Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203135343430.roa
File: 3138352e3134392e3135332e302f32342d3234203d3e203135343430.roa (raw, json)
Hash identifier: jwteD3hkzVMFXXEJSc8k23qf/90xvhdj/VD3gj2Catk=
Subject key identifier: 73:B8:9A:76:AB:2C:5B:8C:E5:D1:C2:9F:8C:2F:FB:71:AA:3E:C8:F7
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 173B4BDED59F9A2F756F066A0EE34523029D4790
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203135343430.roa
Signing time: Fri 07 Jun 2024 09:01:55 +0000
ROA not before: Fri 07 Jun 2024 08:56:55 +0000
ROA not after: Fri 06 Jun 2025 09:01:55 +0000
asID: 15440
IP address blocks: 185.149.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:3b:4b:de:d5:9f:9a:2f:75:6f:06:6a:0e:e3:45:23:02:9d:47:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jun 7 08:56:55 2024 GMT
Not After : Jun 6 09:01:55 2025 GMT
Subject: CN=73B89A76AB2C5B8CE5D1C29F8C2FFB71AA3EC8F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b5:a8:63:e7:8c:6b:3b:d5:d2:17:ba:aa:53:
f3:18:1d:ce:6a:f9:cb:47:17:4f:53:78:67:71:75:
b7:ed:e2:8d:66:92:9b:83:92:0f:a5:3e:79:ee:3a:
40:0d:9e:e6:74:70:d6:d8:87:d5:07:3c:44:bd:73:
bc:35:21:eb:48:33:cb:28:a0:72:cf:62:c1:f3:a6:
71:3b:6c:0e:ba:cc:f2:e6:da:bf:e3:cc:93:42:2e:
49:19:29:0f:55:09:f1:be:29:f6:e6:0f:e1:11:f9:
5c:c2:97:40:56:aa:4f:5b:b4:02:26:f3:e7:4a:75:
f4:61:59:c3:6d:d6:01:6b:03:ae:50:3a:66:21:f8:
72:64:55:c0:5f:e5:11:4c:13:ea:06:90:9a:a7:f2:
25:fe:b5:8c:4a:43:cc:27:50:01:11:64:54:47:a4:
3c:8a:db:ae:82:3f:c6:d2:08:7f:4f:7f:de:e1:5b:
e2:dd:83:99:a8:e7:0d:d6:17:9f:2b:1c:9f:d2:c3:
7b:94:e7:b5:62:cf:bd:a7:42:99:7b:48:39:f6:60:
75:08:d7:88:2d:3b:a5:9b:5c:ae:98:50:55:3d:93:
16:74:51:ba:7a:d8:f7:e4:39:a2:75:41:c9:b2:79:
1a:b3:45:d9:22:ba:76:4f:ad:d8:cc:29:91:1a:c4:
92:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:B8:9A:76:AB:2C:5B:8C:E5:D1:C2:9F:8C:2F:FB:71:AA:3E:C8:F7
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203135343430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.153.0/24
Signature Algorithm: sha256WithRSAEncryption
07:dd:37:5e:0a:52:f9:e9:e8:62:18:76:06:a7:61:56:0e:15:
69:e3:0e:d6:3a:b2:45:79:c5:19:28:3f:e5:b1:b0:c7:13:83:
82:ac:bc:ea:42:97:24:22:43:9c:11:37:f8:8c:48:76:ee:8f:
f3:92:98:37:5c:71:70:53:44:d3:e7:6e:dd:fd:de:fe:7c:2c:
16:2d:60:5b:d9:70:19:13:28:6c:85:65:df:0a:ed:ad:81:17:
5c:3a:e2:cb:15:8d:59:99:28:64:81:1b:b2:3e:a5:6d:0c:bb:
20:00:38:09:79:31:f4:12:5a:c9:20:d4:60:ad:6d:06:bf:88:
35:a5:45:94:c8:b9:4c:7d:48:d4:10:48:c6:e1:2d:c5:72:d0:
fc:a2:17:f3:d5:bf:d1:6a:8d:91:d8:6a:d2:39:01:15:91:ed:
5d:ca:68:5a:56:ef:25:a8:a0:da:2d:66:1b:82:82:5f:e4:89:
f8:f7:16:47:aa:b0:88:e4:2f:fb:71:1d:86:99:14:be:6d:5b:
01:45:4d:6c:a4:9d:f5:d4:4b:4e:ec:da:74:6f:66:c1:1c:77:
b8:ee:a4:0e:b8:ba:95:d3:d1:e6:90:5b:21:8e:5a:c7:f9:88:
1d:e7:f9:ed:e4:f8:af:2a:c2:4f:d8:19:a2:38:d5:8c:fa:f3:
2f:41:23:09
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFztL3tWfmi91bwZqDuNFIwKdR5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNDA2MDcwODU2NTVaFw0yNTA2MDYwOTAxNTVaMDMxMTAvBgNV
BAMTKDczQjg5QTc2QUIyQzVCOENFNUQxQzI5RjhDMkZGQjcxQUEzRUM4RjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXtahj54xrO9XSF7qqU/MYHc5q
+ctHF09TeGdxdbft4o1mkpuDkg+lPnnuOkANnuZ0cNbYh9UHPES9c7w1IetIM8so
oHLPYsHzpnE7bA66zPLm2r/jzJNCLkkZKQ9VCfG+KfbmD+ER+VzCl0BWqk9btAIm
8+dKdfRhWcNt1gFrA65QOmYh+HJkVcBf5RFME+oGkJqn8iX+tYxKQ8wnUAERZFRH
pDyK266CP8bSCH9Pf97hW+Ldg5mo5w3WF58rHJ/Sw3uU57Viz72nQpl7SDn2YHUI
14gtO6WbXK6YUFU9kxZ0Ubp62PfkOaJ1QcmyeRqzRdkiunZPrdjMKZEaxJK/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUc7iadqssW4zl0cKfjC/7cao+yPcwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzEzODM1MmUzMTM0MzkyZTMx
MzUzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzUzNDM0MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5lZkwDQYJKoZIhvcNAQELBQADggEBAAfdN14KUvnp6GIYdganYVYOFWnjDtY6
skV5xRkoP+WxsMcTg4KsvOpClyQiQ5wRN/iMSHbuj/OSmDdccXBTRNPnbt393v58
LBYtYFvZcBkTKGyFZd8K7a2BF1w64ssVjVmZKGSBG7I+pW0MuyAAOAl5MfQSWskg
1GCtbQa/iDWlRZTIuUx9SNQQSMbhLcVy0PyiF/PVv9FqjZHYatI5ARWR7V3KaFpW
7yWooNotZhuCgl/kifj3FkeqsIjkL/txHYaZFL5tWwFFTWyknfXUS07s2nRvZsEc
d7jupA64upXT0eaQWyGOWsf5iB3n+e3k+K8qwk/YGaI41Yz68y9BIwk=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:50 2024 by rpki-client on console-fra.rpki-client.org