Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203434373731.roa
File: 3138352e3134392e3135332e302f32342d3234203d3e203434373731.roa (raw, json)
Hash identifier: 4mqwfhy9a9hkFt/HMZyRxqga/e91H8gT7Jps1d0H4tQ=
Subject key identifier: DA:FC:AE:93:47:E2:7D:3B:73:E8:BE:B0:E9:2E:C4:D3:96:EC:04:51
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 72FBD58866A00AD4D18C72DE57B97BE80E8DE7
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203434373731.roa
Signing time: Fri 07 Jul 2023 08:08:16 +0000
ROA not before: Fri 07 Jul 2023 08:03:16 +0000
ROA not after: Fri 05 Jul 2024 08:08:16 +0000
asID: 44771
IP address blocks: 185.149.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:fb:d5:88:66:a0:0a:d4:d1:8c:72:de:57:b9:7b:e8:0e:8d:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:16 2023 GMT
Not After : Jul 5 08:08:16 2024 GMT
Subject: CN=DAFCAE9347E27D3B73E8BEB0E92EC4D396EC0451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:36:a2:2b:4b:7e:05:f5:7e:f0:ce:df:ed:e1:
b6:86:5d:be:44:de:75:40:b8:44:0a:71:0b:19:34:
be:b7:59:90:42:d5:1c:9f:13:c2:a6:bb:2a:ed:c0:
c0:6f:7c:99:b6:c7:c3:58:e6:2d:a9:01:29:3c:f4:
e3:45:e0:56:83:41:92:2a:e5:21:0e:be:00:87:1c:
09:ff:ef:69:46:6e:b8:4e:7d:8d:15:e1:bc:31:07:
8b:9b:3a:3b:cc:ea:33:83:55:f8:f1:6c:70:86:53:
f9:e6:b5:75:24:27:dc:7d:bd:d4:73:3c:95:1e:31:
59:63:8b:d1:e6:72:fd:b1:ff:83:0d:cb:c6:09:56:
18:3d:2e:09:45:81:47:f3:64:83:c8:c5:2a:d6:d5:
66:98:85:b4:92:27:82:a8:ba:5c:1d:00:0e:ec:af:
3e:8e:3b:10:66:96:7d:93:05:af:26:73:34:41:88:
cd:ce:6c:11:67:8b:87:de:11:7a:be:da:5c:da:f0:
87:2e:51:94:49:39:6d:b0:3d:e2:ac:e6:c0:0e:58:
e1:99:c2:1e:67:cb:b8:20:b0:b6:dc:7c:c3:88:30:
76:0d:39:50:e8:d8:bd:09:eb:a3:77:42:9a:28:e5:
a6:cd:26:d7:7f:2f:7f:b8:4e:72:19:65:4f:30:b8:
fe:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:FC:AE:93:47:E2:7D:3B:73:E8:BE:B0:E9:2E:C4:D3:96:EC:04:51
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203434373731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.153.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:81:15:df:9c:a0:b1:1d:4c:26:e7:76:52:36:ae:ca:dd:8c:
c8:01:d9:b9:dc:8a:2a:01:66:c3:bc:a1:1c:ef:77:bb:ec:3e:
37:ef:d5:53:c3:c9:3a:74:74:9a:b8:94:b5:e7:1d:3f:b8:4a:
eb:3f:bb:f8:c8:30:ee:ba:e4:04:54:89:d1:00:e6:c3:6f:1c:
30:24:a4:db:78:54:05:77:30:b4:70:1f:94:21:15:98:0b:93:
60:e3:ac:dd:51:cc:f8:21:73:41:fd:7b:40:53:a4:ba:58:cd:
