Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231312e33322e302f32342d3234203d3e20313336373837.roa
File: 3138352e3231312e33322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: B8rFcpirJvkU67eLfAIxcc29GOj+j3umdLt7G1LgzQ8=
Subject key identifier: DF:5D:58:86:DF:7C:21:8E:51:75:B5:B6:68:79:22:33:3D:A4:AB:21
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 210B1CD0DC7FC97B3AF22F20122FA5FE0CC63D0C
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231312e33322e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:37 +0000
ROA not before: Mon 26 Feb 2024 08:48:37 +0000
ROA not after: Mon 24 Feb 2025 08:53:37 +0000
asID: 136787
IP address blocks: 185.211.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:0b:1c:d0:dc:7f:c9:7b:3a:f2:2f:20:12:2f:a5:fe:0c:c6:3d:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Feb 26 08:48:37 2024 GMT
Not After : Feb 24 08:53:37 2025 GMT
Subject: CN=DF5D5886DF7C218E5175B5B6687922333DA4AB21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ea:89:60:ab:83:67:86:c2:47:a7:5f:59:61:
5b:f2:7f:95:bc:1d:8f:cb:84:f9:5c:ae:a3:83:ae:
6b:82:21:70:e5:c7:43:74:a6:69:85:da:b9:23:05:
86:eb:07:a4:b6:c3:2e:9b:85:de:a7:a8:1f:cc:7b:
4a:7b:5e:86:c9:1b:03:1c:6e:ee:b2:e1:76:67:55:
25:9b:71:eb:40:48:24:26:ca:39:36:af:d1:4a:19:
a4:f5:71:20:24:d8:7d:27:5c:f5:e3:c5:b8:ab:3b:
7d:64:5d:2b:07:17:a1:f4:90:78:ee:44:eb:8d:9b:
5b:28:eb:88:92:1b:1b:14:28:cf:45:ce:ca:45:38:
b3:4c:b6:48:80:ce:d3:f1:05:5d:e6:b2:5e:52:49:
7d:20:b1:24:51:7b:5e:ac:7e:47:00:2d:6c:2b:4c:
5d:c5:09:68:8b:2a:b5:e7:c8:67:04:da:02:7b:26:
63:9b:a4:49:8c:e6:b5:e8:72:b9:5b:66:d4:47:76:
c9:f5:34:5e:95:44:a0:dd:d9:c3:47:90:07:ba:a9:
c8:87:de:4e:d3:90:35:61:fc:c8:2d:ef:94:4a:a4:
d5:1a:f5:af:94:41:9d:f1:bb:66:67:c4:95:e4:5c:
b5:6c:76:14:46:5c:fe:40:99:1a:82:53:08:f0:c9:
49:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:5D:58:86:DF:7C:21:8E:51:75:B5:B6:68:79:22:33:3D:A4:AB:21
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231312e33322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.32.0/24
Signature Algorithm: sha256WithRSAEncryption
66:13:72:15:b6:6b:f2:56:a1:51:f5:36:5c:cc:86:3a:a2:68:
c3:79:2a:54:80:d3:c4:c2:ff:af:ff:35:79:46:7b:c9:80:3f:
22:8f:4a:78:9e:1b:26:6d:2c:69:7b:6d:71:7d:93:51:da:9f:
a0:af:92:02:15:8f:b7:2c:4b:ef:8c:04:4e:ff:b7:7d:0c:be:
7b:dc:4c:0d:9e:8c:c7:e1:d5:5a:07:93:e9:fd:5d:6e:da:c5:
d0:e7:7e:7e:44:0a:0a:9d:53:43:80:ea:d8:42:b2:de:f5:c1:
e1:72:36:c9:96:4d:19:30:ad:02:dd:4e:33:37:89:de:8a:e9:
90:94:a3:20:33:44:35:6e:3a:28:20:44:23:05:80:94:45:04:
71:cc:d6:be:04:92:df:f2:95:1d:0d:4f:91:1e:c1:29:e6:84:
54:aa:66:ca:ec:a7:80:ef:ba:70:69:67:ed:80:d2:b2:bb:70:
0c:ff:9a:95:49:65:6a:d2:33:b9:74:7b:47:c3:7d:61:95:df:
dc:1a:ef:7d:bd:89:e9:c0:79:44:90:d6:49:f7:64:ca:b9:39:
be:cb:32:1d:02:4f:f2:cb:9c:0e:fc:8e:5a:f8:3d:42:cf:01:
af:7a:ab:aa:39:1b:fd:47:c1:00:9a:50:68:58:07:f0:84:8f:
b0:82:29:cb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIQsc0Nx/yXs68i8gEi+l/gzGPQwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDAyMjYwODQ4MzdaFw0yNTAyMjQwODUzMzdaMDMxMTAvBgNV
BAMTKERGNUQ1ODg2REY3QzIxOEU1MTc1QjVCNjY4NzkyMjMzM0RBNEFCMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN6olgq4NnhsJHp19ZYVvyf5W8
HY/LhPlcrqODrmuCIXDlx0N0pmmF2rkjBYbrB6S2wy6bhd6nqB/Me0p7XobJGwMc
bu6y4XZnVSWbcetASCQmyjk2r9FKGaT1cSAk2H0nXPXjxbirO31kXSsHF6H0kHju
ROuNm1so64iSGxsUKM9FzspFOLNMtkiAztPxBV3msl5SSX0gsSRRe16sfkcALWwr
TF3FCWiLKrXnyGcE2gJ7JmObpEmM5rXocrlbZtRHdsn1NF6VRKDd2cNHkAe6qciH
3k7TkDVh/Mgt75RKpNUa9a+UQZ3xu2ZnxJXkXLVsdhRGXP5AmRqCUwjwyUlDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU311Yht98IY5RdbW2aHkiMz2kqyEwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjMxMzEyZTMz
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC50yAwDQYJKoZIhvcNAQELBQADggEBAGYTchW2a/JWoVH1NlzMhjqiaMN5KlSA
08TC/6//NXlGe8mAPyKPSnieGyZtLGl7bXF9k1Han6CvkgIVj7csS++MBE7/t30M
vnvcTA2ejMfh1VoHk+n9XW7axdDnfn5ECgqdU0OA6thCst71weFyNsmWTRkwrQLd
TjM3id6K6ZCUoyAzRDVuOiggRCMFgJRFBHHM1r4Ekt/ylR0NT5EewSnmhFSqZsrs
p4DvunBpZ+2A0rK7cAz/mpVJZWrSM7l0e0fDfWGV39wa7329ienAeUSQ1kn3ZMq5
Ob7LMh0CT/LLnA78jlr4PULPAa96q6o5G/1HwQCaUGhYB/CEj7CCKcs=
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:58 2024 by rpki-client on console-ams.rpki-client.org