Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135322e302f32322d3232203d3e203135343139.roa
File: 3138352e3134392e3135322e302f32322d3232203d3e203135343139.roa (raw, json)
Hash identifier: T3/+meO0E6Kscbv4zABgR7LjWbA9HZkY2ThRNjT1/ho=
Subject key identifier: 6C:4D:C2:26:FF:C0:D2:48:6B:DF:3E:D6:E0:57:E2:A3:C3:AF:6C:78
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 38079F85F42393B73B6EDBC28C45524D1A72821D
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135322e302f32322d3232203d3e203135343139.roa
Signing time: Fri 07 Jun 2024 09:01:56 +0000
ROA not before: Fri 07 Jun 2024 08:56:56 +0000
ROA not after: Fri 06 Jun 2025 09:01:56 +0000
asID: 15419
IP address blocks: 185.149.152.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:07:9f:85:f4:23:93:b7:3b:6e:db:c2:8c:45:52:4d:1a:72:82:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jun 7 08:56:56 2024 GMT
Not After : Jun 6 09:01:56 2025 GMT
Subject: CN=6C4DC226FFC0D2486BDF3ED6E057E2A3C3AF6C78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fa:24:f5:0a:e3:55:ec:55:db:df:e4:8f:be:
78:81:0a:1b:29:34:2d:ee:c7:63:cd:3a:9c:b0:71:
ac:ba:86:25:f7:4e:8e:0e:58:9b:5e:4a:e1:b5:ff:
7a:69:5c:90:be:7a:05:f9:96:dd:27:83:45:54:48:
7d:ea:da:6e:91:42:7a:b8:a7:61:ae:5d:d2:16:52:
2a:74:3f:eb:0a:30:c9:18:84:90:5c:17:d6:f7:34:
10:5e:17:4c:a1:6b:ce:21:e9:76:d2:00:e4:be:fb:
35:af:44:4f:ae:16:b9:74:5c:1f:27:ee:4f:27:81:
df:2a:20:76:13:32:01:17:ee:38:68:14:c7:5f:da:
b5:02:bd:d8:eb:ea:7a:2c:78:12:a3:03:55:9d:11:
d5:33:c7:0d:57:2f:2e:ba:fe:aa:c0:a8:77:94:cb:
29:b6:9f:be:7a:ef:be:bc:7a:0a:b0:c4:53:1e:df:
1b:b7:2f:46:ed:ca:15:eb:ec:40:bc:bd:ab:af:29:
e3:24:86:93:d8:32:bc:56:ed:5e:65:a1:89:b7:fd:
18:ae:dd:cb:75:03:ef:d9:12:7b:1d:05:3a:84:a7:
65:45:e6:99:b5:30:a8:e9:a8:2a:07:73:c6:b3:74:
13:3f:67:32:5a:35:90:17:3b:76:4a:f6:c9:1a:85:
ed:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:4D:C2:26:FF:C0:D2:48:6B:DF:3E:D6:E0:57:E2:A3:C3:AF:6C:78
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135322e302f32322d3232203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.152.0/22
Signature Algorithm: sha256WithRSAEncryption
00:db:40:2a:40:bd:d3:37:d8:7d:25:7d:4c:87:f6:3b:2b:30:
a5:5d:a9:fe:f0:a2:52:52:3d:78:86:e3:0d:fc:6b:92:fb:48:
2b:3c:a7:74:a1:21:6e:ce:12:49:56:cb:00:b2:24:44:8b:a0:
97:a1:06:01:55:64:68:c8:1f:ad:e1:39:1e:dd:79:b4:37:85:
e4:38:34:26:19:fe:cd:07:e3:fd:93:a7:b3:c7:93:dc:b9:c2:
b5:55:76:c7:49:a3:a4:ea:d1:54:e3:4b:40:62:04:6a:29:12:
39:0c:d1:ae:a2:39:5d:c2:f8:b7:7c:eb:8a:0b:1d:8d:b9:d2:
ba:75:d4:db:b4:b7:46:c3:3a:91:a0:2c:d0:90:e4:14:b2:72:
bd:2f:cb:72:34:87:65:0a:49:85:b2:a7:d5:5d:63:cc:08:81:
2b:ce:0b:98:3c:11:7b:92:11:13:b8:25:b7:e2:01:5e:7d:17:
f2:09:a4:eb:d8:e3:9e:45:6b:1a:6b:c6:43:b2:e5:ec:eb:7f:
de:5c:c0:5e:c5:cd:00:dd:30:46:73:8c:12:03:51:93:a3:db:
be:da:3a:03:ad:61:5c:36:be:a5:3d:68:25:e0:1b:2c:fa:61:
18:f5:51:45:de:1c:4c:d3:c1:ce:19:48:06:ea:b4:04:7f:9b:
33:d7:f3:f5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOAefhfQjk7c7btvCjEVSTRpygh0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNDA2MDcwODU2NTZaFw0yNTA2MDYwOTAxNTZaMDMxMTAvBgNV
BAMTKDZDNERDMjI2RkZDMEQyNDg2QkRGM0VENkUwNTdFMkEzQzNBRjZDNzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx+iT1CuNV7FXb3+SPvniBChsp
NC3ux2PNOpywcay6hiX3To4OWJteSuG1/3ppXJC+egX5lt0ng0VUSH3q2m6RQnq4
p2GuXdIWUip0P+sKMMkYhJBcF9b3NBBeF0yha84h6XbSAOS++zWvRE+uFrl0XB8n
7k8ngd8qIHYTMgEX7jhoFMdf2rUCvdjr6noseBKjA1WdEdUzxw1XLy66/qrAqHeU
yym2n7567768egqwxFMe3xu3L0btyhXr7EC8vauvKeMkhpPYMrxW7V5loYm3/Riu
3ct1A+/ZEnsdBTqEp2VF5pm1MKjpqCoHc8azdBM/ZzJaNZAXO3ZK9skahe2fAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUbE3CJv/A0khr3z7W4Ffio8OvbHgwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzEzODM1MmUzMTM0MzkyZTMx
MzUzMjJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMxMzUzNDMxMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAK5lZgwDQYJKoZIhvcNAQELBQADggEBAADbQCpAvdM32H0lfUyH9jsrMKVdqf7w
olJSPXiG4w38a5L7SCs8p3ShIW7OEklWywCyJESLoJehBgFVZGjIH63hOR7debQ3
heQ4NCYZ/s0H4/2Tp7PHk9y5wrVVdsdJo6Tq0VTjS0BiBGopEjkM0a6iOV3C+Ld8
64oLHY250rp11Nu0t0bDOpGgLNCQ5BSycr0vy3I0h2UKSYWyp9VdY8wIgSvOC5g8
EXuSERO4JbfiAV59F/IJpOvY455FaxprxkOy5ezrf95cwF7FzQDdMEZzjBIDUZOj
277aOgOtYVw2vqU9aCXgGyz6YRj1UUXeHEzTwc4ZSAbqtAR/mzPX8/U=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:15 2024 by rpki-client on console-ams.rpki-client.org