Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3130302e37322e302f32322d3232203d3e203630343538.roa
File: 3138352e3130302e37322e302f32322d3232203d3e203630343538.roa (raw, json)
Hash identifier: AbGpHoY1Iwp7hjUY4kwLV7IvmjI6O5sTwEf9p60eEDQ=
Subject key identifier: F4:D2:53:F0:02:38:50:6C:8E:26:D4:5F:C3:9F:45:A8:7A:82:52:70
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 31382CB02CE1C2A3A1A6B8FECB2A80EF070EFF7B
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3130302e37322e302f32322d3232203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:17 +0000
ROA not before: Mon 03 Jun 2024 06:00:17 +0000
ROA not after: Mon 02 Jun 2025 06:05:17 +0000
asID: 60458
IP address blocks: 185.100.72.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:38:2c:b0:2c:e1:c2:a3:a1:a6:b8:fe:cb:2a:80:ef:07:0e:ff:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:17 2024 GMT
Not After : Jun 2 06:05:17 2025 GMT
Subject: CN=F4D253F00238506C8E26D45FC39F45A87A825270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b7:fa:63:e8:58:35:3f:45:6b:ad:33:fc:ea:
6e:47:bc:ad:6e:67:85:55:ac:b2:f5:2c:da:bb:31:
b0:fe:22:c6:68:68:77:6d:21:fc:4d:f1:a5:45:71:
10:cc:18:b6:51:41:12:16:d1:fd:c8:55:28:b0:b2:
ce:bb:98:a3:3d:c2:ad:ac:7b:6f:32:a0:07:60:4a:
9d:c1:2b:2c:b4:2f:ce:ca:7d:d9:33:f3:2f:0c:ab:
7c:2d:6b:6f:e2:eb:c7:cb:ee:96:db:2d:55:53:47:
05:f0:f8:4f:fd:a8:3a:41:78:1a:0d:1f:83:2e:ce:
4b:79:37:aa:40:16:8d:94:61:a3:57:49:4d:bb:3f:
14:9b:6b:11:9a:5c:83:69:c0:c3:c2:b5:f4:a4:5f:
ac:95:94:48:7a:27:5f:9d:8a:f2:d5:5e:a9:0c:a0:
d7:b4:57:2e:78:59:86:2f:ed:39:5a:a0:07:19:75:
54:b5:84:86:37:ee:3f:fd:a6:61:10:2d:30:41:5b:
6f:69:9c:92:b5:90:90:7c:cc:79:f7:a7:b8:a2:b2:
8e:52:27:8e:4d:8f:b5:7d:16:9f:44:ff:a0:9c:83:
67:b1:40:04:38:af:e1:6a:19:38:35:98:c9:c0:1b:
47:6c:54:75:e8:b3:88:80:0b:41:72:43:98:51:88:
9b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:D2:53:F0:02:38:50:6C:8E:26:D4:5F:C3:9F:45:A8:7A:82:52:70
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3130302e37322e302f32322d3232203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.72.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:a0:fc:5a:36:6b:90:78:cc:18:9b:28:02:89:ab:38:a3:45:
12:a3:84:f8:96:81:ef:30:f6:fc:1a:2e:6b:65:24:0b:fd:13:
b4:7a:30:1e:17:5f:07:da:a8:a4:37:2a:a8:4d:ac:d1:43:4c:
34:78:bc:28:46:f0:10:f9:4b:27:33:4c:7d:59:d9:76:38:b2:
11:bb:0f:48:a0:50:d9:f8:12:65:45:48:4e:14:cf:62:ca:61:
39:01:84:2c:f0:89:03:6a:9b:f9:a8:de:88:07:44:e6:df:14:
2a:22:3c:05:a5:2a:c5:ae:6a:49:2c:d0:84:3c:0a:ce:05:16:
78:e6:b4:b0:6c:da:3c:8a:32:bd:48:e8:24:45:de:d8:1a:5f:
9c:8d:7e:32:ae:a6:63:8a:da:8b:05:73:ec:3b:36:f3:d1:5c:
9f:59:0f:89:75:69:1a:de:49:1b:44:c3:95:b3:6e:62:1c:20:
6a:9b:18:3c:a3:22:cd:08:1c:7c:ce:a8:84:ca:78:08:af:41:
62:b9:ec:ae:23:3a:67:a9:d2:6e:36:53:b1:a1:8f:22:9d:3a:
91:bf:2a:f2:84:6b:1f:b2:2e:04:68:47:50:2f:36:8c:2a:93:
5a:72:98:d5:43:ab:fc:79:61:dd:e1:7a:26:f5:d0:49:71:27:
9c:66:bd:b3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMTgssCzhwqOhprj+yyqA7wcO/3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTdaFw0yNTA2MDIwNjA1MTdaMDMxMTAvBgNV
BAMTKEY0RDI1M0YwMDIzODUwNkM4RTI2RDQ1RkMzOUY0NUE4N0E4MjUyNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmt/pj6Fg1P0VrrTP86m5HvK1u
Z4VVrLL1LNq7MbD+IsZoaHdtIfxN8aVFcRDMGLZRQRIW0f3IVSiwss67mKM9wq2s
e28yoAdgSp3BKyy0L87Kfdkz8y8Mq3wta2/i68fL7pbbLVVTRwXw+E/9qDpBeBoN
H4Muzkt5N6pAFo2UYaNXSU27PxSbaxGaXINpwMPCtfSkX6yVlEh6J1+divLVXqkM
oNe0Vy54WYYv7TlaoAcZdVS1hIY37j/9pmEQLTBBW29pnJK1kJB8zHn3p7iiso5S
J45Nj7V9Fp9E/6Ccg2exQAQ4r+FqGTg1mMnAG0dsVHXos4iAC0FyQ5hRiJtNAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU9NJT8AI4UGyOJtRfw59FqHqCUnAwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTMwMzAyZTM3
MzIyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
uWRIMA0GCSqGSIb3DQEBCwUAA4IBAQCmoPxaNmuQeMwYmygCias4o0USo4T4loHv
MPb8Gi5rZSQL/RO0ejAeF18H2qikNyqoTazRQ0w0eLwoRvAQ+UsnM0x9Wdl2OLIR
uw9IoFDZ+BJlRUhOFM9iymE5AYQs8IkDapv5qN6IB0Tm3xQqIjwFpSrFrmpJLNCE
PArOBRZ45rSwbNo8ijK9SOgkRd7YGl+cjX4yrqZjitqLBXPsOzbz0VyfWQ+JdWka
3kkbRMOVs25iHCBqmxg8oyLNCBx8zqiEyngIr0FiueyuIzpnqdJuNlOxoY8inTqR
vyryhGsfsi4EaEdQLzaMKpNacpjVQ6v8eWHd4Xom9dBJcSecZr2z
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org