Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3139372e33312e302f32342d3234203d3e203230383630.roa
File: 3138352e3139372e33312e302f32342d3234203d3e203230383630.roa (raw, json)
Hash identifier: oQgnVmzN6XGzylq0zFvEvW0sns+QG/9FIgE7mIAeggY=
Subject key identifier: F2:89:BB:B6:7D:70:72:B0:36:57:D1:8C:74:EC:4D:58:7D:09:66:A7
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 7F564FFE46EFF4E570DAACF83EC07CB45ADB77E4
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3139372e33312e302f32342d3234203d3e203230383630.roa
Signing time: Mon 07 Oct 2024 15:35:37 +0000
ROA not before: Mon 07 Oct 2024 15:30:37 +0000
ROA not after: Mon 06 Oct 2025 15:35:37 +0000
asID: 20860
IP address blocks: 185.197.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:56:4f:fe:46:ef:f4:e5:70:da:ac:f8:3e:c0:7c:b4:5a:db:77:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Oct 7 15:30:37 2024 GMT
Not After : Oct 6 15:35:37 2025 GMT
Subject: CN=F289BBB67D7072B03657D18C74EC4D587D0966A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c4:ec:01:fc:b6:1f:b4:85:4e:2e:b0:2d:11:
7e:38:29:33:39:e3:1c:6c:4e:2f:83:1f:fc:2b:0d:
0a:03:60:0e:6d:a1:d7:0e:1b:ca:8a:64:d7:73:cf:
24:a0:66:0d:97:52:11:cc:a6:e3:33:f1:5a:28:3c:
8b:14:cb:a7:8e:e8:43:e2:2b:e0:a0:1f:06:5e:dd:
be:f5:f5:93:83:26:04:f3:0e:60:c8:87:d9:62:a5:
0a:47:2b:94:70:eb:89:74:64:1e:02:ac:83:21:4e:
32:e3:29:21:ca:92:52:cb:de:06:71:51:76:57:a6:
d1:31:20:ea:07:9a:bd:17:2d:4f:c2:37:7c:a1:39:
43:9c:74:33:c0:bd:ec:f4:38:25:a7:22:fc:69:44:
04:fa:45:50:20:60:39:e4:dc:9b:40:09:be:a5:54:
e6:82:12:42:8e:8d:6d:5d:ef:a7:89:d6:bb:a8:16:
e8:51:67:d4:cd:aa:42:4e:0e:e2:40:9e:97:3f:c4:
32:7e:fa:56:0a:8a:d8:1d:d5:dc:c9:87:09:38:ea:
f5:cb:f8:1b:d9:e8:5e:3f:bc:8e:04:c9:e0:9d:e7:
ac:a8:78:44:72:c5:ea:36:cf:3e:92:9c:c1:2e:04:
1d:24:f8:d0:5e:97:b6:da:fa:80:8a:6c:35:fd:f1:
e0:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:89:BB:B6:7D:70:72:B0:36:57:D1:8C:74:EC:4D:58:7D:09:66:A7
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3139372e33312e302f32342d3234203d3e203230383630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.31.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:09:1d:da:04:63:ef:cf:9b:0b:a3:cc:8f:9f:9f:4a:0b:82:
ab:4f:3b:65:b1:9d:49:63:3c:be:87:5e:6f:dd:75:e2:4a:0b:
00:2b:63:33:96:42:99:2b:45:6d:12:7e:1f:9f:95:c0:74:c0:
1b:58:cd:d0:66:35:0d:27:76:f2:f8:cc:fe:39:81:e1:2a:a0:
f9:ee:1e:25:3d:d8:99:bb:35:f4:a8:f5:03:ad:8d:7f:9c:07:
0f:ea:c6:1a:e8:3f:9e:fa:31:5f:eb:60:4d:6e:eb:ba:28:b7:
2b:1e:46:36:93:48:f3:e5:3a:05:58:58:37:93:e0:96:ae:20:
5b:90:05:db:bf:7c:13:0e:b4:6f:1b:31:3a:b1:0b:ce:a5:89:
41:bf:d0:1d:96:a1:33:59:cf:4c:f8:66:bf:1e:ef:3b:25:05:
74:09:01:d3:dc:65:10:74:07:18:07:95:91:ef:25:be:93:bd:
a6:31:b5:1d:e7:09:03:72:9e:b3:4d:28:69:ab:33:7e:82:b6:
48:97:82:ad:05:29:78:3d:e1:3a:05:69:c3:01:e7:e7:7e:5d:
19:b4:bb:e4:58:f3:94:e0:80:52:41:ca:3f:44:9f:9b:68:a9:
e7:94:2f:f3:b0:a2:26:c8:ab:13:23:c7:80:cd:b1:bd:1d:8e:
d6:fc:cd:77
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUf1ZP/kbv9OVw2qz4PsB8tFrbd+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDEwMDcxNTMwMzdaFw0yNTEwMDYxNTM1MzdaMDMxMTAvBgNV
BAMTKEYyODlCQkI2N0Q3MDcyQjAzNjU3RDE4Qzc0RUM0RDU4N0QwOTY2QTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlxOwB/LYftIVOLrAtEX44KTM5
4xxsTi+DH/wrDQoDYA5todcOG8qKZNdzzySgZg2XUhHMpuMz8VooPIsUy6eO6EPi
K+CgHwZe3b719ZODJgTzDmDIh9lipQpHK5Rw64l0ZB4CrIMhTjLjKSHKklLL3gZx
UXZXptExIOoHmr0XLU/CN3yhOUOcdDPAvez0OCWnIvxpRAT6RVAgYDnk3JtACb6l
VOaCEkKOjW1d76eJ1ruoFuhRZ9TNqkJODuJAnpc/xDJ++lYKitgd1dzJhwk46vXL
+BvZ6F4/vI4EyeCd56yoeERyxeo2zz6SnMEuBB0k+NBel7ba+oCKbDX98eAdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU8om7tn1wcrA2V9GMdOxNWH0JZqcwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMTM5MzcyZTMz
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzgzNjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ucUfMA0GCSqGSIb3DQEBCwUAA4IBAQBqCR3aBGPvz5sLo8yPn59KC4KrTztlsZ1J
Yzy+h15v3XXiSgsAK2MzlkKZK0VtEn4fn5XAdMAbWM3QZjUNJ3by+Mz+OYHhKqD5
7h4lPdiZuzX0qPUDrY1/nAcP6sYa6D+e+jFf62BNbuu6KLcrHkY2k0jz5ToFWFg3
k+CWriBbkAXbv3wTDrRvGzE6sQvOpYlBv9AdlqEzWc9M+Ga/Hu87JQV0CQHT3GUQ
dAcYB5WR7yW+k72mMbUd5wkDcp6zTShpqzN+grZIl4KtBSl4PeE6BWnDAefnfl0Z
tLvkWPOU4IBSQco/RJ+baKnnlC/zsKImyKsTI8eAzbG9HY7W/M13
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:24 2024 by rpki-client on console-ams.rpki-client.org