Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203135343430.roa
File: 3138352e3134392e3135332e302f32342d3234203d3e203135343430.roa (raw, json)
Hash identifier: odZkH62dhzXeLsXAmwvJM41Ox4ymXypFxB9iAiH0rhY=
Subject key identifier: 2D:6C:79:33:27:9E:4A:99:22:6B:F8:EB:26:4B:72:DC:B3:9B:36:02
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 70686C14FF72CA626A0D9621044E0ECAF0F161C8
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203135343430.roa
Signing time: Fri 07 Jul 2023 08:08:15 +0000
ROA not before: Fri 07 Jul 2023 08:03:15 +0000
ROA not after: Fri 05 Jul 2024 08:08:15 +0000
asID: 15440
IP address blocks: 185.149.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:68:6c:14:ff:72:ca:62:6a:0d:96:21:04:4e:0e:ca:f0:f1:61:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:15 2023 GMT
Not After : Jul 5 08:08:15 2024 GMT
Subject: CN=2D6C7933279E4A99226BF8EB264B72DCB39B3602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:20:87:04:b1:25:4b:7e:59:65:a3:4a:f4:94:
7b:57:c4:a2:26:a8:03:49:30:0d:b0:1e:52:c1:6a:
59:be:83:96:2c:57:c3:9b:e0:59:3b:0f:cc:0c:f9:
86:23:66:0a:09:ad:90:f2:42:5a:4a:f4:9e:61:23:
fc:21:28:5b:72:7d:3f:b9:df:60:06:76:67:d0:1e:
74:5b:39:c4:30:c9:16:b4:db:4f:38:a6:65:2b:c5:
04:69:31:a6:f0:32:ee:25:89:63:5e:68:61:ca:94:
bf:42:74:95:ed:21:6f:7b:06:93:ac:32:90:4a:ab:
43:8e:1d:f2:7a:e6:ac:73:f4:c6:9e:e7:5c:8e:b3:
e1:f8:5e:46:ec:a9:55:4a:a8:23:4b:6e:18:cf:d4:
6f:88:7f:31:77:04:9a:85:fa:97:3f:d7:4d:d4:db:
1e:21:1f:8b:0f:5c:ad:db:e5:b5:1d:e3:4f:d7:bd:
00:d0:dc:fc:5a:10:46:91:a3:ad:e6:75:8e:35:c7:
55:14:4e:3a:b5:e1:a6:53:e3:eb:1d:7b:1e:88:3d:
91:e9:fd:66:1d:2d:9b:dc:29:42:44:6b:d9:1a:8c:
e1:d3:98:76:93:6d:8c:1f:ff:89:47:76:47:bd:e7:
f7:5c:75:38:b5:28:99:c6:5b:14:94:22:7e:89:a9:
73:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:6C:79:33:27:9E:4A:99:22:6B:F8:EB:26:4B:72:DC:B3:9B:36:02
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203135343430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.153.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:52:cd:75:d0:5c:bc:c0:d8:34:62:86:35:7a:ce:75:a2:9a:
06:5b:94:48:72:3f:0d:f5:4c:db:c4:58:d9:ac:ad:01:e3:c1:
db:73:32:03:ce:e6:1f:21:1e:73:f3:63:13:58:f9:b4:ba:61:
c9:c0:49:14:19:f5:55:e6:d6:48:c0:f4:c4:a3:ea:d6:fc:6c:
59:3f:a1:fd:40:5f:c0:85:70:a9:f3:a1:22:aa:a1:56:62:55:
c3:9e:4c:14:f5:b2:a8:b7:48:3c:b3:bd:b4:ea:89:6d:e4:fa:
f7:99:15:e2:74:00:00:7b:9e:ab:0c:fa:3d:91:8f:06:b3:17:
6d:5c:07:7d:86:05:9e:ac:2b:0f:27:ff:f0:61:15:73:2a:b3:
2a:5e:bb:1c:43:96:07:d4:f7:0e:ce:72:a8:eb:ed:3b:ba:d3:
c6:cb:a4:57:34:1c:09:35:2e:d0:92:5e:8c:ec:99:9d:fb:28:
28:fd:e2:47:2e:68:95:1e:df:2e:4a:67:5d:bb:62:d3:90:f1:
78:3d:e0:cc:7a:00:73:ed:c8:a1:36:8d:06:f4:61:39:67:02:
ed:55:57:b4:ce:f0:62:bf:95:72:17:7e:c4:a1:78:c7:45:bd:
94:e4:86:c1:17:10:37:cd:9e:cc:b7:09:3e:a7:ef:f4:c0:50:
d0:0e:e3:31
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcGhsFP9yymJqDZYhBE4OyvDxYcgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTVaFw0yNDA3MDUwODA4MTVaMDMxMTAvBgNV
BAMTKDJENkM3OTMzMjc5RTRBOTkyMjZCRjhFQjI2NEI3MkRDQjM5QjM2MDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKIIcEsSVLflllo0r0lHtXxKIm
qANJMA2wHlLBalm+g5YsV8Ob4Fk7D8wM+YYjZgoJrZDyQlpK9J5hI/whKFtyfT+5
32AGdmfQHnRbOcQwyRa02084pmUrxQRpMabwMu4liWNeaGHKlL9CdJXtIW97BpOs
MpBKq0OOHfJ65qxz9Mae51yOs+H4XkbsqVVKqCNLbhjP1G+IfzF3BJqF+pc/103U
2x4hH4sPXK3b5bUd40/XvQDQ3PxaEEaRo63mdY41x1UUTjq14aZT4+sdex6IPZHp
/WYdLZvcKUJEa9kajOHTmHaTbYwf/4lHdke95/dcdTi1KJnGWxSUIn6JqXOFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQULWx5MyeeSpkia/jrJkty3LObNgIwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzEzODM1MmUzMTM0MzkyZTMx
MzUzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzUzNDM0MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5lZkwDQYJKoZIhvcNAQELBQADggEBAItSzXXQXLzA2DRihjV6znWimgZblEhy
Pw31TNvEWNmsrQHjwdtzMgPO5h8hHnPzYxNY+bS6YcnASRQZ9VXm1kjA9MSj6tb8
bFk/of1AX8CFcKnzoSKqoVZiVcOeTBT1sqi3SDyzvbTqiW3k+veZFeJ0AAB7nqsM
+j2RjwazF21cB32GBZ6sKw8n//BhFXMqsypeuxxDlgfU9w7Ocqjr7Tu608bLpFc0
HAk1LtCSXozsmZ37KCj94kcuaJUe3y5KZ127YtOQ8Xg94Mx6AHPtyKE2jQb0YTln
Au1VV7TO8GK/lXIXfsSheMdFvZTkhsEXEDfNnsy3CT6n7/TAUNAO4zE=
-----END CERTIFICATE-----
Generated at Sat Jun 1 01:00:43 2024 by rpki-client on console-fra.rpki-client.org