Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3137362e3232372e3234312e302f32342d3234203d3e20323039383534.roa
File: 3137362e3232372e3234312e302f32342d3234203d3e20323039383534.roa (raw, json)
Hash identifier: sA62Jbr8GX2VjNdwm7o7bWBznOTGs2qz67hCF7oNsHo=
Subject key identifier: EB:5F:81:3A:E7:B7:18:B2:04:29:B2:15:1E:EF:CF:27:EF:20:B4:B8
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 33ED7C7331E8DAB5BA7E2E3502443A050DD7B443
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3137362e3232372e3234312e302f32342d3234203d3e20323039383534.roa
Signing time: Tue 29 Aug 2023 13:32:47 +0000
ROA not before: Tue 29 Aug 2023 13:27:47 +0000
ROA not after: Tue 27 Aug 2024 13:32:47 +0000
asID: 209854
IP address blocks: 176.227.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:ed:7c:73:31:e8:da:b5:ba:7e:2e:35:02:44:3a:05:0d:d7:b4:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Aug 29 13:27:47 2023 GMT
Not After : Aug 27 13:32:47 2024 GMT
Subject: CN=EB5F813AE7B718B20429B2151EEFCF27EF20B4B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:e4:6c:1d:86:dd:20:c8:55:a1:b7:df:9c:ee:
01:1e:5b:88:26:0b:b9:bf:d8:bf:28:f2:9c:0e:ae:
01:22:08:31:2e:a4:69:46:48:7f:f7:ca:97:a0:40:
83:2a:3e:7b:d1:c6:0a:e1:71:bc:10:ac:54:06:8b:
5f:03:e6:12:f4:ef:e5:44:11:62:13:25:1e:1d:50:
8b:31:0f:58:15:95:37:7b:4c:64:de:76:f5:9b:1e:
b3:0c:b7:62:de:e2:f3:db:f4:37:a1:a2:21:09:d4:
e7:8a:39:66:a1:bd:ed:69:a5:68:e2:39:65:7e:7c:
1f:e0:d3:a8:aa:e0:36:72:29:13:94:41:53:72:f7:
51:17:66:1d:65:9d:e2:33:57:56:47:b5:80:1c:22:
b3:c2:99:ea:76:c5:c9:66:17:94:b1:7f:90:1f:8a:
97:9e:11:e2:ca:ab:f4:71:73:90:3b:7e:8a:a0:fd:
91:30:0e:64:f3:f2:5a:65:3f:21:c5:aa:56:ce:f4:
d1:c4:85:45:7d:14:52:fd:17:7e:4e:91:cc:5e:7d:
cd:7d:9a:f7:d5:1b:0c:e1:40:ae:90:de:12:20:5e:
ab:94:60:63:b5:15:d2:a9:77:63:7b:7d:90:45:cf:
1f:30:6a:e1:f1:d6:03:82:f5:b6:13:4c:c7:5f:a2:
ca:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:5F:81:3A:E7:B7:18:B2:04:29:B2:15:1E:EF:CF:27:EF:20:B4:B8
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3137362e3232372e3234312e302f32342d3234203d3e20323039383534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.227.241.0/24
Signature Algorithm: sha256WithRSAEncryption
74:df:d8:73:63:55:b4:b2:e1:7a:dd:2b:17:30:72:e3:cb:27:
da:1d:37:46:6c:7b:b4:fb:01:71:2a:83:4b:da:c4:75:88:ba:
5e:59:3e:13:1b:5e:c3:63:42:bb:1c:86:73:d2:06:b7:3a:64:
b9:21:ab:2d:c2:92:c1:bb:9c:8c:b3:58:62:de:fd:cf:00:ea:
43:e0:28:1b:fd:5f:46:eb:a6:62:e1:0b:b9:fb:6d:58:f8:73:
5b:81:b9:15:28:72:55:84:13:ff:c5:0e:98:53:af:8d:fe:89:
46:0e:18:0c:45:3a:ae:6c:05:f4:0c:3e:19:3e:cd:11:a0:58:
75:2a:d4:95:05:1e:be:62:ce:5a:1f:6c:a5:9c:68:08:2e:1f:
d6:5f:39:08:ec:2d:6a:3b:ba:94:cf:3e:7b:57:20:8a:20:fb:
6f:70:e1:30:eb:04:68:6d:ae:d8:3e:0e:04:ac:01:9d:65:80:
60:eb:3a:f8:5d:80:c9:aa:2b:f8:d7:06:c2:fe:83:b6:fe:fa:
91:16:41:a8:be:df:9c:d5:90:b1:2b:68:64:d6:7e:4e:71:0b:
ea:bd:bc:7b:08:e4:de:df:f3:e3:9a:e3:20:fa:3c:eb:16:83:
68:02:ba:a4:61:44:b0:18:c6:f6:4c:0c:41:13:11:8a:6b:6a:
eb:f6:61:8c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUM+18czHo2rW6fi41AkQ6BQ3XtEMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yMzA4MjkxMzI3NDdaFw0yNDA4MjcxMzMyNDdaMDMxMTAvBgNV
BAMTKEVCNUY4MTNBRTdCNzE4QjIwNDI5QjIxNTFFRUZDRjI3RUYyMEI0QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDk5Gwdht0gyFWht9+c7gEeW4gm
C7m/2L8o8pwOrgEiCDEupGlGSH/3ypegQIMqPnvRxgrhcbwQrFQGi18D5hL07+VE
EWITJR4dUIsxD1gVlTd7TGTedvWbHrMMt2Le4vPb9DehoiEJ1OeKOWahve1ppWji
OWV+fB/g06iq4DZyKROUQVNy91EXZh1lneIzV1ZHtYAcIrPCmep2xclmF5Sxf5Af
ipeeEeLKq/Rxc5A7foqg/ZEwDmTz8lplPyHFqlbO9NHEhUV9FFL9F35Okcxefc19
mvfVGwzhQK6Q3hIgXquUYGO1FdKpd2N7fZBFzx8wauHx1gOC9bYTTMdfosq/AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU61+BOue3GLIEKbIVHu/PJ+8gtLgwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzNzM2MmUzMjMyMzcyZTMy
MzQzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzOTM4MzUzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALDj8TANBgkqhkiG9w0BAQsFAAOCAQEAdN/Yc2NVtLLhet0rFzBy48sn2h03
Rmx7tPsBcSqDS9rEdYi6Xlk+Extew2NCuxyGc9IGtzpkuSGrLcKSwbucjLNYYt79
zwDqQ+AoG/1fRuumYuELufttWPhzW4G5FShyVYQT/8UOmFOvjf6JRg4YDEU6rmwF
9Aw+GT7NEaBYdSrUlQUevmLOWh9spZxoCC4f1l85COwtaju6lM8+e1cgiiD7b3Dh
MOsEaG2u2D4OBKwBnWWAYOs6+F2Ayaor+NcGwv6Dtv76kRZBqL7fnNWQsStoZNZ+
TnEL6r28ewjk3t/z45rjIPo86xaDaAK6pGFEsBjG9kwMQRMRimtq6/ZhjA==
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:27 2024 by rpki-client on console-fra.rpki-client.org