Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234332e35362e302f32342d3234203d3e20323034313730.roa
File: 3138352e3234332e35362e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: fql6TR1Ho/1xo9r6iDWKWHaVroUe8l8MYDPZDiqcHzE=
Subject key identifier: 2D:EF:BD:FB:5C:D0:4F:C8:F2:43:F8:D1:57:AA:02:6D:CF:64:63:57
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 0599B68A73A32B9DF1CAF40AD04BB3B136FBC6F8
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234332e35362e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 25 Jun 2024 21:47:20 +0000
ROA not before: Tue 25 Jun 2024 21:42:20 +0000
ROA not after: Tue 24 Jun 2025 21:47:20 +0000
asID: 204170
IP address blocks: 185.243.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:99:b6:8a:73:a3:2b:9d:f1:ca:f4:0a:d0:4b:b3:b1:36:fb:c6:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Jun 25 21:42:20 2024 GMT
Not After : Jun 24 21:47:20 2025 GMT
Subject: CN=2DEFBDFB5CD04FC8F243F8D157AA026DCF646357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c2:26:98:11:de:25:21:d4:18:15:32:20:24:
6c:6b:bb:ee:4a:d8:3a:55:cc:87:e4:d2:75:f6:bb:
bd:17:03:ea:25:b8:d9:df:2f:0d:af:5c:1a:5e:15:
6c:fd:f4:29:5e:a8:21:f6:bd:38:3e:d8:10:32:87:
c5:bd:cb:53:15:05:ac:6e:ac:49:f6:c3:56:ba:12:
4c:86:cb:8e:2c:7b:e6:18:e9:e1:df:9b:0c:1f:54:
36:e5:05:ae:8a:ba:87:28:99:7b:7b:b7:de:cb:cd:
5f:78:1f:08:6a:c6:18:7b:8d:a9:bf:9c:10:c7:2d:
fd:65:41:fb:77:6b:00:53:2a:39:d2:20:3d:8a:8e:
55:9f:81:69:bd:8a:6c:cd:25:27:3e:8a:11:3c:6e:
64:55:24:7e:39:97:65:3d:6c:54:83:9e:6b:a4:7b:
92:ad:d3:eb:59:03:87:a2:08:d6:48:67:72:90:5b:
79:38:d1:a1:2f:f6:51:ef:07:5a:59:79:50:a1:27:
4c:82:98:e3:74:64:40:c4:4e:ba:56:8d:18:5d:f6:
08:7e:76:6c:f5:34:fb:ca:e9:34:30:6a:e0:73:6f:
68:4f:1f:7f:01:e5:71:32:12:e6:8f:a2:69:61:47:
cb:16:df:e2:3c:aa:4d:a8:e6:87:94:f7:a8:1f:88:
6a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:EF:BD:FB:5C:D0:4F:C8:F2:43:F8:D1:57:AA:02:6D:CF:64:63:57
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234332e35362e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.56.0/24
Signature Algorithm: sha256WithRSAEncryption
50:41:0d:e5:c1:9a:fe:7e:46:de:3f:bb:72:aa:32:26:1d:ec:
87:d3:b1:f1:d8:59:9f:ef:0f:74:71:ff:96:89:a3:24:25:91:
c0:9b:49:bc:e2:18:20:3c:9b:ab:e8:7d:8c:f5:14:25:d9:25:
87:03:fb:00:c0:fb:9f:13:1f:cf:12:f5:5d:63:c1:21:85:c9:
69:47:c3:31:08:44:91:83:bd:35:f7:1a:c1:80:58:47:f1:c9:
55:88:2b:ea:73:34:5e:74:e4:89:03:d7:79:61:bf:b1:2b:d8:
2d:44:d7:b8:c9:88:eb:25:df:54:24:4b:b0:35:19:3f:c4:10:
c2:4f:9b:8a:47:60:12:ef:4d:2e:5a:41:1b:97:70:d9:7a:fb:
42:5c:40:a4:61:c2:b6:8a:e9:69:82:1e:a9:93:04:c4:ca:cd:
07:ca:5a:3b:7c:b3:71:98:55:77:d9:ac:17:85:97:4f:2f:50:
b5:a4:34:5e:16:ab:fe:f3:11:b2:05:75:38:81:f6:01:0a:9d:
85:cc:b7:5c:c1:00:60:b5:49:cd:7b:10:e8:e5:62:57:06:04:
8a:47:24:68:01:ea:c0:4f:05:bd:93:54:b8:1d:c9:68:8c:8f:
75:ff:d9:58:ea:06:a2:d5:f8:4c:b8:d8:c8:cd:c1:58:c1:ee:
99:2e:02:db
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUBZm2inOjK53xyvQK0EuzsTb7xvgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDA2MjUyMTQyMjBaFw0yNTA2MjQyMTQ3MjBaMDMxMTAvBgNV
BAMTKDJERUZCREZCNUNEMDRGQzhGMjQzRjhEMTU3QUEwMjZEQ0Y2NDYzNTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVwiaYEd4lIdQYFTIgJGxru+5K
2DpVzIfk0nX2u70XA+oluNnfLw2vXBpeFWz99CleqCH2vTg+2BAyh8W9y1MVBaxu
rEn2w1a6EkyGy44se+YY6eHfmwwfVDblBa6KuocomXt7t97LzV94Hwhqxhh7jam/
nBDHLf1lQft3awBTKjnSID2KjlWfgWm9imzNJSc+ihE8bmRVJH45l2U9bFSDnmuk
e5Kt0+tZA4eiCNZIZ3KQW3k40aEv9lHvB1pZeVChJ0yCmON0ZEDETrpWjRhd9gh+
dmz1NPvK6TQwauBzb2hPH38B5XEyEuaPomlhR8sW3+I8qk2o5oeU96gfiGqrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQULe+9+1zQT8jyQ/jRV6oCbc9kY1cwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjM0MzMyZTM1
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzMTM3MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC58zgwDQYJKoZIhvcNAQELBQADggEBAFBBDeXBmv5+Rt4/u3KqMiYd7IfTsfHY
WZ/vD3Rx/5aJoyQlkcCbSbziGCA8m6vofYz1FCXZJYcD+wDA+58TH88S9V1jwSGF
yWlHwzEIRJGDvTX3GsGAWEfxyVWIK+pzNF505IkD13lhv7Er2C1E17jJiOsl31Qk
S7A1GT/EEMJPm4pHYBLvTS5aQRuXcNl6+0JcQKRhwraK6WmCHqmTBMTKzQfKWjt8
s3GYVXfZrBeFl08vULWkNF4Wq/7zEbIFdTiB9gEKnYXMt1zBAGC1Sc17EOjlYlcG
BIpHJGgB6sBPBb2TVLgdyWiMj3X/2VjqBqLV+Ey42MjNwVjB7pkuAts=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org