Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135352e302f32342d3234203d3e203434373731.roa
File: 3138352e3134392e3135352e302f32342d3234203d3e203434373731.roa (raw, json)
Hash identifier: 4XqIXzABkCq3gofskylIjQhpky7W4wsfBDZLMpMvFrs=
Subject key identifier: 04:73:40:ED:9F:A4:05:24:31:4C:AF:31:E1:AA:AD:2B:59:2D:EF:4F
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 15BBC9DD74DE21C3D1FCD6F2028D2E692845E59C
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135352e302f32342d3234203d3e203434373731.roa
Signing time: Fri 07 Jul 2023 08:08:14 +0000
ROA not before: Fri 07 Jul 2023 08:03:14 +0000
ROA not after: Fri 05 Jul 2024 08:08:14 +0000
asID: 44771
IP address blocks: 185.149.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:bb:c9:dd:74:de:21:c3:d1:fc:d6:f2:02:8d:2e:69:28:45:e5:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:14 2023 GMT
Not After : Jul 5 08:08:14 2024 GMT
Subject: CN=047340ED9FA40524314CAF31E1AAAD2B592DEF4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b7:3c:91:5a:33:36:c0:67:43:f0:4a:c2:93:
55:bb:17:5f:66:09:92:75:31:4e:49:d3:71:fc:ed:
3c:4d:08:01:05:f1:24:36:9e:66:17:c2:6b:19:24:
c3:30:b4:1d:e5:d2:84:2e:52:4e:4d:7f:6e:a8:0f:
49:55:6e:eb:96:18:08:14:4b:0f:92:90:93:ec:1a:
59:35:67:6b:f6:9b:5d:24:d6:05:39:19:e6:3c:02:
8b:04:72:6f:45:b8:ac:94:8b:ab:e2:9e:6c:24:47:
33:96:a8:4f:e0:ff:76:fd:41:af:ef:80:67:01:80:
b0:fc:9a:fb:64:17:42:dc:8d:93:c4:a5:39:c2:a6:
37:cb:2b:32:90:d2:db:1d:51:90:79:4f:6b:25:53:
eb:15:0f:45:cd:60:4d:23:64:c2:ec:15:c9:c4:8e:
ad:bb:d7:70:e4:2a:3d:55:c4:17:13:c2:61:30:ff:
c8:e0:b1:a8:c1:46:2f:68:8e:57:25:50:f3:47:a5:
e2:56:f9:f1:d1:b1:51:10:16:95:c9:63:c6:e9:6e:
68:be:f9:31:23:bf:79:b9:c6:0e:21:a5:74:a1:93:
cf:61:bf:f4:48:24:52:c8:de:30:cf:6a:dd:30:8b:
d2:ef:6b:9c:1c:3f:cb:91:49:d8:b8:fc:c4:22:b6:
e0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:73:40:ED:9F:A4:05:24:31:4C:AF:31:E1:AA:AD:2B:59:2D:EF:4F
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135352e302f32342d3234203d3e203434373731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.155.0/24
Signature Algorithm: sha256WithRSAEncryption
93:bd:24:47:ab:42:9d:26:3c:2e:e6:ef:f1:ac:7d:28:b9:0b:
97:14:c2:4f:5e:df:31:54:13:ce:53:85:0d:33:00:77:e7:18:
47:4e:fc:9b:ae:26:b2:af:41:5a:9b:82:90:83:d8:63:0e:ed:
7a:64:4b:86:33:d7:51:5b:84:52:a2:0b:35:25:73:88:ad:23:
3f:0c:6d:4f:ec:ac:f9:9c:98:5d:92:ea:ba:11:b4:75:9f:be:
bd:6a:61:8a:de:f2:68:90:bf:ff:50:f7:bb:24:70:a1:40:eb:
f1:d8:07:40:07:fc:80:4c:2b:34:78:43:37:0d:a2:89:8c:4e:
15:9f:4b:31:a7:41:7f:32:95:da:9d:8d:32:63:22:7b:9f:bb:
c4:14:97:55:ec:f9:2c:18:04:ce:ac:e4:5f:c8:f0:38:14:01:
a5:2f:5d:de:f2:d2:1a:5c:7b:21:47:f8:d4:b7:71:68:d0:e6:
77:21:89:bf:1b:6a:f1:df:22:00:67:5f:87:b8:b6:ad:e7:f3:
f0:57:1d:de:8d:3a:59:84:2b:17:91:50:12:7c:e9:d3:78:7d:
b2:47:c3:2c:3e:92:cc:e0:9d:89:d3:bc:cc:d8:c3:db:9c:24:
7f:92:d1:24:8e:38:f1:d4:49:91:ef:72:51:9e:e0:44:21:3e:
21:14:2f:a5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFbvJ3XTeIcPR/NbyAo0uaShF5ZwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTRaFw0yNDA3MDUwODA4MTRaMDMxMTAvBgNV
BAMTKDA0NzM0MEVEOUZBNDA1MjQzMTRDQUYzMUUxQUFBRDJCNTkyREVGNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgtzyRWjM2wGdD8ErCk1W7F19m
CZJ1MU5J03H87TxNCAEF8SQ2nmYXwmsZJMMwtB3l0oQuUk5Nf26oD0lVbuuWGAgU
Sw+SkJPsGlk1Z2v2m10k1gU5GeY8AosEcm9FuKyUi6vinmwkRzOWqE/g/3b9Qa/v
gGcBgLD8mvtkF0LcjZPEpTnCpjfLKzKQ0tsdUZB5T2slU+sVD0XNYE0jZMLsFcnE
jq2713DkKj1VxBcTwmEw/8jgsajBRi9ojlclUPNHpeJW+fHRsVEQFpXJY8bpbmi+
+TEjv3m5xg4hpXShk89hv/RIJFLI3jDPat0wi9Lva5wcP8uRSdi4/MQituDdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUBHNA7Z+kBSQxTK8x4aqtK1kt708wHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzEzODM1MmUzMTM0MzkyZTMx
MzUzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzQzNzM3MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5lZswDQYJKoZIhvcNAQELBQADggEBAJO9JEerQp0mPC7m7/GsfSi5C5cUwk9e
3zFUE85ThQ0zAHfnGEdO/JuuJrKvQVqbgpCD2GMO7XpkS4Yz11FbhFKiCzUlc4it
Iz8MbU/srPmcmF2S6roRtHWfvr1qYYre8miQv/9Q97skcKFA6/HYB0AH/IBMKzR4
QzcNoomMThWfSzGnQX8yldqdjTJjInufu8QUl1Xs+SwYBM6s5F/I8DgUAaUvXd7y
0hpceyFH+NS3cWjQ5nchib8bavHfIgBnX4e4tq3n8/BXHd6NOlmEKxeRUBJ86dN4
fbJHwyw+kszgnYnTvMzYw9ucJH+S0SSOOPHUSZHvclGe4EQhPiEUL6U=
-----END CERTIFICATE-----
Generated at Fri May 17 14:34:42 2024 by rpki-client on console-ams.rpki-client.org