Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135342e302f32342d3234203d3e203434373731.roa
File: 3138352e3134392e3135342e302f32342d3234203d3e203434373731.roa (raw, json)
Hash identifier: RopAUC9WeDxJkjPiIFGG3cAkxuCMld4PMKruh7HW+7M=
Subject key identifier: EC:7B:DB:EB:4F:34:63:91:BB:70:43:7B:34:4E:4D:81:CD:9E:EF:46
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 02183466D04605A9762CF7908AFDC34BA9E06B0B
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135342e302f32342d3234203d3e203434373731.roa
Signing time: Fri 07 Jul 2023 08:08:16 +0000
ROA not before: Fri 07 Jul 2023 08:03:16 +0000
ROA not after: Fri 05 Jul 2024 08:08:16 +0000
asID: 44771
IP address blocks: 185.149.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:18:34:66:d0:46:05:a9:76:2c:f7:90:8a:fd:c3:4b:a9:e0:6b:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:16 2023 GMT
Not After : Jul 5 08:08:16 2024 GMT
Subject: CN=EC7BDBEB4F346391BB70437B344E4D81CD9EEF46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e7:16:15:5d:f6:cc:f4:c6:24:cd:c8:06:fc:
8c:7d:88:55:f8:47:50:9e:c4:a2:b2:61:32:6e:47:
80:b1:7a:91:24:2e:a1:dd:e7:1f:4f:fc:bd:a8:bc:
ce:e0:9f:cb:51:fd:13:9e:70:19:ff:55:86:95:98:
1c:3e:ef:b4:58:18:43:fd:04:09:06:46:16:4f:43:
96:fa:7b:8c:2d:5a:b9:dc:e5:66:6b:59:3e:7b:b5:
ec:e5:93:c3:af:c9:20:93:79:26:45:a1:a3:d8:e8:
2c:e5:55:40:4a:71:de:34:3c:10:f1:ee:5e:53:6a:
54:da:d7:a8:d4:75:c4:17:0c:c0:37:41:d8:75:99:
a4:b1:cc:6e:d8:b9:38:ff:4c:8f:8d:49:92:d3:39:
a8:79:d5:19:05:0b:31:17:fc:a1:1e:dc:71:4b:ca:
e8:48:c7:ca:76:09:73:0c:42:22:64:74:33:21:9f:
b5:b3:7b:27:e9:f3:da:d8:15:00:b8:0f:ce:f1:ca:
c3:96:77:cf:21:f3:00:84:b5:a3:4a:f1:10:d0:24:
ce:a1:6e:c4:5d:a6:7f:9f:9d:8e:a7:04:e1:17:37:
72:14:d4:20:ed:69:3d:29:ab:ab:36:3e:0d:7b:49:
ae:91:50:18:4c:a8:d6:c1:6a:a9:65:e9:64:ec:08:
37:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:7B:DB:EB:4F:34:63:91:BB:70:43:7B:34:4E:4D:81:CD:9E:EF:46
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135342e302f32342d3234203d3e203434373731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.154.0/24
Signature Algorithm: sha256WithRSAEncryption
49:62:34:0f:06:8e:8a:9a:21:d3:01:b5:6b:9e:8a:83:fc:10:
0a:01:fc:be:7b:7c:67:29:ce:9a:7a:e8:cc:d2:2e:37:67:8c:
6f:59:dd:05:0d:78:98:d1:d7:af:5f:64:4a:34:72:92:40:3d:
90:22:27:d3:cf:b5:3a:31:74:5c:f9:ed:3b:24:b5:33:24:34:
fc:d1:25:06:a4:e9:91:7d:18:ce:77:8b:65:06:7e:29:85:fa:
ec:a9:77:5e:7b:9f:5c:fe:b1:36:e3:87:f1:05:36:12:7e:53:
71:72:99:7a:c0:e0:cc:2d:75:27:76:ad:94:e4:a1:1a:4f:bf:
10:4f:8c:d7:48:0a:b5:67:96:da:3b:ed:24:ed:98:6a:06:b4:
ed:2e:9b:b6:8b:77:00:33:af:ff:c9:5c:d8:73:91:1a:0a:b4:
28:b8:9d:d9:fa:c2:20:98:16:4e:b5:bb:46:a1:87:de:5d:b4:
b1:ad:23:fa:d8:43:7d:c0:23:00:e1:f0:75:f2:c1:91:1f:51:
44:9b:ac:95:a5:b9:d9:5e:1c:dc:92:90:d8:df:be:cc:e6:07:
62:c6:13:fd:98:c4:0a:6e:59:ef:66:37:08:ab:9c:e4:8a:1e:
de:d9:3b:ab:bf:c7:03:96:f5:3f:c2:90:d4:80:76:42:9f:7e:
10:b2:5c:d3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUAhg0ZtBGBal2LPeQiv3DS6ngawswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTZaFw0yNDA3MDUwODA4MTZaMDMxMTAvBgNV
BAMTKEVDN0JEQkVCNEYzNDYzOTFCQjcwNDM3QjM0NEU0RDgxQ0Q5RUVGNDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCD5xYVXfbM9MYkzcgG/Ix9iFX4
R1CexKKyYTJuR4CxepEkLqHd5x9P/L2ovM7gn8tR/ROecBn/VYaVmBw+77RYGEP9
BAkGRhZPQ5b6e4wtWrnc5WZrWT57tezlk8OvySCTeSZFoaPY6CzlVUBKcd40PBDx
7l5TalTa16jUdcQXDMA3Qdh1maSxzG7YuTj/TI+NSZLTOah51RkFCzEX/KEe3HFL
yuhIx8p2CXMMQiJkdDMhn7Wzeyfp89rYFQC4D87xysOWd88h8wCEtaNK8RDQJM6h
bsRdpn+fnY6nBOEXN3IU1CDtaT0pq6s2Pg17Sa6RUBhMqNbBaqll6WTsCDdVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU7Hvb6080Y5G7cEN7NE5Ngc2e70YwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzEzODM1MmUzMTM0MzkyZTMx
MzUzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzQzNzM3MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5lZowDQYJKoZIhvcNAQELBQADggEBAEliNA8GjoqaIdMBtWueioP8EAoB/L57
fGcpzpp66MzSLjdnjG9Z3QUNeJjR169fZEo0cpJAPZAiJ9PPtToxdFz57TsktTMk
NPzRJQak6ZF9GM53i2UGfimF+uypd157n1z+sTbjh/EFNhJ+U3FymXrA4MwtdSd2
rZTkoRpPvxBPjNdICrVnlto77STtmGoGtO0um7aLdwAzr//JXNhzkRoKtCi4ndn6
wiCYFk61u0ahh95dtLGtI/rYQ33AIwDh8HXywZEfUUSbrJWludleHNySkNjfvszm
B2LGE/2YxApuWe9mNwirnOSKHt7ZO6u/xwOW9T/CkNSAdkKffhCyXNM=
-----END CERTIFICATE-----
Generated at Fri May 17 13:32:17 2024 by rpki-client on console-fra.rpki-client.org