Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6c030890-f6e0-410c-bc99-af0921d1c3a4/0/3138382e3136342e3135322e302f32342d3234203d3e203631333137.roa
File: 3138382e3136342e3135322e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: l6Ks5CbuckJAbA8XEdwgqbq9r6Co9thXmi3nJyFvGdY=
Subject key identifier: AC:85:0A:47:A5:78:66:C2:1E:B3:72:1B:9D:5B:43:32:2C:F7:99:A9
Certificate issuer: /CN=8b9ba9adde9635777bf586fd493e14cd30f7c4ca
Certificate serial: 67AB8936145AABF66DC4E5B628A68579204C68F4
Authority key identifier: 8B:9B:A9:AD:DE:96:35:77:7B:F5:86:FD:49:3E:14:CD:30:F7:C4:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i5uprd6WNXd79Yb9ST4UzTD3xMo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6c030890-f6e0-410c-bc99-af0921d1c3a4/0/3138382e3136342e3135322e302f32342d3234203d3e203631333137.roa
Signing time: Tue 01 Aug 2023 14:00:33 +0000
ROA not before: Tue 01 Aug 2023 13:55:33 +0000
ROA not after: Tue 30 Jul 2024 14:00:33 +0000
asID: 61317
IP address blocks: 188.164.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6c030890-f6e0-410c-bc99-af0921d1c3a4/0/8B9BA9ADDE9635777BF586FD493E14CD30F7C4CA.crl
rsync://rsync.paas.rpki.ripe.net/repository/6c030890-f6e0-410c-bc99-af0921d1c3a4/0/8B9BA9ADDE9635777BF586FD493E14CD30F7C4CA.mft
rsync://rpki.ripe.net/repository/DEFAULT/i5uprd6WNXd79Yb9ST4UzTD3xMo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:ab:89:36:14:5a:ab:f6:6d:c4:e5:b6:28:a6:85:79:20:4c:68:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b9ba9adde9635777bf586fd493e14cd30f7c4ca
Validity
Not Before: Aug 1 13:55:33 2023 GMT
Not After : Jul 30 14:00:33 2024 GMT
Subject: CN=AC850A47A57866C21EB3721B9D5B43322CF799A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f6:3b:8d:3c:64:7f:f0:57:5a:b4:00:17:f3:
e1:c6:b8:f4:47:bd:cc:5a:79:33:f4:cb:c2:8a:44:
1c:f8:29:eb:b3:cf:1a:f5:bc:e0:92:f2:bf:5a:b0:
f5:7a:19:98:44:4c:53:9b:2c:6b:12:fc:48:8a:6a:
92:82:98:5b:c6:ef:2f:be:4e:cf:42:86:d4:7c:21:
2c:e7:e6:1e:41:45:46:9e:a0:e0:fd:d2:d8:93:c2:
7e:25:57:c0:9b:c3:02:83:58:d8:3d:89:a7:b3:02:
bc:f0:aa:59:a1:0f:9d:4e:f5:2c:53:b5:06:6f:e6:
3a:cf:ce:23:6a:97:47:fc:eb:a4:bd:71:5b:fd:0b:
45:c3:4b:7c:82:7d:52:d7:b5:09:5b:0d:92:dc:9d:
37:c4:e0:37:1d:c5:52:06:f1:82:a1:c4:34:5d:d2:
b3:31:57:2c:88:f6:66:33:24:8b:5a:d8:10:38:b2:
f9:60:90:fa:a8:64:e7:5a:82:9b:5f:9e:04:20:3b:
23:a0:27:8d:1b:5f:1f:75:44:99:0d:c5:9b:ce:0f:
9b:b0:a0:8a:db:f1:b4:2a:8b:79:04:e5:e4:c3:86:
98:15:2d:d4:a1:21:f4:35:65:49:76:52:43:cd:56:
52:a1:40:0b:e7:52:63:34:d1:19:65:89:14:6b:9a:
67:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:85:0A:47:A5:78:66:C2:1E:B3:72:1B:9D:5B:43:32:2C:F7:99:A9
X509v3 Authority Key Identifier:
