Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231362e3233312e302f32342d3234203d3e20313437303439.roa
File: 3138352e3231362e3233312e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: 77idnXvgjAX+cyKWFrZQ+h7lenh0bRUoLif7KZ9Fp1I=
Subject key identifier: 1E:D1:2A:90:6D:23:B4:42:C3:63:3B:A4:90:06:6F:57:DC:91:63:0D
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 6001073151DE909F1EBD1DB0913B76D82BE4BACF
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231362e3233312e302f32342d3234203d3e20313437303439.roa
Signing time: Tue 23 Jul 2024 21:04:22 +0000
ROA not before: Tue 23 Jul 2024 20:59:22 +0000
ROA not after: Tue 22 Jul 2025 21:04:22 +0000
asID: 147049
IP address blocks: 185.216.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:01:07:31:51:de:90:9f:1e:bd:1d:b0:91:3b:76:d8:2b:e4:ba:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Jul 23 20:59:22 2024 GMT
Not After : Jul 22 21:04:22 2025 GMT
Subject: CN=1ED12A906D23B442C3633BA490066F57DC91630D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6d:c0:e5:b0:b9:5b:4c:c1:5f:0a:f7:fa:42:
62:8e:95:44:59:07:79:6b:db:e8:bc:8e:04:2c:63:
cc:9a:6d:7e:d6:19:08:c9:66:43:a8:a7:95:fa:74:
67:17:2b:f2:11:17:43:ea:fd:b8:55:96:3d:0f:03:
22:70:4a:ee:db:8c:b4:b7:aa:86:d0:d2:3f:00:66:
ec:c1:74:77:c4:80:8e:48:9b:4a:71:5a:ee:fe:07:
40:35:86:df:25:bc:3b:a8:1e:03:1b:3e:cc:d4:6c:
02:4e:00:6f:90:e5:02:ff:cd:77:5c:ad:3a:71:e2:
36:5d:82:22:74:12:a8:a9:cb:64:27:30:86:ae:c8:
77:94:4c:ea:35:51:0d:55:32:7b:c0:27:f3:9a:64:
30:da:01:bc:01:b1:ae:15:a1:16:e7:79:2e:15:27:
15:5f:02:3c:49:30:98:d0:c9:71:53:2a:4d:98:4d:
c1:f0:fd:b9:07:39:58:14:c2:60:c8:fa:32:41:91:
d6:e2:35:e8:1e:15:e8:73:15:89:a0:b5:48:47:52:
f2:a3:23:68:49:9c:e2:3d:6d:68:e8:21:9b:e2:60:
2f:c5:f3:ce:60:6c:ef:42:84:78:a5:28:71:bc:61:
24:1b:fc:1d:7f:c9:10:d5:32:dc:b7:a2:f1:f0:d8:
0f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D1:2A:90:6D:23:B4:42:C3:63:3B:A4:90:06:6F:57:DC:91:63:0D
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231362e3233312e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.231.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:b1:c1:76:d2:36:ed:30:05:1b:61:8d:29:bd:a2:b0:40:38:
eb:c3:1b:7b:56:5a:52:a0:2b:79:3b:f3:ff:df:70:0e:7d:79:
2a:eb:20:22:09:95:86:32:e0:79:eb:3d:d0:ee:80:b7:54:e1:
b1:63:9d:52:e8:b0:b9:62:9a:86:32:9f:a0:43:b5:d7:57:fb:
fe:64:6e:34:80:1b:7e:4d:8c:6a:49:9a:d2:8c:02:ee:16:b2:
09:7a:1e:7b:0b:06:5c:ea:55:0d:e6:dd:75:ac:13:8e:d7:a3:
c6:54:05:67:79:4e:07:73:98:03:fc:0f:e5:58:d1:73:93:40:
30:af:a9:86:b7:39:0c:bf:9c:49:ce:ec:0d:ac:07:87:0b:1a:
ed:83:d4:ff:f1:c1:a6:ce:1f:a5:18:18:73:2d:81:29:af:fa:
d9:97:b0:7e:bb:b1:17:ee:88:e4:de:cc:09:d4:d0:cf:bb:d8:
e4:f9:1f:75:0d:7b:8b:1f:03:4b:8f:6e:08:4a:63:ca:8c:1a:
cf:97:55:d3:6c:6e:a0:5b:38:36:5b:c0:6d:b0:d4:44:20:2e:
3c:0f:ac:9c:71:f8:7f:50:2f:2d:1a:98:14:40:3c:07:fb:4b:
0b:8b:32:b4:f9:9f:90:66:a3:99:4f:d5:8b:8a:e6:a4:a1:62:
3d:1f:77:3e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUYAEHMVHekJ8evR2wkTt22Cvkus8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDA3MjMyMDU5MjJaFw0yNTA3MjIyMTA0MjJaMDMxMTAvBgNV
BAMTKDFFRDEyQTkwNkQyM0I0NDJDMzYzM0JBNDkwMDY2RjU3REM5MTYzMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRbcDlsLlbTMFfCvf6QmKOlURZ
B3lr2+i8jgQsY8yabX7WGQjJZkOop5X6dGcXK/IRF0Pq/bhVlj0PAyJwSu7bjLS3
qobQ0j8AZuzBdHfEgI5Im0pxWu7+B0A1ht8lvDuoHgMbPszUbAJOAG+Q5QL/zXdc
rTpx4jZdgiJ0Eqipy2QnMIauyHeUTOo1UQ1VMnvAJ/OaZDDaAbwBsa4VoRbneS4V
JxVfAjxJMJjQyXFTKk2YTcHw/bkHOVgUwmDI+jJBkdbiNegeFehzFYmgtUhHUvKj
I2hJnOI9bWjoIZviYC/F885gbO9ChHilKHG8YSQb/B1/yRDVMty3ovHw2A/PAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUHtEqkG0jtELDYzukkAZvV9yRYw0wHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjMxMzYyZTMy
MzMzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNzMwMzQzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnY5zANBgkqhkiG9w0BAQsFAAOCAQEAbLHBdtI27TAFG2GNKb2isEA468Mb
e1ZaUqAreTvz/99wDn15KusgIgmVhjLgees90O6At1ThsWOdUuiwuWKahjKfoEO1
11f7/mRuNIAbfk2Makma0owC7hayCXoeewsGXOpVDebddawTjtejxlQFZ3lOB3OY
A/wP5VjRc5NAMK+phrc5DL+cSc7sDawHhwsa7YPU//HBps4fpRgYcy2BKa/62Zew
fruxF+6I5N7MCdTQz7vY5PkfdQ17ix8DS49uCEpjyowaz5dV02xuoFs4NlvAbbDU
RCAuPA+snHH4f1AvLRqYFEA8B/tLC4sytPmfkGajmU/Vi4rmpKFiPR93Pg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org