Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234352e3235352e302f32342d3234203d3e20313336373837.roa
File: 3138352e3234352e3235352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: tC9DD5q1BoVweS8dApsXLJ6XaxfG6sjl96FePjEpzno=
Subject key identifier: 8E:22:1A:E4:18:31:B4:D3:E8:0C:38:90:FA:52:19:B4:73:89:73:65
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 4B33A7EFFAE7EDF24CEE4A484516363087F70D10
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234352e3235352e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 01 Mar 2024 06:55:26 +0000
ROA not before: Fri 01 Mar 2024 06:50:26 +0000
ROA not after: Fri 28 Feb 2025 06:55:26 +0000
asID: 136787
IP address blocks: 185.245.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:33:a7:ef:fa:e7:ed:f2:4c:ee:4a:48:45:16:36:30:87:f7:0d:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Mar 1 06:50:26 2024 GMT
Not After : Feb 28 06:55:26 2025 GMT
Subject: CN=8E221AE41831B4D3E80C3890FA5219B473897365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3c:4c:6b:52:79:01:01:58:5f:92:4c:4a:4c:
43:3c:a4:7e:de:7e:05:69:b4:a1:c4:2c:4b:11:07:
a8:31:89:3f:95:0f:54:e0:43:74:86:2c:5c:d2:e6:
63:fb:5a:0b:bb:74:93:9c:df:8a:f7:a2:25:8e:fb:
67:90:49:41:38:34:6c:fe:78:5b:1b:af:21:c0:e6:
50:fe:7f:aa:19:41:79:e5:ce:0a:b2:7d:97:77:cd:
b9:d2:f4:60:db:98:9c:e6:6e:11:99:f2:50:c0:a0:
63:4c:f9:ad:88:73:91:f0:15:61:4a:01:4c:a4:3e:
44:f5:cc:7a:79:8e:32:5e:8c:7e:e1:16:47:23:ac:
62:9a:f2:cb:28:ee:e0:d4:ee:a1:68:14:2e:dd:4d:
b1:61:6a:ca:c3:f8:73:0f:c3:ab:c4:eb:03:51:34:
47:7d:5a:d8:d6:0b:13:4a:e7:b5:7f:00:e9:33:20:
aa:d8:1a:cb:48:d7:8a:ea:49:42:9f:d6:39:ae:3e:
62:6e:87:be:65:aa:57:9b:1a:cd:ef:b9:eb:23:55:
6b:6b:42:fe:93:b8:58:12:f0:55:3c:db:0a:4f:ef:
62:9f:17:24:1b:d2:6b:b5:6e:64:d9:d7:08:2b:e5:
36:22:b7:c9:d0:29:6e:18:06:88:70:89:9f:90:47:
1d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:22:1A:E4:18:31:B4:D3:E8:0C:38:90:FA:52:19:B4:73:89:73:65
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234352e3235352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.255.0/24
Signature Algorithm: sha256WithRSAEncryption
83:78:68:15:ef:ca:2e:c1:8a:0a:0e:60:f0:4c:b1:47:26:fc:
ac:22:0c:95:45:f1:c3:a4:61:54:e9:ad:0c:0d:c3:23:eb:7d:
69:eb:ac:4a:ad:35:35:34:ec:8e:25:69:f3:7b:e6:62:eb:e9:
43:37:a7:76:cd:17:63:44:7a:f1:a7:4b:db:fd:5a:57:ab:7a:
2c:2a:93:09:19:56:fa:a2:30:18:5b:d2:83:26:72:2c:b5:c4:
32:02:d4:98:60:e9:bd:b8:a5:64:85:99:f7:e7:22:6c:aa:d0:
65:c8:54:fb:3b:ac:08:da:e5:96:74:63:73:95:a0:0f:e5:b2:
d4:ee:a7:4d:d4:2d:4e:c2:17:ac:fa:fe:cf:fd:5d:1d:a4:cd:
74:28:9c:0b:76:c3:36:25:bb:9c:f3:bd:47:b5:59:29:00:9f:
0d:7b:ee:24:38:a8:bf:38:a7:9b:ca:3c:4d:80:19:2e:c4:a0:
64:a3:22:38:bc:f2:8d:5d:49:cb:82:a4:8c:aa:98:6c:b5:eb:
fb:fb:bf:aa:46:6c:49:98:68:e7:b5:4b:94:8c:54:d8:63:e8:
16:21:18:96:f3:5d:a1:52:72:99:79:b0:6c:a4:f1:d0:2e:5f:
f5:e8:a9:91:79:d3:24:eb:b8:e0:90:0d:3f:c9:28:fa:5d:15:
07:92:a3:af
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUSzOn7/rn7fJM7kpIRRY2MIf3DRAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDAzMDEwNjUwMjZaFw0yNTAyMjgwNjU1MjZaMDMxMTAvBgNV
BAMTKDhFMjIxQUU0MTgzMUI0RDNFODBDMzg5MEZBNTIxOUI0NzM4OTczNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNPExrUnkBAVhfkkxKTEM8pH7e
fgVptKHELEsRB6gxiT+VD1TgQ3SGLFzS5mP7Wgu7dJOc34r3oiWO+2eQSUE4NGz+
eFsbryHA5lD+f6oZQXnlzgqyfZd3zbnS9GDbmJzmbhGZ8lDAoGNM+a2Ic5HwFWFK
AUykPkT1zHp5jjJejH7hFkcjrGKa8sso7uDU7qFoFC7dTbFhasrD+HMPw6vE6wNR
NEd9WtjWCxNK57V/AOkzIKrYGstI14rqSUKf1jmuPmJuh75lqlebGs3vuesjVWtr
Qv6TuFgS8FU82wpP72KfFyQb0mu1bmTZ1wgr5TYit8nQKW4YBohwiZ+QRx3rAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUjiIa5BgxtNPoDDiQ+lIZtHOJc2UwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjM0MzUyZTMy
MzUzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALn1/zANBgkqhkiG9w0BAQsFAAOCAQEAg3hoFe/KLsGKCg5g8EyxRyb8rCIM
lUXxw6RhVOmtDA3DI+t9aeusSq01NTTsjiVp83vmYuvpQzends0XY0R68adL2/1a
V6t6LCqTCRlW+qIwGFvSgyZyLLXEMgLUmGDpvbilZIWZ9+cibKrQZchU+zusCNrl
lnRjc5WgD+Wy1O6nTdQtTsIXrPr+z/1dHaTNdCicC3bDNiW7nPO9R7VZKQCfDXvu
JDiovzinm8o8TYAZLsSgZKMiOLzyjV1Jy4KkjKqYbLXr+/u/qkZsSZho57VLlIxU
2GPoFiEYlvNdoVJymXmwbKTx0C5f9eipkXnTJOu44JANP8ko+l0VB5Kjrw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 01:46:59 2024 by rpki-client on console-fra.rpki-client.org