Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234332e35382e302f32342d3234203d3e20313336373837.roa
File: 3138352e3234332e35382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: WwRK3XsRTMh2yPOm61h0+Lu4oHyLr+8znUq3oOKLkYw=
Subject key identifier: 92:3B:EB:D9:D5:9C:23:B9:2D:67:59:DF:47:FE:B1:43:79:BD:A6:06
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 6425E182122C40A1742D3EE1CD94EAC83B554710
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234332e35382e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:36 +0000
ROA not before: Mon 26 Feb 2024 08:48:36 +0000
ROA not after: Mon 24 Feb 2025 08:53:36 +0000
asID: 136787
IP address blocks: 185.243.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:25:e1:82:12:2c:40:a1:74:2d:3e:e1:cd:94:ea:c8:3b:55:47:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Feb 26 08:48:36 2024 GMT
Not After : Feb 24 08:53:36 2025 GMT
Subject: CN=923BEBD9D59C23B92D6759DF47FEB14379BDA606
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:69:c8:a0:9e:50:0d:8d:f2:70:1f:e1:e0:d5:
07:07:80:33:d8:cf:2e:53:69:00:18:82:99:71:cc:
24:87:d5:b9:73:61:22:16:df:48:28:47:69:d5:77:
38:a8:b8:b0:fc:66:30:fd:35:60:43:1d:5d:73:8c:
4c:ec:d3:55:9b:8f:c7:07:49:25:c5:40:4c:a7:40:
be:0f:95:af:46:ff:a3:cc:4b:25:a4:f8:2e:85:e9:
21:aa:14:79:97:e8:b9:6f:fe:78:9c:e2:7e:e5:97:
7c:67:e9:38:89:d5:c4:78:54:38:a5:14:69:27:4c:
ab:eb:42:fd:b7:5e:03:90:29:ed:cc:68:bf:d9:0b:
0c:5e:a4:96:53:81:85:2c:61:32:ae:8b:b7:59:71:
6b:63:2c:b5:5b:ae:62:53:f4:4b:16:91:0e:37:ad:
de:6e:b7:76:37:b2:54:b5:64:30:7f:f5:99:56:a9:
f5:ef:60:d4:9f:56:b7:4c:65:bc:8c:04:3b:e8:97:
3a:c6:27:0d:d0:60:33:b8:3b:e3:01:f2:72:5a:50:
ef:16:be:6e:8f:39:07:2c:40:75:8f:88:e4:5f:0b:
c2:75:f5:ef:26:83:c5:59:68:3b:5b:eb:f2:11:f6:
be:ac:3e:a3:5d:b7:ed:b8:77:00:3f:e2:54:43:f2:
b0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:3B:EB:D9:D5:9C:23:B9:2D:67:59:DF:47:FE:B1:43:79:BD:A6:06
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234332e35382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.58.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:15:8b:fd:0e:86:4b:5a:ed:6e:bb:1f:30:fe:a1:4b:6a:15:
d2:5c:87:9a:5b:ab:b0:a1:1c:9c:90:3a:a7:11:e7:ce:42:e7:
89:d7:81:d3:d8:0c:c4:5a:7c:e9:b8:c8:a0:f4:4a:26:4a:ad:
6e:82:57:d8:1f:11:3e:9d:f9:f3:53:5d:b8:08:0c:48:1a:b8:
1f:8a:c1:8b:9a:fc:d2:2c:2b:ff:05:15:d3:fc:43:33:78:82:
9f:6b:1f:9e:62:4a:5d:0b:93:be:5e:16:9f:f7:bb:36:6b:bb:
16:1f:6f:a1:d8:55:22:52:ad:31:53:10:88:2a:51:39:20:8b:
cc:ba:78:45:66:bf:82:db:91:28:7d:a7:40:1c:1e:2b:d4:e4:
ab:d8:0d:aa:0a:db:ba:58:fe:ce:d3:ed:6a:90:e4:9e:f9:1c:
82:e6:61:af:33:0d:d3:7d:4b:be:e2:36:3a:51:82:41:d1:c6:
77:3b:41:0a:62:2e:ae:29:a5:a5:8d:29:5e:dd:f1:d9:d0:d0:
50:2a:38:19:c5:1b:18:cd:29:67:77:d1:1b:5c:18:56:09:0f:
7a:19:e8:ed:82:3f:e4:b3:24:f5:68:de:48:cd:16:70:cd:a7:
b6:3f:27:9e:6e:d1:a5:01:46:06:d7:27:46:77:d7:d5:a8:de:
de:d1:d0:46
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZCXhghIsQKF0LT7hzZTqyDtVRxAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDAyMjYwODQ4MzZaFw0yNTAyMjQwODUzMzZaMDMxMTAvBgNV
BAMTKDkyM0JFQkQ5RDU5QzIzQjkyRDY3NTlERjQ3RkVCMTQzNzlCREE2MDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8acignlANjfJwH+Hg1QcHgDPY
zy5TaQAYgplxzCSH1blzYSIW30goR2nVdziouLD8ZjD9NWBDHV1zjEzs01Wbj8cH
SSXFQEynQL4Pla9G/6PMSyWk+C6F6SGqFHmX6Llv/nic4n7ll3xn6TiJ1cR4VDil
FGknTKvrQv23XgOQKe3MaL/ZCwxepJZTgYUsYTKui7dZcWtjLLVbrmJT9EsWkQ43
rd5ut3Y3slS1ZDB/9ZlWqfXvYNSfVrdMZbyMBDvolzrGJw3QYDO4O+MB8nJaUO8W
vm6POQcsQHWPiORfC8J19e8mg8VZaDtb6/IR9r6sPqNdt+24dwA/4lRD8rBDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUkjvr2dWcI7ktZ1nfR/6xQ3m9pgYwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjM0MzMyZTM1
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC58zowDQYJKoZIhvcNAQELBQADggEBAIoVi/0Ohkta7W67HzD+oUtqFdJch5pb
q7ChHJyQOqcR585C54nXgdPYDMRafOm4yKD0SiZKrW6CV9gfET6d+fNTXbgIDEga
uB+KwYua/NIsK/8FFdP8QzN4gp9rH55iSl0Lk75eFp/3uzZruxYfb6HYVSJSrTFT
EIgqUTkgi8y6eEVmv4LbkSh9p0AcHivU5KvYDaoK27pY/s7T7WqQ5J75HILmYa8z
DdN9S77iNjpRgkHRxnc7QQpiLq4ppaWNKV7d8dnQ0FAqOBnFGxjNKWd30RtcGFYJ
D3oZ6O2CP+SzJPVo3kjNFnDNp7Y/J55u0aUBRgbXJ0Z319Wo3t7R0EY=
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:52 2024 by rpki-client on console-ams.rpki-client.org