Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231352e3131342e302f32342d3234203d3e203631333137.roa
File: 3138352e3231352e3131342e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: MICNuYMvJUHgCdVT1plXDczI8fEUnBDLrqP7RDCDC7w=
Subject key identifier: E8:4A:FA:70:F2:2D:AB:59:93:92:DA:A9:30:22:0D:8D:DF:74:12:7A
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 7D37FAD056A6F7ED753422ED66D887232FB16DC8
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231352e3131342e302f32342d3234203d3e203631333137.roa
Signing time: Mon 03 Jul 2023 11:54:35 +0000
ROA not before: Mon 03 Jul 2023 11:49:35 +0000
ROA not after: Mon 01 Jul 2024 11:54:35 +0000
asID: 61317
IP address blocks: 185.215.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:37:fa:d0:56:a6:f7:ed:75:34:22:ed:66:d8:87:23:2f:b1:6d:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jul 3 11:49:35 2023 GMT
Not After : Jul 1 11:54:35 2024 GMT
Subject: CN=E84AFA70F22DAB599392DAA930220D8DDF74127A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:92:3a:c4:73:1f:ef:e6:17:e6:9a:b9:73:75:
2b:bb:ac:f3:91:99:53:98:0b:b1:72:03:1f:be:31:
2a:ab:7d:b5:d5:dc:a5:44:27:23:17:8b:db:3f:dc:
05:d7:5a:51:8f:85:fd:17:9a:dd:58:51:ad:92:e2:
47:92:13:3a:70:18:59:5f:4d:5b:78:12:91:33:27:
77:97:44:f4:6f:08:80:c2:36:6e:ff:5a:ad:8f:7d:
9d:7a:96:ff:00:7b:8f:d3:60:a0:e6:40:1d:70:78:
9e:67:c5:a0:75:e6:1d:0c:2b:c2:95:58:bf:a1:a8:
ac:68:d6:81:de:2f:60:37:f3:95:0d:8b:dd:53:b5:
5c:f8:df:29:75:65:d2:2c:98:0f:f4:1a:ee:3c:50:
79:99:8a:c8:05:9a:49:0c:d7:35:90:aa:77:2c:67:
75:53:88:e9:81:7c:cb:d9:3c:8f:ab:90:6c:d8:f8:
9f:77:bc:22:12:14:c3:76:b0:72:cc:15:b4:46:74:
67:81:dd:27:e1:f7:1e:2a:df:9e:3f:bc:54:87:db:
c7:38:29:a4:cf:e6:4b:6c:b3:43:ce:e7:23:7b:3c:
17:2d:62:d2:c9:76:c8:6a:4e:b2:3e:34:cd:2a:94:
e8:f0:04:3f:a0:ef:4d:3b:d5:15:b5:60:da:1f:bd:
f4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:4A:FA:70:F2:2D:AB:59:93:92:DA:A9:30:22:0D:8D:DF:74:12:7A
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231352e3131342e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.114.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:3d:07:7a:6d:e0:a9:67:8e:b2:c5:c1:95:b8:b8:45:36:65:
56:56:55:7a:35:df:ee:ac:b4:b1:cf:3e:32:fa:e4:fb:6e:d7:
55:8f:91:b8:72:22:9a:2b:44:71:5c:94:bc:13:6c:0e:5c:8e:
ed:99:c2:ca:b2:4a:bf:11:27:18:25:6e:38:ef:a4:74:23:b0:
33:b3:ed:22:2d:9b:89:a1:24:2e:8f:a9:ad:c5:e3:59:b3:42:
ed:77:c9:9a:5c:e5:18:22:5d:bc:7d:40:ca:44:dc:d9:d2:1c:
3e:26:13:54:43:e1:8e:7e:6d:e0:79:af:32:51:ca:ab:3e:09:
17:3b:6c:2f:5d:0e:87:ea:6b:e0:00:07:17:fd:2b:06:50:17:
b1:99:1d:af:34:5f:48:a4:39:75:a9:d9:d2:84:21:aa:27:ae:
d2:21:75:e3:d2:bb:81:ce:fe:92:c5:55:c7:92:2b:db:e7:fb:
f1:eb:b5:50:09:7e:3c:1d:f0:a0:9e:e5:5a:12:18:bb:6c:1e:
61:1a:2c:e7:dd:9a:c7:8e:7a:9d:09:d3:c7:33:4a:b8:b8:54:
05:fe:bf:bb:92:0c:36:67:30:4b:66:a1:10:63:97:06:cc:cb:
2f:b1:b5:80:92:51:09:35:c9:52:f7:61:7c:17:73:16:0a:c9:
24:83:46:56
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfTf60Fam9+11NCLtZtiHIy+xbcgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yMzA3MDMxMTQ5MzVaFw0yNDA3MDExMTU0MzVaMDMxMTAvBgNV
BAMTKEU4NEFGQTcwRjIyREFCNTk5MzkyREFBOTMwMjIwRDhEREY3NDEyN0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCokjrEcx/v5hfmmrlzdSu7rPOR
mVOYC7FyAx++MSqrfbXV3KVEJyMXi9s/3AXXWlGPhf0Xmt1YUa2S4keSEzpwGFlf
TVt4EpEzJ3eXRPRvCIDCNm7/Wq2PfZ16lv8Ae4/TYKDmQB1weJ5nxaB15h0MK8KV
WL+hqKxo1oHeL2A385UNi91TtVz43yl1ZdIsmA/0Gu48UHmZisgFmkkM1zWQqncs
Z3VTiOmBfMvZPI+rkGzY+J93vCISFMN2sHLMFbRGdGeB3Sfh9x4q354/vFSH28c4
KaTP5ktss0PO5yN7PBctYtLJdshqTrI+NM0qlOjwBD+g70071RW1YNofvfQnAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU6Er6cPItq1mTktqpMCINjd90EnowHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMxMzUyZTMx
MzEzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC513IwDQYJKoZIhvcNAQELBQADggEBANc9B3pt4KlnjrLFwZW4uEU2ZVZWVXo1
3+6stLHPPjL65Ptu11WPkbhyIporRHFclLwTbA5cju2ZwsqySr8RJxglbjjvpHQj
sDOz7SItm4mhJC6Pqa3F41mzQu13yZpc5RgiXbx9QMpE3NnSHD4mE1RD4Y5+beB5
rzJRyqs+CRc7bC9dDofqa+AABxf9KwZQF7GZHa80X0ikOXWp2dKEIaonrtIhdePS
u4HO/pLFVceSK9vn+/HrtVAJfjwd8KCe5VoSGLtsHmEaLOfdmseOep0J08czSri4
VAX+v7uSDDZnMEtmoRBjlwbMyy+xtYCSUQk1yVL3YXwXcxYKySSDRlY=
-----END CERTIFICATE-----
Generated at Fri May 3 19:53:54 2024 by rpki-client on console-fra.rpki-client.org