Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135342e302f32342d3234203d3e203434373731.roa
File: 3138352e3134392e3135342e302f32342d3234203d3e203434373731.roa (raw, json)
Hash identifier: kAy+abXsJb9Q4kp22IeSWppW6m8I+XeaZMYUvXUunLw=
Subject key identifier: 32:3D:48:F1:0D:DD:46:AE:90:85:CC:CA:90:B8:E0:41:BC:D9:68:31
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 46FABE5730FC9C6D3E1B59B4F37B6C720FB8E885
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135342e302f32342d3234203d3e203434373731.roa
Signing time: Fri 07 Jun 2024 09:01:53 +0000
ROA not before: Fri 07 Jun 2024 08:56:53 +0000
ROA not after: Fri 06 Jun 2025 09:01:53 +0000
asID: 44771
IP address blocks: 185.149.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:fa:be:57:30:fc:9c:6d:3e:1b:59:b4:f3:7b:6c:72:0f:b8:e8:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jun 7 08:56:53 2024 GMT
Not After : Jun 6 09:01:53 2025 GMT
Subject: CN=323D48F10DDD46AE9085CCCA90B8E041BCD96831
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d8:93:3d:d8:32:ee:9f:97:4e:fa:fc:4e:ba:
7d:61:58:84:74:60:92:a8:94:4f:ce:fb:e1:26:5d:
7a:d8:d1:8e:5e:c8:58:14:e2:b2:84:a4:a1:ce:a8:
20:10:8d:c5:15:6b:22:47:d4:8f:64:73:37:25:f2:
3a:ab:0b:a4:e4:98:1b:20:b9:6c:c4:9c:aa:88:17:
8c:5b:0e:fd:39:21:53:f8:1d:12:43:e0:8c:b2:eb:
64:53:6c:c1:ab:2e:ee:b6:33:5c:94:0c:94:8a:eb:
80:27:32:65:ac:0b:cd:06:90:ea:a6:49:71:2b:52:
cb:ef:33:07:4d:67:e8:76:5e:1e:35:2a:19:ff:29:
5b:15:44:6a:26:5a:b5:0f:14:65:82:38:75:a0:12:
2e:4a:78:46:c3:eb:5a:36:b0:80:6b:3e:65:b9:c0:
81:aa:9a:a2:9f:46:ed:69:bf:4c:3b:7a:50:f7:4f:
21:3d:6b:bd:db:ee:fc:15:db:2f:0f:87:43:75:c0:
8a:f9:ac:15:fa:0e:bc:e6:ed:e8:dc:6e:c1:5b:04:
22:e7:cc:bd:aa:18:86:91:2f:82:d9:90:f3:96:36:
af:22:c9:98:de:2c:f4:36:55:70:68:cd:36:28:c2:
c2:95:cc:1e:72:e8:f7:76:84:24:b5:b0:c2:9c:a2:
cf:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:3D:48:F1:0D:DD:46:AE:90:85:CC:CA:90:B8:E0:41:BC:D9:68:31
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135342e302f32342d3234203d3e203434373731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.154.0/24
Signature Algorithm: sha256WithRSAEncryption
24:34:ad:0d:86:e0:01:51:c0:d2:1f:a3:19:15:70:ee:4e:fc:
28:7d:db:00:05:49:d7:5a:a1:8e:22:6d:32:e2:24:a4:de:2d:
88:12:76:db:37:71:af:d0:20:b0:51:c6:d0:19:69:50:d5:a9:
40:b7:78:c6:85:21:15:f0:75:bb:4d:67:c2:79:ab:bb:0f:41:
10:5f:1b:3b:51:c2:ec:f8:25:e6:b7:fe:dc:10:8e:8c:b7:1b:
03:02:73:65:64:59:96:10:2d:61:b5:b2:7c:ec:47:ce:e3:7a:
e6:32:1e:8f:24:30:de:53:6a:fa:53:4f:15:52:8b:99:55:a6:
95:9b:bc:c1:2d:23:b9:13:f2:53:44:af:4e:2a:60:74:3c:d7:
ab:63:ae:2a:7a:30:03:aa:43:96:04:21:c2:87:fe:88:85:81:
4b:6b:64:d4:29:92:07:31:a2:1a:3e:5d:f9:81:14:45:bb:cb:
9f:26:e3:00:bb:62:0b:88:6f:c3:c2:3c:05:bd:b3:ca:4f:ae:
53:49:3f:59:99:e9:20:0f:bf:4f:6f:47:35:d5:f9:43:2c:f7:
8d:f5:07:f0:e6:27:f7:b5:ca:36:9c:28:c7:2a:81:ab:22:2e:
48:25:e3:b0:a3:71:ab:1b:87:94:27:45:d4:a7:a2:55:8d:9e:
b5:37:96:d5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURvq+VzD8nG0+G1m083tscg+46IUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNDA2MDcwODU2NTNaFw0yNTA2MDYwOTAxNTNaMDMxMTAvBgNV
BAMTKDMyM0Q0OEYxMERERDQ2QUU5MDg1Q0NDQTkwQjhFMDQxQkNEOTY4MzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC82JM92DLun5dO+vxOun1hWIR0
YJKolE/O++EmXXrY0Y5eyFgU4rKEpKHOqCAQjcUVayJH1I9kczcl8jqrC6TkmBsg
uWzEnKqIF4xbDv05IVP4HRJD4Iyy62RTbMGrLu62M1yUDJSK64AnMmWsC80GkOqm
SXErUsvvMwdNZ+h2Xh41Khn/KVsVRGomWrUPFGWCOHWgEi5KeEbD61o2sIBrPmW5
wIGqmqKfRu1pv0w7elD3TyE9a73b7vwV2y8Ph0N1wIr5rBX6Drzm7ejcbsFbBCLn
zL2qGIaRL4LZkPOWNq8iyZjeLPQ2VXBozTYowsKVzB5y6Pd2hCS1sMKcos/tAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUMj1I8Q3dRq6QhczKkLjgQbzZaDEwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzEzODM1MmUzMTM0MzkyZTMx
MzUzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzQzNzM3MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5lZowDQYJKoZIhvcNAQELBQADggEBACQ0rQ2G4AFRwNIfoxkVcO5O/Ch92wAF
SddaoY4ibTLiJKTeLYgSdts3ca/QILBRxtAZaVDVqUC3eMaFIRXwdbtNZ8J5q7sP
QRBfGztRwuz4Jea3/twQjoy3GwMCc2VkWZYQLWG1snzsR87jeuYyHo8kMN5TavpT
TxVSi5lVppWbvMEtI7kT8lNEr04qYHQ816tjrip6MAOqQ5YEIcKH/oiFgUtrZNQp
kgcxoho+XfmBFEW7y58m4wC7YguIb8PCPAW9s8pPrlNJP1mZ6SAPv09vRzXV+UMs
9431B/DmJ/e1yjacKMcqgasiLkgl47Cjcasbh5QnRdSnolWNnrU3ltU=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:50 2024 by rpki-client on console-fra.rpki-client.org