Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3139372e33302e302f32342d3234203d3e203633343733.roa
File: 3138352e3139372e33302e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: UW5UPG66mMj/4532K4102a4/9/J5c3x1ry3/DF1E6Xk=
Subject key identifier: 07:8A:39:67:62:62:23:49:86:F2:4C:1F:31:79:88:39:D6:E6:E4:0C
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 23D61E2A0470773E7F03E592803FAD90ABEAF69A
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3139372e33302e302f32342d3234203d3e203633343733.roa
Signing time: Mon 04 Dec 2023 09:34:52 +0000
ROA not before: Mon 04 Dec 2023 09:29:52 +0000
ROA not after: Mon 02 Dec 2024 09:34:52 +0000
asID: 63473
IP address blocks: 185.197.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 May 2024 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:d6:1e:2a:04:70:77:3e:7f:03:e5:92:80:3f:ad:90:ab:ea:f6:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Dec 4 09:29:52 2023 GMT
Not After : Dec 2 09:34:52 2024 GMT
Subject: CN=078A39676262234986F24C1F31798839D6E6E40C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e2:f8:c5:f6:e7:c8:07:98:6e:82:b8:03:6b:
d7:3f:ab:92:a8:69:ca:45:a8:66:50:e6:34:67:43:
c3:37:80:84:16:75:53:4b:46:26:c6:99:bc:28:75:
10:a7:5d:be:5a:77:46:8f:cc:ab:49:9c:a7:24:6d:
f5:af:05:2c:ad:19:a4:8c:d0:99:ee:21:85:29:c6:
13:d9:01:d3:aa:b5:7c:89:ef:52:dd:7d:22:c1:8c:
0b:b6:2f:c9:7a:7d:df:81:f6:0a:78:61:25:b0:c8:
b0:50:5f:ef:d1:48:70:41:48:8d:42:db:37:56:4b:
7f:ea:e9:b7:7d:84:97:26:78:f9:33:66:5e:10:db:
d3:d9:82:83:fe:e8:8c:fc:01:ff:94:3c:5a:39:7b:
c5:4f:4e:57:aa:0d:50:3c:0d:b8:f6:28:b8:38:d0:
71:10:e6:ce:b8:8b:53:dd:b0:aa:1b:9b:d3:d3:9b:
d9:d6:79:32:66:7f:5b:d1:c5:18:e7:b1:c7:ef:48:
66:11:b7:50:33:27:5c:db:2d:2f:fe:f3:87:fb:b8:
71:e3:23:4d:4e:db:7c:07:0d:11:63:09:20:ce:f5:
57:eb:6c:fe:bc:98:d3:27:c2:47:34:6c:a0:27:b1:
46:e6:49:41:e8:64:92:bb:d3:2c:2c:11:ef:96:90:
7f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:8A:39:67:62:62:23:49:86:F2:4C:1F:31:79:88:39:D6:E6:E4:0C
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3139372e33302e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.30.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:08:c7:9d:2d:62:8a:19:b7:5a:df:2b:1b:88:0b:c2:bb:f3:
fb:e0:3f:8e:e6:24:65:40:82:55:c0:dc:93:55:f3:a2:16:0d:
c1:3b:66:4f:72:85:c3:d5:77:c0:20:6e:e6:22:06:8b:1f:e0:
e2:99:14:4e:32:2c:af:39:79:70:31:23:fe:a2:47:89:5b:c6:
40:c1:df:52:b4:1e:2d:6d:31:8b:9f:2e:b0:47:23:5f:ab:b3:
36:22:89:a3:cc:3f:86:0b:cd:d0:e3:36:b8:77:3a:69:b5:58:
2f:34:af:2a:4f:d9:b3:c2:fa:5a:81:61:cb:a6:27:d6:68:33:
d9:c6:ea:6a:9a:58:4a:6a:92:f5:d8:32:3f:2e:34:63:55:00:
52:39:39:f4:f4:bb:c1:68:6d:cb:ce:e2:f7:87:21:fc:6f:17:
7b:e1:e3:58:8d:66:9a:7c:06:e3:a7:60:f6:79:1b:96:61:e3:
b6:dc:b0:49:07:6a:2b:00:47:63:af:bd:38:b8:ce:fc:85:73:
4d:21:b6:0d:4b:4d:ba:d0:d9:bd:b6:ea:3e:8c:02:7d:d0:92:
aa:bd:d6:a6:cb:83:d7:8f:dc:7d:bc:d7:b4:e9:3f:80:6c:5f:
a3:02:55:d4:78:05:f1:63:f9:16:4d:e7:af:65:97:9f:2d:74:
bf:84:44:b2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUI9YeKgRwdz5/A+WSgD+tkKvq9powDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yMzEyMDQwOTI5NTJaFw0yNDEyMDIwOTM0NTJaMDMxMTAvBgNV
BAMTKDA3OEEzOTY3NjI2MjIzNDk4NkYyNEMxRjMxNzk4ODM5RDZFNkU0MEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG4vjF9ufIB5hugrgDa9c/q5Ko
acpFqGZQ5jRnQ8M3gIQWdVNLRibGmbwodRCnXb5ad0aPzKtJnKckbfWvBSytGaSM
0JnuIYUpxhPZAdOqtXyJ71LdfSLBjAu2L8l6fd+B9gp4YSWwyLBQX+/RSHBBSI1C
2zdWS3/q6bd9hJcmePkzZl4Q29PZgoP+6Iz8Af+UPFo5e8VPTleqDVA8Dbj2KLg4
0HEQ5s64i1PdsKobm9PTm9nWeTJmf1vRxRjnscfvSGYRt1AzJ1zbLS/+84f7uHHj
I01O23wHDRFjCSDO9VfrbP68mNMnwkc0bKAnsUbmSUHoZJK70ywsEe+WkH/tAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUB4o5Z2JiI0mG8kwfMXmIOdbm5AwwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMTM5MzcyZTMz
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ucUeMA0GCSqGSIb3DQEBCwUAA4IBAQAuCMedLWKKGbda3ysbiAvCu/P74D+O5iRl
QIJVwNyTVfOiFg3BO2ZPcoXD1XfAIG7mIgaLH+DimRROMiyvOXlwMSP+okeJW8ZA
wd9StB4tbTGLny6wRyNfq7M2IomjzD+GC83Q4za4dzpptVgvNK8qT9mzwvpagWHL
pifWaDPZxupqmlhKapL12DI/LjRjVQBSOTn09LvBaG3LzuL3hyH8bxd74eNYjWaa
fAbjp2D2eRuWYeO23LBJB2orAEdjr704uM78hXNNIbYNS0260Nm9tuo+jAJ90JKq
vdamy4PXj9x9vNe06T+AbF+jAlXUeAXxY/kWTeevZZefLXS/hESy
-----END CERTIFICATE-----
Generated at Sun May 26 17:35:51 2024 by rpki-client on console-ams.rpki-client.org