Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3232302e32312e302f32342d3332203d3e20313336373837.roa
File: 3138352e3232302e32312e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: sXBnUkrFqY3IDvN7QlvfkiFWsh0zHQ0+Ue+Z217mFQs=
Subject key identifier: 8C:D3:75:F6:8E:99:46:F0:AB:07:FC:E2:A1:C0:17:CC:A6:F9:F1:F5
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 136EE5BCC6BDA83AF084FFDD7DFD6EAA857A472F
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3232302e32312e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:35 +0000
ROA not before: Mon 26 Feb 2024 08:48:35 +0000
ROA not after: Mon 24 Feb 2025 08:53:35 +0000
asID: 136787
IP address blocks: 185.220.21.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:6e:e5:bc:c6:bd:a8:3a:f0:84:ff:dd:7d:fd:6e:aa:85:7a:47:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Feb 26 08:48:35 2024 GMT
Not After : Feb 24 08:53:35 2025 GMT
Subject: CN=8CD375F68E9946F0AB07FCE2A1C017CCA6F9F1F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:5f:e1:db:2b:97:7d:f0:e8:4b:6d:8c:9e:c8:
d4:c3:1c:09:9c:9e:b5:29:25:2a:71:fb:78:ba:1c:
45:74:83:e2:1e:0d:c0:cf:d5:91:f8:73:7b:a9:8c:
66:0c:97:34:19:82:66:60:b3:b6:66:8c:a9:81:43:
e3:d8:05:d2:06:a4:b7:53:85:be:54:eb:3b:a9:e3:
6f:3b:1e:6a:8f:56:6d:9f:81:33:d2:33:ee:8d:f3:
4d:5f:bb:33:92:71:9a:e6:33:e3:33:2a:58:60:49:
4f:b8:38:bf:98:bc:9e:ea:bf:a6:b9:dc:7b:7e:ff:
a0:f1:9a:6f:be:f1:19:46:c9:3b:8e:be:44:06:a0:
97:71:20:d5:a5:47:6c:e3:a2:7d:bc:ce:a1:02:2c:
69:5d:57:a6:19:ed:61:76:e1:dd:17:19:da:fb:a9:
ce:b8:7c:10:66:fe:42:2f:58:db:4e:2e:7f:24:04:
6e:e0:51:ba:62:8d:1e:ea:50:0e:16:0d:ab:61:60:
d5:08:72:75:1f:b2:48:15:ba:10:40:f7:54:71:5b:
5d:5a:ad:3a:f9:f0:0d:83:10:36:ec:7c:ca:a6:50:
48:88:0f:79:ca:46:f4:c1:e9:8b:8f:37:c1:0c:43:
2b:fc:b7:0d:87:ed:1c:d8:2e:d9:81:d6:aa:65:32:
b3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:D3:75:F6:8E:99:46:F0:AB:07:FC:E2:A1:C0:17:CC:A6:F9:F1:F5
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3232302e32312e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.21.0/24
Signature Algorithm: sha256WithRSAEncryption
51:13:31:ff:67:87:ab:a8:01:ba:3a:c9:f0:a2:94:1e:a2:a3:
1b:76:77:a7:51:29:eb:5c:95:43:a3:d5:45:70:40:34:7b:1f:
2e:8f:e2:56:1a:56:b4:f4:07:d5:10:40:4b:83:ea:0e:81:b4:
7a:9f:0b:9a:be:fe:14:dc:63:6e:c3:8d:d0:c4:03:48:b2:31:
41:b2:6f:66:3e:74:f7:dd:79:b3:d7:10:72:de:c3:b8:88:74:
54:04:c3:1b:e1:79:1a:32:93:9d:42:b9:4d:27:93:f3:f2:86:
92:b1:03:35:38:48:d2:58:fa:e4:e0:7d:bf:ef:7a:ff:d8:cc:
a4:20:d7:e1:3b:3a:64:92:fc:30:9f:de:c0:61:4e:bb:a7:11:
ea:de:cc:af:5c:9c:96:2c:cd:96:58:dc:ed:fb:80:3a:70:0f:
8e:f3:3e:16:42:b2:5d:c0:0c:59:03:3c:02:a5:a5:9d:42:2d:
6b:2b:b3:8f:89:b4:32:a9:3b:54:da:b4:1d:90:cb:c9:e5:ef:
31:d8:0a:ba:99:ce:ff:52:92:fc:d8:dd:fa:71:01:c1:4d:58:
bf:36:a8:c2:a9:a5:96:14:aa:8e:ef:31:7e:94:f9:de:a9:56:
da:ef:a0:3e:f6:aa:c2:2d:f8:42:3a:92:08:fa:8f:81:8d:a0:
3e:9b:50:c9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUE27lvMa9qDrwhP/dff1uqoV6Ry8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDAyMjYwODQ4MzVaFw0yNTAyMjQwODUzMzVaMDMxMTAvBgNV
BAMTKDhDRDM3NUY2OEU5OTQ2RjBBQjA3RkNFMkExQzAxN0NDQTZGOUYxRjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClX+HbK5d98OhLbYyeyNTDHAmc
nrUpJSpx+3i6HEV0g+IeDcDP1ZH4c3upjGYMlzQZgmZgs7ZmjKmBQ+PYBdIGpLdT
hb5U6zup4287HmqPVm2fgTPSM+6N801fuzOScZrmM+MzKlhgSU+4OL+YvJ7qv6a5
3Ht+/6Dxmm++8RlGyTuOvkQGoJdxINWlR2zjon28zqECLGldV6YZ7WF24d0XGdr7
qc64fBBm/kIvWNtOLn8kBG7gUbpijR7qUA4WDathYNUIcnUfskgVuhBA91RxW11a
rTr58A2DEDbsfMqmUEiID3nKRvTB6YuPN8EMQyv8tw2H7RzYLtmB1qplMrM1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUjNN19o6ZRvCrB/ziocAXzKb58fUwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjMyMzAyZTMy
MzEyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC53BUwDQYJKoZIhvcNAQELBQADggEBAFETMf9nh6uoAbo6yfCilB6ioxt2d6dR
KetclUOj1UVwQDR7Hy6P4lYaVrT0B9UQQEuD6g6BtHqfC5q+/hTcY27DjdDEA0iy
MUGyb2Y+dPfdebPXEHLew7iIdFQEwxvheRoyk51CuU0nk/PyhpKxAzU4SNJY+uTg
fb/vev/YzKQg1+E7OmSS/DCf3sBhTrunEerezK9cnJYszZZY3O37gDpwD47zPhZC
sl3ADFkDPAKlpZ1CLWsrs4+JtDKpO1TatB2Qy8nl7zHYCrqZzv9SkvzY3fpxAcFN
WL82qMKppZYUqo7vMX6U+d6pVtrvoD72qsIt+EI6kgj6j4GNoD6bUMk=
-----END CERTIFICATE-----
Generated at Tue May 7 11:42:52 2024 by rpki-client on console-fra.rpki-client.org