Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203133313934.roa
File: 3138352e3134392e3135332e302f32342d3234203d3e203133313934.roa (raw, json)
Hash identifier: obdRgrAlbArOEzRq2MdJUp0vE/IGIUgpRkpTPsHnYpw=
Subject key identifier: 15:73:2C:88:98:3D:FB:BF:12:F7:62:B2:EA:DE:C7:27:B2:5E:CF:30
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 0DA7FD221DFC394AA43BC5703BE21CF74DA863B7
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203133313934.roa
Signing time: Fri 07 Jun 2024 09:01:54 +0000
ROA not before: Fri 07 Jun 2024 08:56:54 +0000
ROA not after: Fri 06 Jun 2025 09:01:54 +0000
asID: 13194
IP address blocks: 185.149.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:22:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:a7:fd:22:1d:fc:39:4a:a4:3b:c5:70:3b:e2:1c:f7:4d:a8:63:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jun 7 08:56:54 2024 GMT
Not After : Jun 6 09:01:54 2025 GMT
Subject: CN=15732C88983DFBBF12F762B2EADEC727B25ECF30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5a:3b:27:2e:b9:07:8e:b0:d9:09:15:7d:31:
81:8a:c0:85:a5:50:fe:ba:1b:6a:13:99:9b:df:ce:
7e:4b:a8:b2:53:6f:01:4e:3c:13:4b:18:19:1d:30:
92:ff:a2:52:e2:de:2f:92:b8:53:5b:15:99:16:e2:
4d:b7:1e:82:1b:32:02:ef:4f:fc:25:82:f7:00:95:
3a:55:2f:4b:9f:e9:83:a9:01:9e:cb:01:d3:5b:86:
f7:08:ac:33:4b:0a:18:6c:fc:51:8a:36:33:d3:5e:
4e:15:83:b2:f0:74:9b:d1:d1:6a:16:1c:11:28:a9:
22:7d:36:67:24:38:19:0b:8b:65:3e:04:32:69:02:
b3:7b:cb:e8:b2:fc:c8:60:30:e4:3f:ee:81:d5:2e:
35:21:4d:b6:8f:99:dc:c2:28:52:ca:01:9d:b4:82:
b1:7c:9d:7a:de:14:0b:26:97:6a:6f:3d:36:d8:30:
22:f4:5d:53:c3:cf:bd:1c:0c:b0:f4:e6:d3:d0:a0:
9d:b1:47:ae:32:5d:27:b4:1d:e9:ae:a6:c6:59:1f:
13:eb:b0:b0:c4:23:2f:cf:15:f2:ff:f6:46:96:9a:
34:d8:41:05:8e:df:7d:8b:cc:49:0d:08:87:8a:9e:
3e:92:ac:1d:49:e0:44:41:d2:68:86:c0:ea:03:33:
b1:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:73:2C:88:98:3D:FB:BF:12:F7:62:B2:EA:DE:C7:27:B2:5E:CF:30
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203133313934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.153.0/24
Signature Algorithm: sha256WithRSAEncryption
46:4b:dc:46:a1:39:06:5c:a2:76:28:32:32:93:e8:0f:1c:41:
94:73:15:95:a7:80:0b:bd:5a:4b:66:8b:ba:5d:f1:65:46:3e:
cb:f4:80:3a:c2:ab:9a:14:87:93:73:89:2a:af:cd:8a:92:4a:
76:72:d3:d6:4e:46:a3:92:81:cf:13:04:df:2e:7a:4b:fe:74:
e8:07:38:e4:4f:6b:e8:16:93:47:a9:e7:d0:d9:99:c6:4e:56:
71:a5:79:76:16:d0:f1:e7:2c:a4:c0:07:28:d0:ef:14:97:f3:
94:11:46:60:3d:63:51:a2:f3:c5:d8:df:87:95:8e:24:71:9f:
21:ab:fa:9b:89:c8:97:f5:c0:c7:34:48:c2:1c:47:ef:c1:e8:
7e:6c:5c:db:05:9e:e2:b5:26:33:e1:eb:3a:cb:42:71:f3:29:
3f:5d:5a:b1:62:75:fc:dc:85:40:6e:fe:ab:76:96:bb:d7:b9:
eb:59:d4:ec:62:86:fa:0c:76:f2:e7:67:a4:55:14:8a:32:bb:
05:fa:ce:9f:6c:e4:83:09:8a:41:1b:0c:1c:22:f5:0c:aa:b7:
e0:9c:76:4f:4b:63:b7:20:48:29:e0:b4:db:28:1b:5a:d2:e4:
09:7d:30:7f:63:a0:b9:32:20:09:11:45:79:75:9e:a9:2c:ad:
03:c5:c6:b8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDaf9Ih38OUqkO8VwO+Ic902oY7cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNDA2MDcwODU2NTRaFw0yNTA2MDYwOTAxNTRaMDMxMTAvBgNV
BAMTKDE1NzMyQzg4OTgzREZCQkYxMkY3NjJCMkVBREVDNzI3QjI1RUNGMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqWjsnLrkHjrDZCRV9MYGKwIWl
UP66G2oTmZvfzn5LqLJTbwFOPBNLGBkdMJL/olLi3i+SuFNbFZkW4k23HoIbMgLv
T/wlgvcAlTpVL0uf6YOpAZ7LAdNbhvcIrDNLChhs/FGKNjPTXk4Vg7LwdJvR0WoW
HBEoqSJ9NmckOBkLi2U+BDJpArN7y+iy/MhgMOQ/7oHVLjUhTbaPmdzCKFLKAZ20
grF8nXreFAsml2pvPTbYMCL0XVPDz70cDLD05tPQoJ2xR64yXSe0HemupsZZHxPr
sLDEIy/PFfL/9kaWmjTYQQWO332LzEkNCIeKnj6SrB1J4ERB0miGwOoDM7GBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUFXMsiJg9+78S92Ky6t7HJ7JezzAwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzEzODM1MmUzMTM0MzkyZTMx
MzUzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzMTM5MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5lZkwDQYJKoZIhvcNAQELBQADggEBAEZL3EahOQZconYoMjKT6A8cQZRzFZWn
gAu9Wktmi7pd8WVGPsv0gDrCq5oUh5NziSqvzYqSSnZy09ZORqOSgc8TBN8uekv+
dOgHOORPa+gWk0ep59DZmcZOVnGleXYW0PHnLKTAByjQ7xSX85QRRmA9Y1Gi88XY
34eVjiRxnyGr+puJyJf1wMc0SMIcR+/B6H5sXNsFnuK1JjPh6zrLQnHzKT9dWrFi
dfzchUBu/qt2lrvXuetZ1OxihvoMdvLnZ6RVFIoyuwX6zp9s5IMJikEbDBwi9Qyq
t+Ccdk9LY7cgSCngtNsoG1rS5Al9MH9joLkyIAkRRXl1nqksrQPFxrg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:54:19 2025 by rpki-client