Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203133313934.roa
File: 3138352e3134392e3135332e302f32342d3234203d3e203133313934.roa (raw, json)
Hash identifier: X3/9u46jAGxsIPtuCyeXYEK8c2AEjF7X4m/m2Lk2Ox8=
Subject key identifier: 8B:F6:02:04:26:D7:3D:D0:28:37:62:AF:3A:DA:5E:18:5F:C2:FB:5B
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 2AF6517E6629BEFF8A3B179F22DD6982CA663777
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203133313934.roa
Signing time: Fri 07 Jul 2023 08:08:14 +0000
ROA not before: Fri 07 Jul 2023 08:03:14 +0000
ROA not after: Fri 05 Jul 2024 08:08:14 +0000
asID: 13194
IP address blocks: 185.149.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 07:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:f6:51:7e:66:29:be:ff:8a:3b:17:9f:22:dd:69:82:ca:66:37:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:14 2023 GMT
Not After : Jul 5 08:08:14 2024 GMT
Subject: CN=8BF6020426D73DD0283762AF3ADA5E185FC2FB5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cd:b1:24:17:f4:37:75:22:51:4f:d6:59:f5:
fa:1e:f2:8d:4b:14:63:c2:ff:31:76:36:ac:d3:d6:
2e:be:fc:a0:ca:ec:04:6a:88:c4:f0:5c:8d:2d:f1:
13:96:6d:c4:60:d2:3e:96:d4:33:91:34:e4:fe:a3:
f8:d7:37:fc:a4:d5:2d:4a:23:1a:ef:2c:f9:51:d2:
c9:34:46:4a:1e:54:44:3f:af:c3:d5:b9:56:bc:44:
01:dc:cc:86:87:86:ae:07:8e:60:53:47:57:c0:e5:
4e:83:5a:86:5d:5b:37:78:a6:a9:f6:c5:ed:91:45:
2f:96:54:29:fd:6b:8a:f1:34:88:c0:f7:d9:dc:56:
cd:64:f5:04:10:ba:e2:13:87:ef:76:f6:90:0c:d8:
c3:fd:49:26:b8:ab:41:1c:7d:5b:5f:fa:e5:04:13:
d6:ae:19:d1:dc:3e:bb:16:d4:98:c9:72:46:ff:c4:
09:77:20:c7:23:46:8d:98:cc:68:ea:8f:7e:b0:0b:
59:79:45:a6:96:5c:bf:92:08:4c:c0:fd:71:8e:2d:
08:04:f4:8b:39:20:24:42:e9:49:19:9e:fb:6b:06:
ea:f2:16:92:87:a6:d7:32:9c:f5:64:69:c4:0c:48:
5a:11:86:fb:23:af:91:80:99:46:46:fa:82:13:f9:
09:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F6:02:04:26:D7:3D:D0:28:37:62:AF:3A:DA:5E:18:5F:C2:FB:5B
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203133313934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.153.0/24
Signature Algorithm: sha256WithRSAEncryption
23:36:67:d5:50:89:66:3b:7d:b5:d4:e2:bd:c2:98:92:42:60:
01:2b:aa:89:7c:d5:f3:2b:9a:7b:f2:30:ea:9a:00:ab:2c:93:
6b:7e:fc:bf:e9:fc:07:b4:3f:d9:82:90:d2:77:c8:c0:97:f3:
45:a1:72:06:e8:9e:c5:ec:e9:e2:d4:5f:a9:57:e4:d9:d1:4c:
23:b9:2e:14:4c:77:f3:5c:0e:db:c3:f1:ba:b7:28:9d:60:ce:
6e:63:f4:b0:43:1e:c6:b3:f5:eb:49:74:df:89:31:9d:92:97:
00:c9:27:41:16:69:1d:b2:b4:9d:b6:a8:35:e2:ed:83:46:89:
cc:d3:09:16:a7:92:02:8a:ee:f0:63:e6:04:0e:a8:f4:69:08:
0a:18:ca:91:f0:23:d3:3b:70:1f:fc:9b:b6:9e:c5:2b:e0:7d:
05:d2:60:be:4a:bd:f8:85:9f:16:94:1a:d7:12:02:c6:a9:07:
10:d4:05:7e:4c:f1:3a:fb:42:b8:63:d3:02:99:79:b9:d2:f0:
6c:71:20:a8:1e:27:18:7e:03:f8:14:52:df:7a:74:1b:12:da:
6f:47:6a:ad:8c:a4:58:4d:e8:14:0f:fe:a9:b1:fb:11:85:d3:
c7:79:1f:dc:61:e9:68:da:f4:d6:42:de:da:21:4f:68:bb:05:
ab:9a:72:6f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKvZRfmYpvv+KOxefIt1pgspmN3cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTRaFw0yNDA3MDUwODA4MTRaMDMxMTAvBgNV
BAMTKDhCRjYwMjA0MjZENzNERDAyODM3NjJBRjNBREE1RTE4NUZDMkZCNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtzbEkF/Q3dSJRT9ZZ9foe8o1L
FGPC/zF2NqzT1i6+/KDK7ARqiMTwXI0t8ROWbcRg0j6W1DORNOT+o/jXN/yk1S1K
IxrvLPlR0sk0RkoeVEQ/r8PVuVa8RAHczIaHhq4HjmBTR1fA5U6DWoZdWzd4pqn2
xe2RRS+WVCn9a4rxNIjA99ncVs1k9QQQuuITh+929pAM2MP9SSa4q0EcfVtf+uUE
E9auGdHcPrsW1JjJckb/xAl3IMcjRo2YzGjqj36wC1l5RaaWXL+SCEzA/XGOLQgE
9Is5ICRC6UkZnvtrBuryFpKHptcynPVkacQMSFoRhvsjr5GAmUZG+oIT+QllAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUi/YCBCbXPdAoN2KvOtpeGF/C+1swHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzEzODM1MmUzMTM0MzkyZTMx
MzUzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzMTM5MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5lZkwDQYJKoZIhvcNAQELBQADggEBACM2Z9VQiWY7fbXU4r3CmJJCYAErqol8
1fMrmnvyMOqaAKssk2t+/L/p/Ae0P9mCkNJ3yMCX80WhcgbonsXs6eLUX6lX5NnR
TCO5LhRMd/NcDtvD8bq3KJ1gzm5j9LBDHsaz9etJdN+JMZ2SlwDJJ0EWaR2ytJ22
qDXi7YNGiczTCRankgKK7vBj5gQOqPRpCAoYypHwI9M7cB/8m7aexSvgfQXSYL5K
vfiFnxaUGtcSAsapBxDUBX5M8Tr7Qrhj0wKZebnS8GxxIKgeJxh+A/gUUt96dBsS
2m9Haq2MpFhN6BQP/qmx+xGF08d5H9xh6Wja9NZC3tohT2i7Bauacm8=
-----END CERTIFICATE-----
Generated at Wed May 1 15:29:41 2024 by rpki-client on console-fra.rpki-client.org