Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3138352e3235322e3233342e302f32332d3332203d3e203531313637.roa
File: 3138352e3235322e3233342e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: OzPk2Rl2ZKTp6A/eyTAK3GDwwzbOLZIMJuwn0U8tUB0=
Subject key identifier: 50:6E:1F:7C:70:42:19:CF:14:D1:03:ED:96:2B:3F:44:1A:23:26:50
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 50787B0DC88952790C18613C886A0DBAE606A04F
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3138352e3235322e3233342e302f32332d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:39 +0000
ROA not before: Mon 26 Feb 2024 08:48:39 +0000
ROA not after: Mon 24 Feb 2025 08:53:39 +0000
asID: 51167
IP address blocks: 185.252.234.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:78:7b:0d:c8:89:52:79:0c:18:61:3c:88:6a:0d:ba:e6:06:a0:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Feb 26 08:48:39 2024 GMT
Not After : Feb 24 08:53:39 2025 GMT
Subject: CN=506E1F7C704219CF14D103ED962B3F441A232650
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:36:c3:85:e3:fd:81:fa:a7:93:01:c7:fe:6a:
36:b5:30:35:8e:ff:88:47:a5:a2:70:4f:2f:e4:57:
5f:39:86:d0:8f:e0:aa:72:30:77:3a:80:76:f8:c0:
2d:11:e4:16:17:c7:5e:47:65:e1:27:25:39:3b:f6:
2c:01:49:9a:83:d2:72:47:d7:5a:9e:eb:50:a1:83:
dc:d4:95:cd:a2:ac:14:37:ea:b8:e7:27:1f:4c:ec:
31:0c:4d:4e:99:ab:d0:c1:69:9c:fb:50:ba:0d:b8:
40:55:95:e9:80:72:25:02:a3:81:f9:66:fe:d3:25:
46:a6:3e:75:0b:ed:fe:68:30:ce:c0:70:81:11:a7:
13:6d:0e:a9:e5:1b:33:8a:9f:84:61:c4:08:d6:f5:
59:9e:ff:6b:ae:c0:73:01:c7:a7:ce:e9:8b:5b:e4:
68:60:89:d8:ce:f9:6d:5d:b1:9f:18:71:c3:95:28:
72:e4:f3:cd:76:20:fe:74:c3:34:8c:b6:12:1b:68:
db:57:14:7f:2b:4e:41:03:24:41:ea:ed:a2:4f:f5:
fe:95:7e:e7:8e:b5:0b:6e:8a:a4:bb:0f:5d:12:c8:
e2:f8:28:e9:d4:0e:a0:cb:43:0d:3b:89:27:9d:29:
83:7f:2b:4d:2f:c9:b0:ad:40:63:3f:47:8d:de:0b:
3a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:6E:1F:7C:70:42:19:CF:14:D1:03:ED:96:2B:3F:44:1A:23:26:50
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3138352e3235322e3233342e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.234.0/23
Signature Algorithm: sha256WithRSAEncryption
18:af:ff:9b:17:d8:8c:2a:4f:bf:b9:ed:7e:51:75:4b:a5:84:
f4:40:98:a9:7b:dd:dd:45:06:7b:34:14:fa:1f:72:3e:21:61:
76:79:5d:f8:8b:6c:3a:f0:90:ce:84:c5:a9:71:2c:7c:de:db:
e8:1a:79:00:75:b2:dc:d9:ef:3e:6a:4f:87:e0:3a:0b:70:48:
f2:f5:cd:8e:8b:8f:6a:84:18:a2:26:11:1c:d0:1f:2b:93:d7:
fb:d9:6c:13:82:f0:ac:3c:5e:ea:6f:5f:0e:3b:6c:85:b4:fb:
89:95:c4:24:1a:c9:05:b6:2e:97:0d:cb:b7:ee:45:90:28:bf:
0a:69:56:15:80:31:d3:bb:be:1a:11:17:2c:d2:6b:6a:3a:20:
34:a0:54:98:df:06:ef:db:ee:d8:2a:cc:a3:cd:c1:e1:a7:30:
f3:47:b4:41:53:83:42:58:66:17:8d:8d:c1:6b:98:66:95:f2:
9d:b6:7c:24:34:8c:b3:b4:4b:f2:c3:b4:41:68:15:b0:ea:53:
2b:88:2a:2c:bf:1f:a6:e2:28:37:1f:70:15:b8:d8:08:a9:83:
e5:ba:bf:c6:95:6c:e9:f4:15:bb:ad:07:8a:05:ee:9f:e7:69:
69:50:c0:2c:2f:2b:7f:36:83:e7:a4:4f:8f:11:0d:df:d3:9b:
bb:f1:b6:71
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUHh7DciJUnkMGGE8iGoNuuYGoE8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDAyMjYwODQ4MzlaFw0yNTAyMjQwODUzMzlaMDMxMTAvBgNV
BAMTKDUwNkUxRjdDNzA0MjE5Q0YxNEQxMDNFRDk2MkIzRjQ0MUEyMzI2NTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqNsOF4/2B+qeTAcf+aja1MDWO
/4hHpaJwTy/kV185htCP4KpyMHc6gHb4wC0R5BYXx15HZeEnJTk79iwBSZqD0nJH
11qe61Chg9zUlc2irBQ36rjnJx9M7DEMTU6Zq9DBaZz7ULoNuEBVlemAciUCo4H5
Zv7TJUamPnUL7f5oMM7AcIERpxNtDqnlGzOKn4RhxAjW9Vme/2uuwHMBx6fO6Ytb
5GhgidjO+W1dsZ8YccOVKHLk8812IP50wzSMthIbaNtXFH8rTkEDJEHq7aJP9f6V
fueOtQtuiqS7D10SyOL4KOnUDqDLQw07iSedKYN/K00vybCtQGM/R43eCzpXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUUG4ffHBCGc8U0QPtlis/RBojJlAwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzODM1MmUzMjM1MzIyZTMy
MzMzNDJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5/OowDQYJKoZIhvcNAQELBQADggEBABiv/5sX2IwqT7+57X5RdUulhPRAmKl7
3d1FBns0FPofcj4hYXZ5XfiLbDrwkM6ExalxLHze2+gaeQB1stzZ7z5qT4fgOgtw
SPL1zY6Lj2qEGKImERzQHyuT1/vZbBOC8Kw8XupvXw47bIW0+4mVxCQayQW2LpcN
y7fuRZAovwppVhWAMdO7vhoRFyzSa2o6IDSgVJjfBu/b7tgqzKPNweGnMPNHtEFT
g0JYZheNjcFrmGaV8p22fCQ0jLO0S/LDtEFoFbDqUyuIKiy/H6biKDcfcBW42Aip
g+W6v8aVbOn0FbutB4oF7p/naWlQwCwvK382g+ekT48RDd/Tm7vxtnE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:05 2024 by rpki-client on console-fra.rpki-client.org