Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234332e35392e302f32342d3234203d3e20323034313730.roa
File: 3138352e3234332e35392e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: Wja+w9kaX0KkvKxnRiqzlecFsVlf2rDCqJLQsNKkMUI=
Subject key identifier: 95:2C:42:F5:0F:D7:86:0B:28:BE:14:AF:AD:92:D2:36:9B:D8:47:45
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 4273423107ED9D4684443E68D9D8C1781CED0716
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234332e35392e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 25 Jun 2024 21:47:21 +0000
ROA not before: Tue 25 Jun 2024 21:42:21 +0000
ROA not after: Tue 24 Jun 2025 21:47:21 +0000
asID: 204170
IP address blocks: 185.243.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:73:42:31:07:ed:9d:46:84:44:3e:68:d9:d8:c1:78:1c:ed:07:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Jun 25 21:42:21 2024 GMT
Not After : Jun 24 21:47:21 2025 GMT
Subject: CN=952C42F50FD7860B28BE14AFAD92D2369BD84745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:dd:72:83:fb:a8:15:ad:b5:51:3a:38:ef:9d:
ce:63:54:0b:70:6a:fb:be:d9:52:ca:0d:7e:65:a2:
f1:82:50:f2:7c:d4:81:24:8f:33:38:a5:41:dc:c8:
f3:a7:db:da:72:59:f4:9b:02:20:8a:aa:75:86:9e:
c3:8e:66:1a:c6:89:d5:15:eb:6b:46:a4:d2:3b:83:
29:ad:5a:c6:b4:cf:a8:cf:c8:53:51:24:c5:5a:84:
20:60:6d:4f:05:ae:49:ad:cc:cd:99:75:f9:c7:11:
52:aa:df:33:14:80:4d:55:9f:ba:68:24:86:f7:3d:
3e:63:b4:10:2d:4b:e0:f5:79:83:80:2b:50:8d:87:
ab:24:93:56:65:a3:f8:0c:a6:73:8f:62:dc:05:32:
91:48:5e:71:17:a1:8d:81:9e:bd:7d:1b:b1:61:23:
df:ec:b3:4a:f3:e4:b2:76:8c:30:7b:76:8c:45:1f:
70:4d:15:f6:bb:7a:e1:7b:e8:99:d1:f6:0f:27:1e:
d5:79:0d:53:5e:78:ae:35:e2:58:ed:9e:4a:b7:a9:
2c:66:25:c3:9d:20:d1:bf:00:c4:e6:10:85:94:c6:
40:b6:10:ed:ee:3e:79:8c:4e:4a:a4:a3:44:32:f1:
ca:7d:45:17:f3:8e:3d:d5:9e:59:07:ae:d8:40:3c:
1a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:2C:42:F5:0F:D7:86:0B:28:BE:14:AF:AD:92:D2:36:9B:D8:47:45
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234332e35392e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.59.0/24
Signature Algorithm: sha256WithRSAEncryption
62:33:8f:48:06:0d:2a:c9:e3:76:f5:e0:9e:aa:a4:7c:00:a8:
b9:6b:04:c1:1f:69:dc:cb:a5:69:5e:17:31:fa:a5:3c:cb:a4:
39:d9:da:59:c0:a4:40:07:79:88:51:f4:56:3e:04:97:77:1c:
7a:3b:42:01:58:87:bc:d1:fc:ff:a0:a9:67:98:65:2d:ec:7c:
a6:a5:38:63:0c:8a:09:a6:16:48:60:10:c3:e4:b4:f2:f7:e7:
b0:f7:14:42:31:46:db:d1:51:6d:d7:32:4e:08:f8:39:54:a6:
c2:52:7a:6b:54:58:af:a3:11:25:5c:fe:4e:ee:bc:24:a7:99:
86:5c:f6:ba:b9:c4:f6:59:56:7a:76:69:ed:f0:e2:7b:f7:06:
f3:08:97:37:26:50:a6:e0:81:7a:3f:4d:e6:e2:40:1e:d3:8e:
a0:ce:65:d3:22:9e:cd:9a:aa:53:36:4b:4f:6d:53:a2:5f:71:
26:06:2d:57:9e:c2:56:64:bc:54:79:7a:26:d8:92:fd:cd:43:
63:61:0b:30:b8:48:85:ce:2e:88:50:8c:6e:12:49:4f:41:28:
04:12:ec:65:f0:28:25:ac:a2:9b:2b:bb:db:3e:16:98:9d:83:
b0:c1:23:1a:f0:8c:e5:cc:83:c0:ae:5e:51:ba:22:36:2c:d9:
9a:fa:af:8f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQnNCMQftnUaERD5o2djBeBztBxYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDA2MjUyMTQyMjFaFw0yNTA2MjQyMTQ3MjFaMDMxMTAvBgNV
BAMTKDk1MkM0MkY1MEZENzg2MEIyOEJFMTRBRkFEOTJEMjM2OUJEODQ3NDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD63XKD+6gVrbVROjjvnc5jVAtw
avu+2VLKDX5lovGCUPJ81IEkjzM4pUHcyPOn29pyWfSbAiCKqnWGnsOOZhrGidUV
62tGpNI7gymtWsa0z6jPyFNRJMVahCBgbU8FrkmtzM2ZdfnHEVKq3zMUgE1Vn7po
JIb3PT5jtBAtS+D1eYOAK1CNh6skk1Zlo/gMpnOPYtwFMpFIXnEXoY2Bnr19G7Fh
I9/ss0rz5LJ2jDB7doxFH3BNFfa7euF76JnR9g8nHtV5DVNeeK414ljtnkq3qSxm
JcOdING/AMTmEIWUxkC2EO3uPnmMTkqko0Qy8cp9RRfzjj3VnlkHrthAPBqTAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUlSxC9Q/XhgsovhSvrZLSNpvYR0UwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjM0MzMyZTM1
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzMTM3MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC58zswDQYJKoZIhvcNAQELBQADggEBAGIzj0gGDSrJ43b14J6qpHwAqLlrBMEf
adzLpWleFzH6pTzLpDnZ2lnApEAHeYhR9FY+BJd3HHo7QgFYh7zR/P+gqWeYZS3s
fKalOGMMigmmFkhgEMPktPL357D3FEIxRtvRUW3XMk4I+DlUpsJSemtUWK+jESVc
/k7uvCSnmYZc9rq5xPZZVnp2ae3w4nv3BvMIlzcmUKbggXo/TebiQB7TjqDOZdMi
ns2aqlM2S09tU6JfcSYGLVeewlZkvFR5eibYkv3NQ2NhCzC4SIXOLohQjG4SSU9B
KAQS7GXwKCWsopsru9s+Fpidg7DBIxrwjOXMg8CuXlG6IjYs2Zr6r48=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:44 2024 by rpki-client on console-ams.rpki-client.org