Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234312e3233362e302f32332d3234203d3e20323037353934.roa
File: 3138352e3234312e3233362e302f32332d3234203d3e20323037353934.roa (raw, json)
Hash identifier: FFfDais68GVXSUbIfLR2WQXKXXkgZPQA009Z4MhVq4U=
Subject key identifier: 8C:83:64:E4:73:77:77:E4:B9:15:C9:89:FD:84:C5:28:43:D0:53:10
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 4299808794B97292C6696CD64DD2CDF795B9ABA5
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234312e3233362e302f32332d3234203d3e20323037353934.roa
Signing time: Mon 26 Feb 2024 08:53:37 +0000
ROA not before: Mon 26 Feb 2024 08:48:37 +0000
ROA not after: Mon 24 Feb 2025 08:53:37 +0000
asID: 207594
IP address blocks: 185.241.236.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:99:80:87:94:b9:72:92:c6:69:6c:d6:4d:d2:cd:f7:95:b9:ab:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Feb 26 08:48:37 2024 GMT
Not After : Feb 24 08:53:37 2025 GMT
Subject: CN=8C8364E4737777E4B915C989FD84C52843D05310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:6d:44:95:dd:56:4a:2d:10:15:82:1e:ea:e8:
eb:4c:0a:39:e0:66:67:d7:bd:09:81:e0:44:30:9a:
16:b0:b6:a2:ed:91:8c:9b:72:c0:46:a8:20:ab:a3:
39:70:5c:99:04:da:ee:bb:a7:34:06:60:4b:b8:6c:
84:a1:06:cb:ff:21:93:89:c6:84:cc:22:9a:55:19:
f9:3b:44:98:a5:d1:6a:1d:c9:82:2b:ae:1a:d4:31:
a0:1e:61:da:e7:70:60:64:cf:04:1a:49:35:74:61:
c7:b2:6a:24:fa:22:c1:9d:d7:1a:95:38:36:06:2b:
98:11:2c:e1:a6:95:c6:28:6d:56:64:5b:fb:09:68:
36:95:b4:74:7f:8c:be:80:b1:f8:c1:fb:96:03:24:
51:c5:ce:c1:04:77:28:b3:3e:cf:1b:f0:b7:95:d2:
30:f9:92:f5:f6:a8:e4:6d:f9:a0:ab:16:53:84:b2:
28:e1:17:b9:20:cf:d6:f5:8e:38:f8:b9:4b:21:aa:
0d:f0:05:88:d4:a3:39:cb:f1:82:58:86:6f:3a:dd:
1f:6a:46:56:90:e4:8f:e0:19:aa:c6:be:44:89:08:
fd:0a:c3:e4:23:46:76:9e:c7:bd:6b:d9:41:45:30:
ac:61:e1:b1:b9:f5:55:28:59:4c:f4:62:60:f8:c2:
b8:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:83:64:E4:73:77:77:E4:B9:15:C9:89:FD:84:C5:28:43:D0:53:10
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234312e3233362e302f32332d3234203d3e20323037353934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.236.0/23
Signature Algorithm: sha256WithRSAEncryption
60:2c:63:06:d7:eb:5b:52:36:93:fb:d6:99:52:83:c0:c7:07:
8c:09:f7:9d:b7:e0:42:85:6e:8d:e6:f1:eb:35:d1:57:35:49:
ff:2c:d9:5f:fe:45:1b:72:3e:c7:72:1c:ca:01:14:2b:b7:e6:
8c:da:73:b4:de:e6:03:1f:5c:9e:e5:43:fd:74:44:cd:da:34:
cb:99:fb:8b:01:1a:6e:e6:1b:0d:6b:b6:f5:59:64:22:b3:73:
af:ab:81:77:6a:25:38:1a:e6:0a:c5:9b:6e:ee:50:ec:23:8d:
2a:0d:6d:cf:e5:a7:25:ef:4d:18:46:5f:fd:fc:4a:96:16:81:
56:f7:c8:fc:49:b0:8c:33:23:8c:8b:65:ef:71:bd:c6:05:42:
9e:50:f9:6e:8c:5f:79:c2:26:0a:91:de:84:4b:29:e5:34:3d:
9f:b8:f9:4d:81:9e:59:ed:22:77:fd:77:4d:ce:be:c2:2b:8a:
bb:a6:d0:8b:f4:2e:b1:62:3f:45:e7:37:ae:c2:af:d9:83:19:
12:bc:30:93:88:7f:45:22:6d:13:0c:8a:84:97:4d:15:52:47:
7d:7c:d9:34:4d:4e:96:4c:ab:f2:48:db:dc:b6:d0:e0:f1:67:
86:73:1b:e3:e6:51:37:a0:0d:7d:84:6c:37:c7:85:0d:e0:d8:
e5:66:01:92
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUQpmAh5S5cpLGaWzWTdLN95W5q6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDAyMjYwODQ4MzdaFw0yNTAyMjQwODUzMzdaMDMxMTAvBgNV
BAMTKDhDODM2NEU0NzM3Nzc3RTRCOTE1Qzk4OUZEODRDNTI4NDNEMDUzMTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXbUSV3VZKLRAVgh7q6OtMCjng
ZmfXvQmB4EQwmhawtqLtkYybcsBGqCCrozlwXJkE2u67pzQGYEu4bIShBsv/IZOJ
xoTMIppVGfk7RJil0WodyYIrrhrUMaAeYdrncGBkzwQaSTV0YceyaiT6IsGd1xqV
ODYGK5gRLOGmlcYobVZkW/sJaDaVtHR/jL6AsfjB+5YDJFHFzsEEdyizPs8b8LeV
0jD5kvX2qORt+aCrFlOEsijhF7kgz9b1jjj4uUshqg3wBYjUoznL8YJYhm863R9q
RlaQ5I/gGarGvkSJCP0Kw+QjRnaex71r2UFFMKxh4bG59VUoWUz0YmD4wriFAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUjINk5HN3d+S5FcmJ/YTFKEPQUxAwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjM0MzEyZTMy
MzMzNjJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMyMzAzNzM1MzkzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAbnx7DANBgkqhkiG9w0BAQsFAAOCAQEAYCxjBtfrW1I2k/vWmVKDwMcHjAn3
nbfgQoVujebx6zXRVzVJ/yzZX/5FG3I+x3IcygEUK7fmjNpztN7mAx9cnuVD/XRE
zdo0y5n7iwEabuYbDWu29VlkIrNzr6uBd2olOBrmCsWbbu5Q7CONKg1tz+WnJe9N
GEZf/fxKlhaBVvfI/EmwjDMjjItl73G9xgVCnlD5boxfecImCpHehEsp5TQ9n7j5
TYGeWe0id/13Tc6+wiuKu6bQi/QusWI/Rec3rsKv2YMZErwwk4h/RSJtEwyKhJdN
FVJHfXzZNE1Olkyr8kjb3LbQ4PFnhnMb4+ZRN6ANfYRsN8eFDeDY5WYBkg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org