keyid:8B:9B:A9:AD:DE:96:35:77:7B:F5:86:FD:49:3E:14:CD:30:F7:C4:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6c030890-f6e0-410c-bc99-af0921d1c3a4/0/8B9BA9ADDE9635777BF586FD493E14CD30F7C4CA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5uprd6WNXd79Yb9ST4UzTD3xMo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6c030890-f6e0-410c-bc99-af0921d1c3a4/0/3138382e3136342e3135322e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.164.152.0/24
Signature Algorithm: sha256WithRSAEncryption
17:16:1d:a0:34:d1:d5:68:f3:6d:af:87:9f:58:81:d7:73:bc:
06:74:02:f7:6a:0f:07:1e:29:7c:d5:93:f8:63:04:98:00:1c:
09:a8:a6:6b:43:82:70:10:40:60:4a:54:12:d0:97:01:58:19:
7c:7b:17:fe:01:19:3f:3c:46:2b:42:6d:6c:1b:e1:16:b1:3f:
6d:40:e0:0d:56:69:ee:66:1e:30:e1:37:de:af:b2:86:7c:e1:
78:f8:7d:97:ad:12:56:bb:87:4d:6f:ad:46:08:7a:6e:2c:c0:
ff:7c:fd:e6:6e:9e:bc:2a:02:e7:45:61:fa:db:ff:23:53:13:
fa:72:24:b1:1b:73:b9:f2:74:1c:05:30:74:90:54:fa:23:be:
97:7d:6a:f5:7c:f2:a2:55:e1:db:79:6d:08:56:3b:a4:b2:01:
2a:19:6b:a0:6e:6a:1a:2f:49:33:5f:79:1e:e7:28:75:5a:7e:
b9:06:84:c3:de:8a:fd:1c:4f:f6:07:59:e1:20:68:84:34:08:
9c:8b:99:f4:82:df:f9:54:fe:1e:f0:a3:b2:a4:3d:3a:de:55:
2d:28:ea:1c:16:9c:92:08:8e:26:ab:95:fa:7e:6b:61:e4:37:
bb:4b:ff:06:f6:7c:29:0a:40:85:f0:82:95:64:c2:e7:8e:c9:
31:b0:ef:cd
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZ6uJNhRaq/ZtxOW2KKaFeSBMaPQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI5YmE5YWRkZTk2MzU3NzdiZjU4NmZkNDkzZTE0Y2Qz
MGY3YzRjYTAeFw0yMzA4MDExMzU1MzNaFw0yNDA3MzAxNDAwMzNaMDMxMTAvBgNV
BAMTKEFDODUwQTQ3QTU3ODY2QzIxRUIzNzIxQjlENUI0MzMyMkNGNzk5QTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ9juNPGR/8FdatAAX8+HGuPRH
vcxaeTP0y8KKRBz4Keuzzxr1vOCS8r9asPV6GZhETFObLGsS/EiKapKCmFvG7y++
Ts9ChtR8ISzn5h5BRUaeoOD90tiTwn4lV8CbwwKDWNg9iaezArzwqlmhD51O9SxT
tQZv5jrPziNql0f866S9cVv9C0XDS3yCfVLXtQlbDZLcnTfE4DcdxVIG8YKhxDRd
0rMxVyyI9mYzJIta2BA4svlgkPqoZOdagptfngQgOyOgJ40bXx91RJkNxZvOD5uw
oIrb8bQqi3kE5eTDhpgVLdShIfQ1ZUl2UkPNVlKhQAvnUmM00RlliRRrmmc7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUrIUKR6V4ZsIes3IbnVtDMiz3makwHwYDVR0j
BBgwFoAUi5uprd6WNXd79Yb9ST4UzTD3xMowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmMwMzA4OTAtZjZlMC00MTBjLWJjOTktYWYwOTIxZDFj
M2E0LzAvOEI5QkE5QURERTk2MzU3NzdCRjU4NkZENDkzRTE0Q0QzMEY3QzRDQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2k1dXByZDZXTlhkNzlZYjlTVDRVelRE
M3hNby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmMwMzA4OTAt
ZjZlMC00MTBjLWJjOTktYWYwOTIxZDFjM2E0LzAvMzEzODM4MmUzMTM2MzQyZTMx
MzUzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC8pJgwDQYJKoZIhvcNAQELBQADggEBABcWHaA00dVo822vh59YgddzvAZ0Avdq
DwceKXzVk/hjBJgAHAmopmtDgnAQQGBKVBLQlwFYGXx7F/4BGT88RitCbWwb4Rax
P21A4A1Wae5mHjDhN96vsoZ84Xj4fZetEla7h01vrUYIem4swP98/eZunrwqAudF
Yfrb/yNTE/pyJLEbc7nydBwFMHSQVPojvpd9avV88qJV4dt5bQhWO6SyASoZa6Bu
ahovSTNfeR7nKHVafrkGhMPeiv0cT/YHWeEgaIQ0CJyLmfSC3/lU/h7wo7KkPTre
VS0o6hwWnJIIjiarlfp+a2HkN7tL/wb2fCkKQIXwgpVkwueOyTGw780=
-----END CERTIFICATE-----
Generated at Sat May 4 11:29:12 2024 by rpki-client on console-ams.rpki-client.org