Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3133302e3138352e3131362e302f32342d3234203d3e203632323430.roa
File: 3133302e3138352e3131362e302f32342d3234203d3e203632323430.roa (raw, json)
Hash identifier: 4I6E1kx+KoecN7ZpRbh0itHwCC3WFb26D7Ym4L6UgXQ=
Subject key identifier: E6:1B:7B:F2:35:BA:81:71:04:38:C7:57:8D:F4:CA:29:0E:2B:37:66
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 2421822486D911B6034B1DD60FA9294E7447CFCA
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3133302e3138352e3131362e302f32342d3234203d3e203632323430.roa
Signing time: Mon 01 Apr 2024 14:03:23 +0000
ROA not before: Mon 01 Apr 2024 13:58:23 +0000
ROA not after: Mon 31 Mar 2025 14:03:23 +0000
asID: 62240
IP address blocks: 130.185.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:21:82:24:86:d9:11:b6:03:4b:1d:d6:0f:a9:29:4e:74:47:cf:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Apr 1 13:58:23 2024 GMT
Not After : Mar 31 14:03:23 2025 GMT
Subject: CN=E61B7BF235BA81710438C7578DF4CA290E2B3766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9f:2d:dd:3d:6b:46:2d:cf:a4:ef:b5:95:92:
03:cf:0a:f4:93:42:e5:09:af:92:9d:73:0f:b3:aa:
d2:db:29:d6:85:46:12:eb:a9:a1:96:d9:69:ef:db:
10:be:6b:fa:fc:2f:17:fd:c5:52:dc:3f:c8:8d:31:
75:85:cf:9b:c5:c0:9a:0e:de:3e:4e:56:5f:79:5a:
70:0b:09:7c:6c:a7:f8:f1:79:4f:85:6a:99:89:bf:
cd:f7:cf:ea:78:fc:c5:8d:59:e4:d4:94:7f:4e:88:
ed:2b:02:81:04:27:27:04:f4:0c:f6:38:de:d1:8d:
96:ce:f1:74:79:98:d0:a0:cb:7d:d7:5c:cf:e8:00:
88:93:86:76:f5:80:fd:d8:65:c1:12:f8:46:88:d8:
0b:fc:14:32:db:c2:b6:49:48:d2:dc:68:21:41:95:
57:ed:6d:ab:d6:3a:49:2a:03:89:35:e5:f8:f9:28:
61:44:1b:ff:00:f4:7a:3a:72:9a:1b:3c:85:18:87:
49:cf:e0:5c:62:04:08:c8:ad:f0:dc:6c:62:2a:02:
71:cb:97:26:e8:c5:59:26:82:d1:0a:8b:e2:22:b6:
27:a3:38:aa:e6:7f:cb:8e:f3:7e:5e:5a:ec:df:16:
03:0f:04:f6:28:5a:35:96:1d:4a:7c:83:d3:b4:c5:
a7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:1B:7B:F2:35:BA:81:71:04:38:C7:57:8D:F4:CA:29:0E:2B:37:66
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3133302e3138352e3131362e302f32342d3234203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.116.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:d3:c4:1f:aa:f5:e4:14:8c:c5:2f:52:de:61:05:f1:42:6c:
57:7e:19:44:50:22:1e:94:1d:dc:08:bd:6a:28:46:74:95:14:
5a:aa:82:d3:5c:ac:a1:87:5b:ab:44:63:c9:59:30:e2:d5:c5:
84:c5:82:02:ec:79:b2:f2:51:60:f9:8e:86:b9:ee:f8:b8:8f:
f8:de:2a:b0:47:c3:a6:5d:cb:1c:03:3e:7a:45:f9:37:53:7f:
d3:70:53:3a:51:6e:d1:50:23:43:42:bb:a3:16:f4:e4:90:b9:
0a:86:77:91:c0:c3:c7:70:28:12:41:bb:15:fb:94:37:1c:e4:
fa:02:d5:88:01:fd:a5:e8:07:a0:7d:15:12:79:74:17:2f:06:
99:de:b0:d8:aa:aa:0c:4c:9c:3c:04:38:3f:3e:3e:6a:aa:46:
c4:ac:15:ea:31:4b:88:72:04:e6:b2:e6:48:b5:93:f4:7b:db:
28:e4:e0:5f:5f:17:fd:eb:58:ce:9c:f6:20:8e:39:6c:8b:8f:
9f:dd:fa:38:56:58:83:7a:b4:58:49:cf:e0:a3:5c:1d:9c:a3:
13:5d:66:e9:cf:33:a7:9c:4a:db:56:e0:34:50:3f:95:ed:1f:
ce:2e:8e:d8:5a:32:90:86:c6:f7:60:16:13:73:e9:33:e7:c4:
0e:b7:75:3e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJCGCJIbZEbYDSx3WD6kpTnRHz8owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA0MDExMzU4MjNaFw0yNTAzMzExNDAzMjNaMDMxMTAvBgNV
BAMTKEU2MUI3QkYyMzVCQTgxNzEwNDM4Qzc1NzhERjRDQTI5MEUyQjM3NjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJny3dPWtGLc+k77WVkgPPCvST
QuUJr5Kdcw+zqtLbKdaFRhLrqaGW2Wnv2xC+a/r8Lxf9xVLcP8iNMXWFz5vFwJoO
3j5OVl95WnALCXxsp/jxeU+FapmJv833z+p4/MWNWeTUlH9OiO0rAoEEJycE9Az2
ON7RjZbO8XR5mNCgy33XXM/oAIiThnb1gP3YZcES+EaI2Av8FDLbwrZJSNLcaCFB
lVftbavWOkkqA4k15fj5KGFEG/8A9Ho6cpobPIUYh0nP4FxiBAjIrfDcbGIqAnHL
lyboxVkmgtEKi+IitiejOKrmf8uO835eWuzfFgMPBPYoWjWWHUp8g9O0xac5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU5ht78jW6gXEEOMdXjfTKKQ4rN2YwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzMzMwMmUzMTM4MzUyZTMx
MzEzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzIzMjM0MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACCuXQwDQYJKoZIhvcNAQELBQADggEBAHvTxB+q9eQUjMUvUt5hBfFCbFd+GURQ
Ih6UHdwIvWooRnSVFFqqgtNcrKGHW6tEY8lZMOLVxYTFggLsebLyUWD5joa57vi4
j/jeKrBHw6ZdyxwDPnpF+TdTf9NwUzpRbtFQI0NCu6MW9OSQuQqGd5HAw8dwKBJB
uxX7lDcc5PoC1YgB/aXoB6B9FRJ5dBcvBpnesNiqqgxMnDwEOD8+PmqqRsSsFeox
S4hyBOay5ki1k/R72yjk4F9fF/3rWM6c9iCOOWyLj5/d+jhWWIN6tFhJz+CjXB2c
oxNdZunPM6ecSttW4DRQP5XtH84ujthaMpCGxvdgFhNz6TPnxA63dT4=
-----END CERTIFICATE-----
Generated at Sun May 5 22:57:02 2024 by rpki-client on console-fra.rpki-client.org