Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3139372e33302e302f32342d3234203d3e203633343733.roa
File: 3138352e3139372e33302e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: HCxlhsTnO8KgDq4WE0QIgZBf4DkJvztfHCjg+6+mnQ8=
Subject key identifier: B3:1F:15:6E:F8:8A:55:54:B2:6B:50:30:5F:C6:D6:ED:85:23:D1:5D
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 3CA7A0BF1511506AA30637AE47C592C977C55581
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3139372e33302e302f32342d3234203d3e203633343733.roa
Signing time: Mon 04 Nov 2024 10:05:25 +0000
ROA not before: Mon 04 Nov 2024 10:00:25 +0000
ROA not after: Mon 03 Nov 2025 10:05:25 +0000
asID: 63473
IP address blocks: 185.197.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:a7:a0:bf:15:11:50:6a:a3:06:37:ae:47:c5:92:c9:77:c5:55:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Nov 4 10:00:25 2024 GMT
Not After : Nov 3 10:05:25 2025 GMT
Subject: CN=B31F156EF88A5554B26B50305FC6D6ED8523D15D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8c:51:47:f5:b8:7e:b3:b9:e2:1d:c5:3a:d2:
60:a4:6c:8d:a7:fe:79:b0:bc:c0:82:56:02:bf:90:
b2:7a:de:cd:58:98:6c:7c:a0:37:45:c9:83:a4:cf:
1e:bb:36:ce:d1:b4:1b:63:0c:a6:cd:b6:cd:e2:e1:
85:96:46:59:4c:ea:35:4b:4a:be:7e:ce:78:9e:f8:
b3:1c:cf:62:d6:27:49:2a:7b:72:e3:de:97:86:4c:
bb:29:91:98:c9:97:aa:2c:88:e7:ff:10:85:55:16:
80:78:b5:b0:5a:e2:65:4a:73:6c:e3:6e:d4:09:5b:
5f:ff:cc:91:03:59:25:3f:26:e9:fa:d6:33:1d:4e:
73:f2:e3:0c:63:84:2a:c0:b4:ee:ad:c6:3f:27:2b:
10:7c:cc:ad:61:a7:45:64:49:e7:02:a4:30:12:6c:
36:2e:e5:5e:db:7f:a3:88:52:30:5a:cf:d9:26:6d:
c9:f6:d4:a1:98:70:97:a1:1d:7e:09:45:f9:b9:e8:
27:fb:c6:44:7d:da:6a:7c:09:77:e5:1b:73:15:12:
b9:b0:88:59:21:cc:df:20:1c:45:02:9b:08:c3:48:
bc:28:9d:02:92:e5:93:fe:d9:1f:84:93:4b:be:92:
94:74:44:0f:ae:94:27:3d:af:60:e9:6c:d0:cf:cd:
8d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:1F:15:6E:F8:8A:55:54:B2:6B:50:30:5F:C6:D6:ED:85:23:D1:5D
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3139372e33302e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.30.0/24
Signature Algorithm: sha256WithRSAEncryption
11:cc:18:2d:98:81:83:04:8d:33:7d:7b:32:eb:3f:5c:fc:95:
5f:24:69:77:3d:e7:07:df:a4:04:8b:ea:6f:fa:86:6d:d7:16:
ce:9c:51:21:1c:5b:96:d9:4d:6e:58:3e:1c:dd:36:35:9a:3b:
a2:7d:4e:c4:28:02:9b:3c:4d:14:0a:6a:38:db:65:17:94:fd:
66:d8:44:d6:46:2b:c2:66:5c:dd:5d:1f:46:68:1c:67:4b:3f:
c5:fa:6f:81:90:45:1c:a1:7f:ff:06:ee:28:75:eb:99:9b:f0:
35:30:95:f8:de:98:f4:7f:e8:e6:0d:15:f6:83:35:85:f7:ab:
bc:ef:50:bb:32:f2:36:ac:96:79:f4:4f:97:ea:74:80:7c:4d:
e2:ce:11:b2:f3:14:61:25:28:f8:63:c5:5a:de:d9:a9:69:c3:
3f:f9:d0:a1:61:67:e3:cd:ad:6b:61:03:b0:bb:74:83:bc:61:
f7:b6:92:f7:92:0c:5c:1b:1a:22:b4:11:1c:80:5d:60:3b:1e:
19:9b:a0:3a:7f:e5:e0:bc:5b:c4:28:cf:d3:fe:bf:5b:c8:f8:
7b:5c:7f:8d:30:5b:2f:4b:f1:a4:21:89:1a:33:3d:5d:03:c6:
a9:b6:fe:1e:73:6b:e6:aa:6d:30:97:4f:6a:3b:bc:28:dd:fb:
77:a3:57:e0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPKegvxURUGqjBjeuR8WSyXfFVYEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDExMDQxMDAwMjVaFw0yNTExMDMxMDA1MjVaMDMxMTAvBgNV
BAMTKEIzMUYxNTZFRjg4QTU1NTRCMjZCNTAzMDVGQzZENkVEODUyM0QxNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0jFFH9bh+s7niHcU60mCkbI2n
/nmwvMCCVgK/kLJ63s1YmGx8oDdFyYOkzx67Ns7RtBtjDKbNts3i4YWWRllM6jVL
Sr5+znie+LMcz2LWJ0kqe3Lj3peGTLspkZjJl6osiOf/EIVVFoB4tbBa4mVKc2zj
btQJW1//zJEDWSU/Jun61jMdTnPy4wxjhCrAtO6txj8nKxB8zK1hp0VkSecCpDAS
bDYu5V7bf6OIUjBaz9kmbcn21KGYcJehHX4JRfm56Cf7xkR92mp8CXflG3MVErmw
iFkhzN8gHEUCmwjDSLwonQKS5ZP+2R+Ek0u+kpR0RA+ulCc9r2DpbNDPzY3tAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUsx8VbviKVVSya1AwX8bW7YUj0V0wHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMTM5MzcyZTMz
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ucUeMA0GCSqGSIb3DQEBCwUAA4IBAQARzBgtmIGDBI0zfXsy6z9c/JVfJGl3PecH
36QEi+pv+oZt1xbOnFEhHFuW2U1uWD4c3TY1mjuifU7EKAKbPE0UCmo422UXlP1m
2ETWRivCZlzdXR9GaBxnSz/F+m+BkEUcoX//Bu4odeuZm/A1MJX43pj0f+jmDRX2
gzWF96u871C7MvI2rJZ59E+X6nSAfE3izhGy8xRhJSj4Y8Va3tmpacM/+dChYWfj
za1rYQOwu3SDvGH3tpL3kgxcGxoitBEcgF1gOx4Zm6A6f+XgvFvEKM/T/r9byPh7
XH+NMFsvS/GkIYkaMz1dA8aptv4ec2vmqm0wl09qO7wo3ft3o1fg
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org