Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135352e302f32342d3234203d3e203434373731.roa
File: 3138352e3134392e3135352e302f32342d3234203d3e203434373731.roa (raw, json)
Hash identifier: 0IPNooT5QWBhGrICiMetYy7pCF+C6k7B4M0htQlo2Og=
Subject key identifier: 6C:64:5B:9D:5A:2F:3A:8D:70:8C:FE:34:41:7A:D7:E1:FB:04:5D:7B
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 5694292AAFCBDD6D344CDD66487FA3B3B75AD43F
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135352e302f32342d3234203d3e203434373731.roa
Signing time: Fri 07 Jun 2024 09:01:54 +0000
ROA not before: Fri 07 Jun 2024 08:56:54 +0000
ROA not after: Fri 06 Jun 2025 09:01:54 +0000
asID: 44771
IP address blocks: 185.149.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:94:29:2a:af:cb:dd:6d:34:4c:dd:66:48:7f:a3:b3:b7:5a:d4:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jun 7 08:56:54 2024 GMT
Not After : Jun 6 09:01:54 2025 GMT
Subject: CN=6C645B9D5A2F3A8D708CFE34417AD7E1FB045D7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:76:58:8f:3e:ea:26:79:06:e7:f9:f6:f8:c2:
fa:9b:41:e8:ae:17:78:3c:77:09:af:28:cc:30:b7:
bd:21:8a:2a:d8:07:fb:97:5a:3e:77:cb:8e:cc:8b:
6a:5f:45:e5:89:11:40:75:c9:8a:f4:ee:f3:b8:e5:
34:1a:3b:8a:ef:dc:c8:48:51:68:80:a7:41:f5:97:
e5:3e:84:bb:09:cd:22:9c:a7:12:b8:25:7f:ac:50:
d9:96:31:25:8d:07:21:19:ed:2b:9a:55:5c:cf:1b:
bb:c4:2a:e9:d6:29:41:61:9c:c1:cd:b6:dd:09:2b:
a6:08:c2:67:ad:b5:b4:2f:43:82:a0:8e:0d:89:bf:
47:4a:e0:93:a6:58:56:12:93:bb:93:37:1c:f5:ec:
bc:8a:5a:52:40:a4:d6:28:95:b4:d2:0d:2c:ab:7d:
cd:f8:31:68:5b:e5:4b:fe:2b:9c:44:9d:4b:f6:b4:
da:b9:8a:ac:7a:20:40:a5:76:b1:3b:4b:35:c3:4f:
50:30:bd:5a:55:73:04:43:10:61:96:6e:98:36:86:
6f:fc:2e:21:f2:ac:51:2d:19:b2:8e:2a:60:78:2f:
cd:75:d7:87:65:ec:ea:95:95:f2:cd:0e:5c:1b:0b:
76:a6:77:2d:bd:c1:cd:66:33:cf:2a:19:ef:3a:9f:
da:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:64:5B:9D:5A:2F:3A:8D:70:8C:FE:34:41:7A:D7:E1:FB:04:5D:7B
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135352e302f32342d3234203d3e203434373731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.155.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:43:f2:a5:cb:9d:5a:11:46:84:40:3c:7b:fb:ee:e2:3d:09:
77:4d:cf:00:eb:11:3b:63:fc:f8:50:e7:eb:e2:bf:4c:44:24:
b7:3f:90:c0:01:e4:dc:26:c4:a1:e6:a4:15:d8:5e:7f:fe:34:
a0:98:8a:91:9c:a4:19:6f:54:15:8b:3c:ae:00:9b:2f:fd:e3:
0a:30:25:4b:a1:2e:38:bc:7d:d1:6b:36:b2:92:e3:a9:2e:d5:
f2:31:2c:74:8f:a2:3f:b9:12:51:bb:1e:13:00:ca:e6:79:9b:
0d:ad:4f:f0:90:c9:09:4c:4a:c4:cb:e6:43:9b:0d:81:7d:8b:
07:c0:3b:31:bf:b6:54:4e:6e:9e:48:67:cb:de:b2:b8:5d:4a:
09:4b:37:b8:99:0b:27:a4:a3:c8:83:3f:76:e5:82:6f:75:28:
21:90:32:ea:82:df:66:b7:bc:29:12:c1:a4:7e:b5:48:59:56:
49:a2:af:58:d8:74:e2:4a:8d:54:8b:2e:57:be:58:98:5c:8e:
3b:06:04:e7:32:0b:62:4f:a4:f2:e2:64:dc:91:3c:7d:cc:64:
4d:cf:ff:26:07:3e:d7:82:88:3a:cf:c9:ff:07:74:4b:15:56:
42:e5:07:69:0f:0f:49:b9:4d:b8:cd:d8:71:13:29:23:ce:9f:
b1:b8:24:d7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVpQpKq/L3W00TN1mSH+js7da1D8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNDA2MDcwODU2NTRaFw0yNTA2MDYwOTAxNTRaMDMxMTAvBgNV
BAMTKDZDNjQ1QjlENUEyRjNBOEQ3MDhDRkUzNDQxN0FEN0UxRkIwNDVEN0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCldliPPuomeQbn+fb4wvqbQeiu
F3g8dwmvKMwwt70hiirYB/uXWj53y47Mi2pfReWJEUB1yYr07vO45TQaO4rv3MhI
UWiAp0H1l+U+hLsJzSKcpxK4JX+sUNmWMSWNByEZ7SuaVVzPG7vEKunWKUFhnMHN
tt0JK6YIwmettbQvQ4Kgjg2Jv0dK4JOmWFYSk7uTNxz17LyKWlJApNYolbTSDSyr
fc34MWhb5Uv+K5xEnUv2tNq5iqx6IECldrE7SzXDT1AwvVpVcwRDEGGWbpg2hm/8
LiHyrFEtGbKOKmB4L81114dl7OqVlfLNDlwbC3amdy29wc1mM88qGe86n9rZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUbGRbnVovOo1wjP40QXrX4fsEXXswHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzEzODM1MmUzMTM0MzkyZTMx
MzUzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzQzNzM3MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5lZswDQYJKoZIhvcNAQELBQADggEBAKtD8qXLnVoRRoRAPHv77uI9CXdNzwDr
ETtj/PhQ5+viv0xEJLc/kMAB5NwmxKHmpBXYXn/+NKCYipGcpBlvVBWLPK4Amy/9
4wowJUuhLji8fdFrNrKS46ku1fIxLHSPoj+5ElG7HhMAyuZ5mw2tT/CQyQlMSsTL
5kObDYF9iwfAOzG/tlRObp5IZ8vesrhdSglLN7iZCyeko8iDP3blgm91KCGQMuqC
32a3vCkSwaR+tUhZVkmir1jYdOJKjVSLLle+WJhcjjsGBOcyC2JPpPLiZNyRPH3M
ZE3P/yYHPteCiDrPyf8HdEsVVkLlB2kPD0m5TbjN2HETKSPOn7G4JNc=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:15 2024 by rpki-client on console-ams.rpki-client.org