Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135322e302f32322d3232203d3e203135343139.roa
File: 3138352e3134392e3135322e302f32322d3232203d3e203135343139.roa (raw, json)
Hash identifier: UgvQYOhN2LyeI0GOMV54VcX7efV9Lmg6a869tKpf6jk=
Subject key identifier: 1D:1C:B8:BF:DE:00:C1:52:DA:68:04:9F:DC:5F:72:81:3B:58:64:47
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 54CD5266944E44B5BACB131D4F4FCD28B3B6BB3E
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135322e302f32322d3232203d3e203135343139.roa
Signing time: Fri 07 Jul 2023 08:08:16 +0000
ROA not before: Fri 07 Jul 2023 08:03:16 +0000
ROA not after: Fri 05 Jul 2024 08:08:16 +0000
asID: 15419
IP address blocks: 185.149.152.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:cd:52:66:94:4e:44:b5:ba:cb:13:1d:4f:4f:cd:28:b3:b6:bb:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:16 2023 GMT
Not After : Jul 5 08:08:16 2024 GMT
Subject: CN=1D1CB8BFDE00C152DA68049FDC5F72813B586447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ee:85:9a:dd:70:72:2b:d4:59:27:8c:64:a6:
51:1a:6b:cb:4e:60:09:c7:7f:77:56:52:c8:d0:56:
4a:70:c6:a4:65:5b:8f:6b:90:40:f2:95:41:af:d9:
c1:fa:f3:df:8a:4d:80:74:06:c5:36:ac:6a:96:4d:
e3:f2:52:17:19:cf:55:6c:45:9b:ed:88:56:7e:79:
81:0d:ee:1a:8f:df:b0:12:b3:23:0d:66:73:35:56:
f1:16:b8:8b:7b:57:b1:c8:0f:40:06:98:b5:c1:3f:
5a:72:81:9b:c3:8b:57:6b:71:f1:b5:04:9b:fa:de:
fd:1a:91:e7:7b:62:49:99:b9:57:2a:93:56:79:2e:
be:fe:5f:c7:15:bf:4c:79:f9:16:fc:82:9b:2f:cb:
ee:8e:d7:4f:0d:e4:30:f3:4f:3b:22:f3:54:74:b9:
bc:58:3f:a9:92:13:f7:fe:29:dd:a3:a3:fd:f9:d1:
d7:cb:00:d9:72:ad:93:c1:1e:49:31:5d:b9:17:35:
8d:6e:24:b7:56:e3:31:35:7a:52:c8:dc:85:f8:b2:
bd:f6:96:46:e4:50:d2:00:81:4a:56:e8:25:46:18:
ad:e7:ca:c3:8b:36:9f:95:be:c8:0e:53:3a:d8:b8:
15:ef:6a:ed:79:74:89:bb:31:af:d3:60:a1:ee:11:
fb:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:1C:B8:BF:DE:00:C1:52:DA:68:04:9F:DC:5F:72:81:3B:58:64:47
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135322e302f32322d3232203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.152.0/22
Signature Algorithm: sha256WithRSAEncryption
23:d1:3a:3f:bb:ce:eb:1e:2a:25:c9:a6:f3:70:37:17:be:58:
19:50:29:36:79:31:63:4b:a5:b1:0f:ab:52:54:8b:72:7e:e7:
9f:7b:95:b6:22:6a:cb:01:de:c0:2a:11:17:81:3f:62:dc:75:
5d:4f:d9:ff:ab:06:68:a0:7e:b6:7b:42:c1:3a:b9:3f:2a:0b:
85:f6:4a:85:fb:8f:d1:b6:f9:52:0c:3f:d7:b8:e9:e4:d8:d4:
04:7d:08:c2:0e:ef:6b:2d:98:4f:d3:c8:98:da:c8:67:73:8b:
91:b7:4e:5b:d8:ee:61:cb:66:08:20:c5:ee:2b:a1:4b:c4:42:
e9:81:86:27:46:90:03:db:18:b0:30:bb:75:81:f3:e9:97:ad:
ba:3c:71:bc:7a:0a:46:40:3d:6b:0c:66:8a:60:b6:06:24:2e:
04:83:b7:42:1a:b4:90:b8:cf:81:05:aa:e0:05:63:c0:b2:18:
39:f9:a7:40:06:c2:aa:47:17:af:2f:40:55:8c:cf:94:3d:bf:
05:05:da:fd:d3:94:55:7c:7b:1f:69:ec:0f:19:48:d2:0b:50:
d4:90:81:9e:33:cd:19:4e:e7:4b:fb:a4:ad:b1:51:1d:27:bd:
25:dc:bd:76:4f:cb:71:0c:8e:0c:04:19:ba:bb:1f:ca:87:e1:
13:c2:6a:a3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVM1SZpRORLW6yxMdT0/NKLO2uz4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTZaFw0yNDA3MDUwODA4MTZaMDMxMTAvBgNV
BAMTKDFEMUNCOEJGREUwMEMxNTJEQTY4MDQ5RkRDNUY3MjgxM0I1ODY0NDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp7oWa3XByK9RZJ4xkplEaa8tO
YAnHf3dWUsjQVkpwxqRlW49rkEDylUGv2cH689+KTYB0BsU2rGqWTePyUhcZz1Vs
RZvtiFZ+eYEN7hqP37ASsyMNZnM1VvEWuIt7V7HID0AGmLXBP1pygZvDi1drcfG1
BJv63v0aked7YkmZuVcqk1Z5Lr7+X8cVv0x5+Rb8gpsvy+6O108N5DDzTzsi81R0
ubxYP6mSE/f+Kd2jo/350dfLANlyrZPBHkkxXbkXNY1uJLdW4zE1elLI3IX4sr32
lkbkUNIAgUpW6CVGGK3nysOLNp+VvsgOUzrYuBXvau15dIm7Ma/TYKHuEfsrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUHRy4v94AwVLaaASf3F9ygTtYZEcwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzEzODM1MmUzMTM0MzkyZTMx
MzUzMjJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMxMzUzNDMxMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAK5lZgwDQYJKoZIhvcNAQELBQADggEBACPROj+7zuseKiXJpvNwNxe+WBlQKTZ5
MWNLpbEPq1JUi3J+5597lbYiassB3sAqEReBP2LcdV1P2f+rBmigfrZ7QsE6uT8q
C4X2SoX7j9G2+VIMP9e46eTY1AR9CMIO72stmE/TyJjayGdzi5G3TlvY7mHLZggg
xe4roUvEQumBhidGkAPbGLAwu3WB8+mXrbo8cbx6CkZAPWsMZopgtgYkLgSDt0Ia
tJC4z4EFquAFY8CyGDn5p0AGwqpHF68vQFWMz5Q9vwUF2v3TlFV8ex9p7A8ZSNIL
UNSQgZ4zzRlO50v7pK2xUR0nvSXcvXZPy3EMjgwEGbq7H8qH4RPCaqM=
-----END CERTIFICATE-----
Generated at Fri May 17 14:34:42 2024 by rpki-client on console-ams.rpki-client.org