db:ce:e3:c7:b5:1e:46:51:58:a9:93:e8:2c:
bc:ec:aa:2d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTnK6h1GAngAVseB9RSIc7Bara/UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDEwMDcxNTMwMzBaFw0yNTEwMDYxNTM1MzBaMDMxMTAvBgNV
BAMTKEMzRkYzOENDQzBCODI1OUQxOTFCMkJEMjAyQ0QwNzBCMUE0Mjg0OTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkBL5BZQRgmZLU+iPcm96vTOQZ
c+GCru5++nVCTHms/ybZgD/omBYo4PGGZPxnjgaFko5w6bX9Mwd4iNxmju7dqpEp
t1ESgd0vQwkbG854jjZXaRujCCxGNI/i6aHJAw4Xx795uEdKBLiM96+T+u+c56kb
dGERgdFwA9GmYwdy60fw0giFkME70mVbJw6yWPCEHcY1d5MD45WqeiQ8/bCBZtg1
MxDVORcJG3CKiYw49rp3O6JK/nIgAbJrn2PVu3KqmykuoOSjI1SZnnAEqpYG9WPu
3F5qcjkbGI1jypDF2Ieibfe789SNtx/XOIKw4AMMP0G3/rfKLrmyWVF7YBmxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUw/84zMC4JZ0ZGyvSAs0HCxpChJgwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMTM5MzYyZTMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzgzNjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ucQXMA0GCSqGSIb3DQEBCwUAA4IBAQArZjAwQRTGFGjxOj2Cin3oRLZ1t2Yhx74a
VJbBlB2pdrnzGf45fbCnGVxuOiqwJo7DDjApLndlYUoM1mzd7migiWmhs9YTfN4O
12pzVYf8/b6d1WdRruSDhXvWgzkO6/O7kmAtmO+lBrVCwE1kLUR2Rcxcw/KGoDcs
bmYOHEJnj05vSalL7semZBmhAN4gGtWaOoSf3fAvioUmMQ95ETtFbfYf0NZqeujd
GQE5lqBSqQr+I83yrYLuXW/C3ApO/APXy//zfHKvvyOQ4C2xqF8MP8qd+oChrvOx
iR85D0WoCCXG9lFUn9LGolkEjHYSGNvO48e1HkZRWKmT6Cy87Kot
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:24 2024 by rpki-client on console-ams.rpki-client.org