Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231332e32352e302f32342d3332203d3e203531313637.roa
File: 3138352e3231332e32352e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: FwMl0LhJmi3zxX1TqWMYPxKLu7QfnhZ3tSCksANiZWc=
Subject key identifier: 22:51:AE:0A:EB:91:5D:3A:50:B6:8A:CD:04:8F:48:C3:1F:DA:B9:37
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 12725D378D787A5BD60BFD1059D0CC7F8466CB7F
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231332e32352e302f32342d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:35 +0000
ROA not before: Mon 26 Feb 2024 08:48:35 +0000
ROA not after: Mon 24 Feb 2025 08:53:35 +0000
asID: 51167
IP address blocks: 185.213.25.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:72:5d:37:8d:78:7a:5b:d6:0b:fd:10:59:d0:cc:7f:84:66:cb:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Feb 26 08:48:35 2024 GMT
Not After : Feb 24 08:53:35 2025 GMT
Subject: CN=2251AE0AEB915D3A50B68ACD048F48C31FDAB937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4c:a0:92:8b:d1:6c:f7:e3:1a:6f:00:fd:66:
92:21:9c:c8:6a:81:a8:d2:00:2d:09:a2:86:cd:8c:
cc:62:bb:c5:74:a0:75:af:22:2d:1a:ff:0f:ce:3b:
09:e9:e2:f0:e8:f1:66:a3:e2:17:c8:ed:6e:af:67:
7c:5d:df:90:01:c0:13:8d:68:40:35:d9:65:3d:81:
45:8c:d8:6c:4d:ba:cf:c5:21:70:72:48:86:ae:71:
39:ff:d2:5b:71:16:7a:64:99:f0:20:7d:89:bd:65:
10:b3:26:5e:0d:54:5d:65:c0:b7:9c:0a:75:4d:49:
2a:b9:b8:9e:cc:8b:01:06:3f:1e:3f:9a:ab:a3:9e:
82:a6:95:ee:26:d2:53:76:32:c8:95:e8:c5:41:da:
9b:cf:d7:29:30:b6:8f:d2:0b:f8:29:94:7e:69:96:
4e:a8:0a:24:c8:38:02:26:f4:17:66:6c:2e:c2:08:
95:0e:50:c2:62:2f:55:df:2e:43:74:bf:b1:c6:eb:
e6:1e:0e:52:fb:5b:d7:80:b1:14:64:bf:4c:31:be:
3f:19:f8:b9:30:0c:9a:80:bb:13:b4:67:fb:bc:2c:
45:da:c0:a5:6f:9f:d3:f8:7b:4a:a2:ea:c4:a4:4d:
b5:7f:b7:8e:15:66:39:74:0a:47:58:78:0e:e5:41:
b8:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:51:AE:0A:EB:91:5D:3A:50:B6:8A:CD:04:8F:48:C3:1F:DA:B9:37
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231332e32352e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.25.0/24
Signature Algorithm: sha256WithRSAEncryption
82:3f:e5:57:51:2d:e1:ae:ee:21:44:fb:b7:09:de:a6:70:ea:
87:f3:af:55:82:05:78:37:9c:21:3e:90:e7:1d:fb:50:a9:6c:
ee:4b:9e:d5:39:3a:46:df:13:88:91:51:4f:48:71:5b:b6:47:
78:4e:da:f8:f1:11:ea:26:38:2b:9f:f8:c0:4d:82:98:b0:00:
de:b6:7b:bb:41:e7:9b:31:b1:84:6d:78:48:4b:ea:2c:69:60:
b1:34:49:f0:a3:0b:de:68:4a:94:ca:92:b8:aa:7d:4d:6f:c6:
3d:00:97:6d:97:5c:4f:08:02:f9:77:7e:4c:5a:b5:1c:b8:cb:
6a:ad:74:1f:b4:24:53:90:bf:a7:2c:34:cb:f2:48:c9:1e:e6:
5f:95:7d:89:66:58:5d:62:5e:f0:6b:3e:e7:9f:67:60:ca:43:
d9:17:9e:e0:2f:70:8c:29:77:19:e6:a1:48:e3:79:10:ae:e9:
3b:60:32:98:2c:18:fd:07:cd:30:25:ef:1a:ea:99:63:6f:4b:
06:8a:58:53:27:52:bc:96:cb:40:15:8a:20:6c:44:68:6b:6f:
4d:3f:2d:6d:ec:69:40:cf:7b:71:0a:c9:40:66:b5:1a:d3:6e:
e8:30:ad:c8:66:85:90:8e:4d:7f:a0:60:ad:d3:94:e3:3b:8f:
e1:85:8d:15
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEnJdN414elvWC/0QWdDMf4Rmy38wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDAyMjYwODQ4MzVaFw0yNTAyMjQwODUzMzVaMDMxMTAvBgNV
BAMTKDIyNTFBRTBBRUI5MTVEM0E1MEI2OEFDRDA0OEY0OEMzMUZEQUI5MzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0TKCSi9Fs9+MabwD9ZpIhnMhq
gajSAC0JoobNjMxiu8V0oHWvIi0a/w/OOwnp4vDo8Waj4hfI7W6vZ3xd35ABwBON
aEA12WU9gUWM2GxNus/FIXBySIaucTn/0ltxFnpkmfAgfYm9ZRCzJl4NVF1lwLec
CnVNSSq5uJ7MiwEGPx4/mqujnoKmle4m0lN2MsiV6MVB2pvP1ykwto/SC/gplH5p
lk6oCiTIOAIm9BdmbC7CCJUOUMJiL1XfLkN0v7HG6+YeDlL7W9eAsRRkv0wxvj8Z
+LkwDJqAuxO0Z/u8LEXawKVvn9P4e0qi6sSkTbV/t44VZjl0CkdYeA7lQbh7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUIlGuCuuRXTpQtorNBI9Iwx/auTcwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjMxMzMyZTMy
MzUyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
udUZMA0GCSqGSIb3DQEBCwUAA4IBAQCCP+VXUS3hru4hRPu3Cd6mcOqH869VggV4
N5whPpDnHftQqWzuS57VOTpG3xOIkVFPSHFbtkd4Ttr48RHqJjgrn/jATYKYsADe
tnu7QeebMbGEbXhIS+osaWCxNEnwowveaEqUypK4qn1Nb8Y9AJdtl1xPCAL5d35M
WrUcuMtqrXQftCRTkL+nLDTL8kjJHuZflX2JZlhdYl7waz7nn2dgykPZF57gL3CM
KXcZ5qFI43kQruk7YDKYLBj9B80wJe8a6pljb0sGilhTJ1K8lstAFYogbERoa29N
Py1t7GlAz3txCslAZrUa027oMK3IZoWQjk1/oGCt05TjO4/hhY0V
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org