Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231362e3233302e302f32342d3234203d3e20313336373837.roa
File: 3138352e3231362e3233302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: GQkQFIR3mKakTSqSgBE5obf26cp5HeUlybNGuLrf3aM=
Subject key identifier: 22:19:20:B0:6A:E6:4D:89:7B:CB:1D:AF:59:3E:D9:67:70:6C:4F:E4
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 2244D2D6594592C882941E07AF9F65E68D890DF7
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231362e3233302e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 11 Jun 2023 11:00:09 +0000
ROA not before: Sun 11 Jun 2023 10:55:09 +0000
ROA not after: Sun 09 Jun 2024 11:00:09 +0000
asID: 136787
IP address blocks: 185.216.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:44:d2:d6:59:45:92:c8:82:94:1e:07:af:9f:65:e6:8d:89:0d:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Jun 11 10:55:09 2023 GMT
Not After : Jun 9 11:00:09 2024 GMT
Subject: CN=221920B06AE64D897BCB1DAF593ED967706C4FE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a1:84:bc:58:b9:b2:32:04:54:8c:2b:28:ef:
3b:6e:b8:51:1a:ed:1d:1a:b4:4c:68:2b:52:e2:15:
33:b3:d2:f9:f1:6b:b3:00:d3:7f:99:4f:e0:38:bd:
fb:9c:38:03:21:56:9a:6b:46:2a:d5:bb:7b:45:9b:
fd:03:b0:5e:2e:93:9a:bd:43:a8:70:9b:46:b5:eb:
ab:07:78:99:bd:8e:fa:ab:c1:9b:6f:44:9b:fa:92:
63:df:1a:7b:d2:9b:d6:a2:aa:21:1a:21:94:1c:b2:
b0:92:7e:cc:e3:ca:c7:54:7b:49:e0:01:1a:ad:12:
23:2e:0a:5c:69:fe:49:2e:bc:18:47:b8:66:49:3d:
66:77:54:db:44:25:23:8d:f5:19:0d:63:1c:01:16:
b8:8b:27:57:9e:2a:91:73:d9:03:ec:0e:83:41:72:
64:47:a9:65:a9:7b:bb:ea:f7:6f:7c:d5:a7:92:ab:
36:5d:77:41:8e:4a:07:af:43:97:9c:e2:d6:c2:c9:
56:10:ec:ce:b3:88:18:ed:c1:3f:84:ba:46:f4:c9:
ac:dc:a8:b8:9e:49:c3:35:8b:54:9c:83:e2:14:db:
86:cb:0b:b6:e9:50:ce:69:24:97:86:63:4b:da:3e:
8e:67:b8:94:fb:68:10:57:7c:af:0f:2f:14:7b:48:
92:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:19:20:B0:6A:E6:4D:89:7B:CB:1D:AF:59:3E:D9:67:70:6C:4F:E4
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231362e3233302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.230.0/24
Signature Algorithm: sha256WithRSAEncryption
98:1d:67:73:14:63:04:5c:c8:56:d2:75:d1:09:5e:ba:52:c3:
13:96:a5:34:cd:77:4b:0d:58:47:37:c3:d4:d1:83:1c:15:e8:
46:d0:bf:a4:fa:b3:8c:6d:d6:cf:51:1a:ea:84:9e:d8:35:41:
53:73:f8:07:cd:b9:3b:3c:8a:ff:3d:d5:21:ba:8c:4f:a1:e4:
5a:79:4a:95:fa:42:4f:4d:b6:a2:c6:f9:7c:01:91:26:b5:cc:
32:b0:1b:2e:c0:c7:93:a6:51:e0:60:19:dd:1d:64:af:cb:dd:
c1:6f:4f:04:e5:07:1b:4e:f3:05:5e:88:bf:73:8d:59:63:a6:
d3:63:06:9f:9f:55:dd:79:1a:b8:86:1a:f7:91:27:3f:84:b6:
8f:cb:da:63:ed:99:43:d1:35:1a:37:7c:66:30:38:e8:74:d8:
6d:82:7c:56:cf:c2:22:9c:ae:f8:9a:0f:b7:5e:30:74:19:71:
65:14:14:63:20:bc:b6:26:40:57:33:1b:a3:5c:24:77:a5:3e:
c3:88:fa:e3:44:66:a0:3f:c6:74:6a:08:8e:2b:80:a2:cc:38:
88:2e:85:ff:ea:ef:cc:ed:b0:14:cd:b7:be:70:53:99:f5:d8:
0e:ac:71:2e:5b:ef:7d:8a:01:c2:c2:50:c8:23:6e:e4:e1:7f:
a2:3e:6d:7f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUIkTS1llFksiClB4Hr59l5o2JDfcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yMzA2MTExMDU1MDlaFw0yNDA2MDkxMTAwMDlaMDMxMTAvBgNV
BAMTKDIyMTkyMEIwNkFFNjREODk3QkNCMURBRjU5M0VEOTY3NzA2QzRGRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEoYS8WLmyMgRUjCso7ztuuFEa
7R0atExoK1LiFTOz0vnxa7MA03+ZT+A4vfucOAMhVpprRirVu3tFm/0DsF4uk5q9
Q6hwm0a166sHeJm9jvqrwZtvRJv6kmPfGnvSm9aiqiEaIZQcsrCSfszjysdUe0ng
ARqtEiMuClxp/kkuvBhHuGZJPWZ3VNtEJSON9RkNYxwBFriLJ1eeKpFz2QPsDoNB
cmRHqWWpe7vq92981aeSqzZdd0GOSgevQ5ec4tbCyVYQ7M6ziBjtwT+Eukb0yazc
qLieScM1i1Scg+IU24bLC7bpUM5pJJeGY0vaPo5nuJT7aBBXfK8PLxR7SJKPAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUIhkgsGrmTYl7yx2vWT7ZZ3BsT+QwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjMxMzYyZTMy
MzMzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnY5jANBgkqhkiG9w0BAQsFAAOCAQEAmB1ncxRjBFzIVtJ10QleulLDE5al
NM13Sw1YRzfD1NGDHBXoRtC/pPqzjG3Wz1Ea6oSe2DVBU3P4B825OzyK/z3VIbqM
T6HkWnlKlfpCT022osb5fAGRJrXMMrAbLsDHk6ZR4GAZ3R1kr8vdwW9PBOUHG07z
BV6Iv3ONWWOm02MGn59V3XkauIYa95EnP4S2j8vaY+2ZQ9E1Gjd8ZjA46HTYbYJ8
Vs/CIpyu+JoPt14wdBlxZRQUYyC8tiZAVzMbo1wkd6U+w4j640RmoD/GdGoIjiuA
osw4iC6F/+rvzO2wFM23vnBTmfXYDqxxLlvvfYoBwsJQyCNu5OF/oj5tfw==
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:23 2024 by rpki-client on console-fra.rpki-client.org