Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231362e3233302e302f32342d3234203d3e20313336373837.roa
File: 3138352e3231362e3233302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: CrKQY2mpQCAggbLTXpY3cBnZfPo1SaDDJEhkFIvvOxQ=
Subject key identifier: AE:54:1A:B7:43:58:27:C1:80:D9:33:AE:C8:72:6C:ED:8E:FB:04:A1
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 64C8E09D5B45E9893FD86815B05D5D8E66FB7B5D
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231362e3233302e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 12 May 2024 11:03:37 +0000
ROA not before: Sun 12 May 2024 10:58:37 +0000
ROA not after: Sun 11 May 2025 11:03:37 +0000
asID: 136787
IP address blocks: 185.216.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:c8:e0:9d:5b:45:e9:89:3f:d8:68:15:b0:5d:5d:8e:66:fb:7b:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: May 12 10:58:37 2024 GMT
Not After : May 11 11:03:37 2025 GMT
Subject: CN=AE541AB7435827C180D933AEC8726CED8EFB04A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ce:60:76:a2:30:90:bf:73:37:a2:d1:11:db:
66:9f:b2:6b:a2:9d:a6:7d:21:ed:7d:90:57:62:12:
19:b1:30:59:3e:55:fa:c4:f3:41:a5:2b:d1:7f:88:
19:eb:9b:e6:e9:c8:89:81:c9:00:e9:ab:9b:f4:d3:
1d:ba:f3:bc:dd:ad:69:e1:3c:6d:43:4f:2d:25:8e:
a7:33:83:b9:aa:26:22:7d:09:c0:51:ef:24:a3:0f:
ed:43:00:82:ec:2e:22:5b:79:16:39:a6:10:0f:cc:
34:2c:da:de:42:fa:9a:fc:63:78:7f:fa:90:26:99:
74:a7:25:88:c3:2f:d1:af:55:7a:a3:03:9d:c4:cc:
05:13:84:6e:08:98:b8:a8:28:e8:34:67:74:c5:d8:
28:b5:68:52:a9:f5:c2:24:6e:6f:25:b6:e0:1e:49:
18:cf:9f:bc:2d:27:0c:7c:58:27:a0:f9:cd:56:eb:
6c:5f:0f:f0:9c:7a:34:33:44:20:86:12:02:ea:71:
76:4d:39:28:46:16:f5:0e:ee:9f:4b:fb:36:91:f4:
c8:89:10:a0:c1:ba:60:cb:3e:82:bb:15:3c:56:03:
dd:b3:7b:2a:4b:3a:e8:a2:bd:14:66:fd:b7:da:71:
98:3e:38:e6:c8:8d:0c:2e:50:27:e9:c7:47:c9:c1:
a4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:54:1A:B7:43:58:27:C1:80:D9:33:AE:C8:72:6C:ED:8E:FB:04:A1
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231362e3233302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.230.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:57:b9:ea:11:8e:84:fb:fa:ea:73:ac:3c:32:b3:b4:64:49:
a1:d2:09:4a:38:33:67:c2:7a:cc:ba:79:04:f4:e2:64:0e:5e:
ec:a8:3e:57:fa:cb:2b:69:95:1a:72:7f:d4:0e:ce:b3:98:c3:
53:d3:13:bd:5c:b1:ca:ab:52:61:d4:07:8e:37:9c:72:e3:88:
9e:40:a3:13:54:40:00:64:87:47:e4:d4:8c:87:e7:61:98:45:
a3:08:df:a8:09:57:62:38:15:ad:06:61:67:7f:f6:48:a9:24:
96:dc:bd:92:23:23:0f:b8:34:f6:b8:76:d8:33:48:26:64:da:
63:8d:da:af:e6:f2:ce:ea:e9:74:ff:1a:e0:be:59:6c:87:5e:
a0:22:2a:77:72:6d:2b:37:59:06:b8:98:14:59:ed:47:2e:bc:
66:82:30:76:2a:f9:77:6b:5f:45:0b:20:d8:c1:e5:49:01:81:
30:37:5d:f3:3f:5c:58:57:e7:0b:1b:a0:e5:95:99:ae:08:ba:
58:e9:dc:be:e9:1b:71:b6:54:07:ac:57:e3:d3:3d:3e:68:ab:
df:30:89:59:34:98:a4:97:41:17:6c:1e:f0:2f:19:7a:d2:27:
cd:6d:78:e5:50:58:b4:ed:4a:e4:31:eb:0b:71:a0:78:99:54:
70:04:90:67
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZMjgnVtF6Yk/2GgVsF1djmb7e10wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDA1MTIxMDU4MzdaFw0yNTA1MTExMTAzMzdaMDMxMTAvBgNV
BAMTKEFFNTQxQUI3NDM1ODI3QzE4MEQ5MzNBRUM4NzI2Q0VEOEVGQjA0QTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJzmB2ojCQv3M3otER22afsmui
naZ9Ie19kFdiEhmxMFk+VfrE80GlK9F/iBnrm+bpyImByQDpq5v00x2687zdrWnh
PG1DTy0ljqczg7mqJiJ9CcBR7ySjD+1DAILsLiJbeRY5phAPzDQs2t5C+pr8Y3h/
+pAmmXSnJYjDL9GvVXqjA53EzAUThG4ImLioKOg0Z3TF2Ci1aFKp9cIkbm8ltuAe
SRjPn7wtJwx8WCeg+c1W62xfD/CcejQzRCCGEgLqcXZNOShGFvUO7p9L+zaR9MiJ
EKDBumDLPoK7FTxWA92zeypLOuiivRRm/bfacZg+OObIjQwuUCfpx0fJwaQVAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUrlQat0NYJ8GA2TOuyHJs7Y77BKEwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjMxMzYyZTMy
MzMzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnY5jANBgkqhkiG9w0BAQsFAAOCAQEALle56hGOhPv66nOsPDKztGRJodIJ
SjgzZ8J6zLp5BPTiZA5e7Kg+V/rLK2mVGnJ/1A7Os5jDU9MTvVyxyqtSYdQHjjec
cuOInkCjE1RAAGSHR+TUjIfnYZhFowjfqAlXYjgVrQZhZ3/2SKkklty9kiMjD7g0
9rh22DNIJmTaY43ar+byzurpdP8a4L5ZbIdeoCIqd3JtKzdZBriYFFntRy68ZoIw
dir5d2tfRQsg2MHlSQGBMDdd8z9cWFfnCxug5ZWZrgi6WOncvukbcbZUB6xX49M9
Pmir3zCJWTSYpJdBF2we8C8ZetInzW145VBYtO1K5DHrC3GgeJlUcASQZw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:44 2024 by rpki-client on console-ams.rpki-client.org