3a:4d:fc:e6:46:49:18:22:72:c6:3d:48:9a:41:2b:26:83:a2:
7f:89:be:91:20:4e:42:1f:df:c7:1a:a8:93:06:c7:fe:19:4c:
12:82:5b:a5:d8:3c:bf:5e:b9:8a:82:80:cf:7b:89:da:ba:4c:
a3:84:9b:80:4e:c2:1c:dd:05:9a:be:65:d9:d6:43:74:57:49:
32:f1:4c:b1:7f:ec:a7:29:69:38:84:ee:4e:da:8e:38:8b:27:
b7:37:b3:3c:23:af:e6:b6:b0:61:2f:02:eb:1c:49:a5:2c:af:
de:d3:b8:d4:96:01:45:c7:96:8a:05:f3:82:a4:6c:64:1d:86:
85:1c:06:f9:99:27:ee:b1:b4:d5:7d:a9:2a:94:46:7a:13:53:
ec:fc:e7:a5
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgITcvvViGagCtTRjHLeV7l76A6N5zANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg5ZGY4NTk5N2IxYjliMzU4ZTFjNDNmMzY3NjVhYTBhNGEw
MjE0NGFlMB4XDTIzMDcwNzA4MDMxNloXDTI0MDcwNTA4MDgxNlowMzExMC8GA1UE
AxMoREFGQ0FFOTM0N0UyN0QzQjczRThCRUIwRTkyRUM0RDM5NkVDMDQ1MTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMM2oitLfgX1fvDO3+3htoZdvkTe
dUC4RApxCxk0vrdZkELVHJ8Twqa7Ku3AwG98mbbHw1jmLakBKTz040XgVoNBkirl
IQ6+AIccCf/vaUZuuE59jRXhvDEHi5s6O8zqM4NV+PFscIZT+ea1dSQn3H291HM8
lR4xWWOL0eZy/bH/gw3LxglWGD0uCUWBR/Nkg8jFKtbVZpiFtJIngqi6XB0ADuyv
Po47EGaWfZMFryZzNEGIzc5sEWeLh94Rer7aXNrwhy5RlEk5bbA94qzmwA5Y4ZnC
HmfLuCCwttx8w4gwdg05UOjYvQnro3dCmijlps0m138vf7hOchllTzC4/kcCAwEA
AaOCAj8wggI7MB0GA1UdDgQWBBTa/K6TR+J9O3PovrDpLsTTluwEUTAfBgNVHSME
GDAWgBSd+FmXsbmzWOHEPzZ2WqCkoCFErjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS8wMDJlMGJhMy1mZTYwLTQ1YjEtOTE2MC04NjhhMmY4YTQz
YjEvMy85REY4NTk5N0IxQjlCMzU4RTFDNDNGMzY3NjVBQTBBNEEwMjE0NEFFLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvbmZoWmw3RzVzMWpoeEQ4MmRscWdwS0Fo
Uks0LmNlcjCBrwYIKwYBBQUHAQsEgaIwgZ8wgZwGCCsGAQUFBzALhoGPcnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8wMDJlMGJhMy1m
ZTYwLTQ1YjEtOTE2MC04NjhhMmY4YTQzYjEvMy8zMTM4MzUyZTMxMzQzOTJlMzEz
NTMzMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzNDM3MzczMS5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ALmVmTANBgkqhkiG9w0BAQsFAAOCAQEAioEV35ygsR1MJud2Ujauyt2MyAHZudyK
KgFmw7yhHO93u+w+N+/VU8PJOnR0mriUtecdP7hK6z+7+Mgw7rrkBFSJ0QDmw28c
MCSk23hUBXcwtHAflCEVmAuTYOOs3VHM+CFzQf17QFOkuljNOk385kZJGCJyxj1I
mkErJoOif4m+kSBOQh/fxxqokwbH/hlMEoJbpdg8v165ioKAz3uJ2rpMo4SbgE7C
HN0Fmr5l2dZDdFdJMvFMsX/spylpOITuTtqOOIsntzezPCOv5rawYS8C6xxJpSyv
3tO41JYBRceWigXzgqRsZB2GhRwG+Zkn7rG01X2pKpRGehNT7PznpQ==
-----END CERTIFICATE-----
Generated at Fri May 17 13:32:17 2024 by rpki-client on console-fra.rpki-client.org