Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231312e33332e302f32342d3234203d3e20383334.roa
File: 3138352e3231312e33332e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: oWbl4IgGFjh/mHVvEvUtgnTVlgAuT+SJArvnJoRpqSo=
Subject key identifier: 25:F8:31:DC:2B:0B:8C:69:39:A0:C4:77:5F:0F:F0:7F:50:27:6E:23
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 0D5444094482F3F6A6A29CAA58CE483B474EC2D7
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231312e33332e302f32342d3234203d3e20383334.roa
Signing time: Fri 02 Feb 2024 12:11:37 +0000
ROA not before: Fri 02 Feb 2024 12:06:37 +0000
ROA not after: Fri 31 Jan 2025 12:11:37 +0000
asID: 834
IP address blocks: 185.211.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:54:44:09:44:82:f3:f6:a6:a2:9c:aa:58:ce:48:3b:47:4e:c2:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Feb 2 12:06:37 2024 GMT
Not After : Jan 31 12:11:37 2025 GMT
Subject: CN=25F831DC2B0B8C6939A0C4775F0FF07F50276E23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:59:e3:c4:9a:f2:4b:60:5d:75:bc:d8:54:74:
03:41:d3:d8:8c:59:63:e5:bb:2f:12:7b:13:a7:7b:
54:53:ff:75:be:d3:e3:9e:ec:2a:e9:a5:18:5f:f1:
26:cf:b8:b5:f0:6d:11:51:a3:4b:ce:ee:2f:53:c8:
ec:db:a7:e8:08:d2:67:9d:4b:cf:8f:68:6f:2f:64:
ba:c4:c4:7b:38:7b:ed:8d:5c:ee:57:6b:d8:10:3a:
0c:f9:e4:65:42:3a:27:38:a6:d0:19:95:0c:a7:6b:
25:62:73:51:fa:33:7c:b7:53:1b:46:8d:90:3e:25:
24:a9:ce:fd:64:d9:ef:3d:e7:24:ab:e8:66:57:17:
88:ac:40:ca:f9:ad:6a:39:ae:6e:c1:8c:52:20:8d:
9a:da:54:be:2f:fe:85:59:12:23:7d:86:ef:47:23:
f4:53:5b:45:c0:83:bc:79:70:c0:cd:23:d0:bc:99:
30:b9:89:4d:b8:25:53:4c:99:8d:c0:4c:39:1d:c0:
62:49:c2:3b:97:ef:21:29:8f:3c:79:12:d3:4f:cd:
57:94:53:08:e7:d8:4a:40:49:2e:4b:a8:74:ba:c5:
ab:d9:2e:c0:bb:2d:56:0d:e4:67:74:ef:87:18:ed:
e8:6d:50:cb:4b:4d:76:86:0f:82:d8:a0:24:91:21:
dc:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:F8:31:DC:2B:0B:8C:69:39:A0:C4:77:5F:0F:F0:7F:50:27:6E:23
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231312e33332e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.33.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:c1:65:a0:d5:30:d1:06:0c:46:4e:c5:c0:06:d6:96:b1:6f:
7e:10:c6:95:45:e8:37:ed:0b:a4:17:f3:f6:68:26:9e:7a:02:
96:cd:70:5d:e7:79:a2:5c:b1:70:86:05:fb:75:57:60:22:4e:
d9:24:bb:a6:b6:e3:d1:22:a0:ca:60:c4:59:3c:8f:46:7f:08:
1f:2b:43:6f:34:e3:b3:57:39:05:f0:8c:8a:80:54:8d:2e:73:
e0:9a:95:bd:3f:cc:51:6c:06:69:d0:09:ae:e1:f3:4f:ae:2d:
6d:f3:78:c3:35:99:14:d0:6e:dc:9e:71:cc:dc:ba:2e:bf:69:
5c:68:6a:1f:59:3f:1b:b3:82:4d:ce:39:f6:99:cb:f3:a7:02:
37:d6:74:bc:0f:de:08:4f:a6:30:7d:74:80:1c:6b:b2:3a:e7:
8d:f4:14:98:9d:46:9e:3e:21:92:40:3e:d2:f7:26:57:32:a7:
73:38:f2:7f:a2:a3:1d:b4:a5:64:6e:42:54:61:51:81:6e:0d:
eb:bc:47:a7:4d:90:79:e7:1f:d4:fc:e5:66:b3:75:86:75:1d:
ef:44:a2:9d:07:7b:b1:94:6e:65:4e:9a:61:c7:11:d5:2b:8d:
b2:b7:9a:75:76:e9:19:aa:c9:8c:3e:3a:ac:7e:43:bd:e6:18:
ab:21:90:f3
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUDVRECUSC8/amopyqWM5IO0dOwtcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDAyMDIxMjA2MzdaFw0yNTAxMzExMjExMzdaMDMxMTAvBgNV
BAMTKDI1RjgzMURDMkIwQjhDNjkzOUEwQzQ3NzVGMEZGMDdGNTAyNzZFMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9WePEmvJLYF11vNhUdANB09iM
WWPluy8SexOne1RT/3W+0+Oe7CrppRhf8SbPuLXwbRFRo0vO7i9TyOzbp+gI0med
S8+PaG8vZLrExHs4e+2NXO5Xa9gQOgz55GVCOic4ptAZlQynayVic1H6M3y3UxtG
jZA+JSSpzv1k2e895ySr6GZXF4isQMr5rWo5rm7BjFIgjZraVL4v/oVZEiN9hu9H
I/RTW0XAg7x5cMDNI9C8mTC5iU24JVNMmY3ATDkdwGJJwjuX7yEpjzx5EtNPzVeU
Uwjn2EpASS5LqHS6xavZLsC7LVYN5Gd074cY7ehtUMtLTXaGD4LYoCSRIdyzAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUJfgx3CsLjGk5oMR3Xw/wf1AnbiMwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjMxMzEyZTMz
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC50yEw
DQYJKoZIhvcNAQELBQADggEBAA7BZaDVMNEGDEZOxcAG1paxb34QxpVF6DftC6QX
8/ZoJp56ApbNcF3neaJcsXCGBft1V2AiTtkku6a249EioMpgxFk8j0Z/CB8rQ280
47NXOQXwjIqAVI0uc+Calb0/zFFsBmnQCa7h80+uLW3zeMM1mRTQbtyecczcui6/
aVxoah9ZPxuzgk3OOfaZy/OnAjfWdLwP3ghPpjB9dIAca7I65430FJidRp4+IZJA
PtL3Jlcyp3M48n+iox20pWRuQlRhUYFuDeu8R6dNkHnnH9T85WazdYZ1He9Eop0H
e7GUbmVOmmHHEdUrjbK3mnV26RmqyYw+Oqx+Q73mGKshkPM=
-----END CERTIFICATE-----
Generated at Thu May 2 05:35:06 2024 by rpki-client on console-fra.rpki-client.org