Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3136302e3233382e33382e302f32342d3234203d3e20323034313730.roa
File: 3136302e3233382e33382e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: YhT+3P0D9eNFaknsJu53yPDkVSob7F4MpfGXZ/wy0jU=
Subject key identifier: 32:1C:4D:E0:CB:23:A8:B3:AD:22:C2:46:20:77:6B:F2:C5:5D:25:A7
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 0C167F1597A9605106313850ED6CF55F1445FA0D
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3136302e3233382e33382e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 25 Jun 2024 21:47:10 +0000
ROA not before: Tue 25 Jun 2024 21:42:10 +0000
ROA not after: Tue 24 Jun 2025 21:47:10 +0000
asID: 204170
IP address blocks: 160.238.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:16:7f:15:97:a9:60:51:06:31:38:50:ed:6c:f5:5f:14:45:fa:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Jun 25 21:42:10 2024 GMT
Not After : Jun 24 21:47:10 2025 GMT
Subject: CN=321C4DE0CB23A8B3AD22C24620776BF2C55D25A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1f:17:dc:2f:4a:80:10:70:be:b1:c8:50:b9:
f4:72:56:23:d9:dd:55:81:0e:c7:f2:51:df:ed:c0:
af:dc:4c:62:39:0a:20:f6:e2:36:0a:b0:72:7c:3e:
25:41:bc:e9:09:27:45:bf:f8:4f:fe:49:3b:f1:e5:
92:94:dc:9e:b1:b1:6f:b8:7d:fc:1c:75:25:99:79:
ac:9e:6c:0f:e5:fb:85:fe:d6:5d:7f:49:26:ce:1d:
ff:ff:59:1b:81:40:00:3c:c7:f3:e1:b2:9f:de:17:
7d:0f:3e:09:48:3e:63:b2:16:d6:51:d6:1d:29:32:
13:c9:cc:9c:06:0e:7c:e9:d4:98:23:8a:78:8e:9a:
64:4c:8e:06:c8:d3:42:ba:7e:35:41:de:a6:6f:82:
4f:87:d9:7c:d9:f1:43:8c:00:68:f9:e5:37:9b:fe:
33:d0:f7:4c:f2:8e:56:b5:eb:28:3c:a4:fe:af:5f:
94:65:67:e6:b7:ba:83:29:26:de:72:8b:10:3b:ec:
c0:c5:f0:e7:c7:4a:b3:00:e9:5b:ca:db:06:a9:05:
38:b5:e1:5e:8d:6b:aa:05:cb:7e:9d:70:7a:fc:a9:
2e:1a:82:fe:2b:54:08:f8:b9:36:77:71:15:45:30:
71:d8:be:20:05:76:47:e1:a8:6b:5f:b4:4a:e5:ba:
cf:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:1C:4D:E0:CB:23:A8:B3:AD:22:C2:46:20:77:6B:F2:C5:5D:25:A7
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3136302e3233382e33382e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.238.38.0/24
Signature Algorithm: sha256WithRSAEncryption
08:81:a1:08:47:96:61:96:fd:f6:72:42:ed:4b:ed:f0:0a:c2:
b0:5e:8e:43:e1:aa:e0:8d:e5:11:ec:db:cc:cd:f8:f3:1f:14:
3d:7e:4f:83:aa:43:24:85:83:26:87:db:04:00:d0:4b:bc:45:
69:c6:20:c9:51:5f:68:8a:8e:43:0a:de:96:dc:d0:6f:5e:3a:
67:e2:3d:7b:ad:5a:e7:21:3b:18:3f:8e:1f:b4:f3:f4:fa:e0:
3b:51:0b:7a:89:b8:5c:a6:fa:a6:94:59:41:3f:65:dd:0e:1a:
de:72:9c:a6:f5:a4:c5:20:f0:9c:ec:cc:4b:67:db:5e:7e:af:
b0:7c:c7:e2:21:d8:d9:d8:43:56:2f:8d:82:01:7c:01:27:c4:
e6:1b:d2:ee:7f:5c:2e:e8:c6:f9:dc:58:b2:91:68:17:df:76:
90:6d:29:b4:6f:2b:1d:bd:bf:48:6e:71:71:7b:05:20:ea:4b:
34:ad:0c:fc:02:82:1d:fa:91:9c:51:9d:a1:30:69:ad:c3:00:
0d:be:34:6a:c5:ca:12:6e:b7:e9:e3:d7:ca:ea:bd:13:66:ae:
a9:04:41:1f:3c:e7:2d:ae:9b:a2:b0:8c:a4:bd:1d:89:93:d9:
2b:58:97:61:77:fe:a2:ea:d1:bc:55:73:78:66:cd:ee:9c:b4:
d0:4b:b4:ad
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDBZ/FZepYFEGMThQ7Wz1XxRF+g0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA2MjUyMTQyMTBaFw0yNTA2MjQyMTQ3MTBaMDMxMTAvBgNV
BAMTKDMyMUM0REUwQ0IyM0E4QjNBRDIyQzI0NjIwNzc2QkYyQzU1RDI1QTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2HxfcL0qAEHC+schQufRyViPZ
3VWBDsfyUd/twK/cTGI5CiD24jYKsHJ8PiVBvOkJJ0W/+E/+STvx5ZKU3J6xsW+4
ffwcdSWZeayebA/l+4X+1l1/SSbOHf//WRuBQAA8x/Phsp/eF30PPglIPmOyFtZR
1h0pMhPJzJwGDnzp1JgjiniOmmRMjgbI00K6fjVB3qZvgk+H2XzZ8UOMAGj55Teb
/jPQ90zyjla16yg8pP6vX5RlZ+a3uoMpJt5yixA77MDF8OfHSrMA6VvK2wapBTi1
4V6Na6oFy36dcHr8qS4agv4rVAj4uTZ3cRVFMHHYviAFdkfhqGtftErlus/nAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUMhxN4MsjqLOtIsJGIHdr8sVdJacwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzNjMwMmUzMjMzMzgyZTMz
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzMTM3MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACg7iYwDQYJKoZIhvcNAQELBQADggEBAAiBoQhHlmGW/fZyQu1L7fAKwrBejkPh
quCN5RHs28zN+PMfFD1+T4OqQySFgyaH2wQA0Eu8RWnGIMlRX2iKjkMK3pbc0G9e
OmfiPXutWuchOxg/jh+08/T64DtRC3qJuFym+qaUWUE/Zd0OGt5ynKb1pMUg8Jzs
zEtn215+r7B8x+Ih2NnYQ1YvjYIBfAEnxOYb0u5/XC7oxvncWLKRaBffdpBtKbRv
Kx29v0hucXF7BSDqSzStDPwCgh36kZxRnaEwaa3DAA2+NGrFyhJut+nj18rqvRNm
rqkEQR885y2um6KwjKS9HYmT2StYl2F3/qLq0bxVc3hmze6ctNBLtK0=
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:45 2024 by rpki-client on console-ams.rpki-client.org