Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3132352e37362e302f32342d3234203d3e203630343538.roa
File: 3138352e3132352e37362e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: egjTlvN5yYyFC7HQ1Q/cM4qZ9xghCxDEcQUM+WHhv0s=
Subject key identifier: 49:61:CD:B0:C9:09:A4:6E:5D:00:06:E6:DF:27:3E:A0:08:B1:E9:B4
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 66F910BBFBCCC18733610D7047F5C0D653FAE818
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3132352e37362e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:17 +0000
ROA not before: Mon 03 Jun 2024 06:00:17 +0000
ROA not after: Mon 02 Jun 2025 06:05:17 +0000
asID: 60458
IP address blocks: 185.125.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:f9:10:bb:fb:cc:c1:87:33:61:0d:70:47:f5:c0:d6:53:fa:e8:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:17 2024 GMT
Not After : Jun 2 06:05:17 2025 GMT
Subject: CN=4961CDB0C909A46E5D0006E6DF273EA008B1E9B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:57:a8:aa:60:bb:c4:ff:ce:f7:02:44:73:f3:
d2:93:b8:e4:d4:a8:4c:a0:b5:2c:a6:22:b0:79:d9:
99:b5:24:53:07:74:0c:52:e8:90:c6:b2:95:07:2b:
0c:3f:76:51:5b:31:e2:12:d6:a4:a1:39:14:04:f8:
08:cb:42:a6:29:07:6e:6f:11:38:1b:1d:db:a4:01:
8d:93:e1:47:95:c4:7c:7a:77:00:56:9c:1d:4d:cd:
95:f1:39:00:91:8d:86:3f:1a:b9:06:27:19:bd:e3:
1b:e3:f4:3a:b4:65:7f:e0:9b:6c:b3:5c:cc:83:88:
89:c2:29:51:e8:7f:84:1f:a2:84:cd:d7:28:5c:50:
0a:a3:65:50:64:5d:01:41:f6:32:09:c2:6f:fc:fb:
b1:11:4c:b5:da:04:ea:44:9b:f8:d9:eb:68:a8:ef:
0b:1f:05:e2:dd:48:5e:57:e2:78:7b:d0:69:94:0c:
f0:ac:be:9a:0d:d5:48:b4:80:6e:63:67:47:60:9a:
df:03:5b:fc:8e:ae:41:6c:f7:f4:2a:67:6f:1e:f4:
74:3c:0b:e5:2d:be:7c:df:56:8d:da:68:c6:e0:63:
4a:99:9b:33:79:b3:a4:32:06:3c:45:73:38:7c:18:
57:5a:d0:0b:ac:04:bd:49:88:34:75:92:db:3e:38:
14:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:61:CD:B0:C9:09:A4:6E:5D:00:06:E6:DF:27:3E:A0:08:B1:E9:B4
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3132352e37362e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.76.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:d8:01:07:1f:0b:26:99:cd:0b:bf:55:97:93:58:b9:35:e4:
7f:ae:57:7a:59:c4:d6:20:26:c6:f9:51:71:f5:6c:f6:72:3a:
4f:5a:37:1c:99:70:b4:09:d5:55:86:ed:00:ce:10:a5:52:74:
d1:35:32:ff:14:ab:2f:25:91:0c:d2:45:db:72:63:bd:fc:39:
7c:49:35:25:37:23:88:31:34:07:c7:93:26:fa:56:a8:12:87:
74:13:98:d3:a5:70:aa:7a:99:70:17:96:52:88:39:63:37:44:
f2:9b:18:5c:4e:02:cc:94:db:a4:64:3d:82:93:55:e1:3e:6d:
6a:d7:42:54:ec:d9:48:3a:d8:17:47:d5:1b:02:0d:5a:78:36:
95:7e:4c:13:b5:f5:22:44:57:a0:f1:ec:40:b6:31:b5:c6:c0:
73:f0:1f:98:15:c9:6d:5e:00:b2:62:80:de:a2:c9:f3:c5:d2:
37:cc:0f:03:cb:47:5e:b8:83:41:2c:e0:60:35:81:e0:52:0e:
09:f4:43:d4:e8:6e:ac:67:75:3a:89:88:c2:9d:ff:0a:8c:1c:
f8:2d:f5:4e:ea:ee:94:af:1a:13:c4:80:11:fb:69:84:31:55:
a9:a5:84:eb:d8:c6:c5:21:48:b3:17:21:c3:bf:b2:5a:59:f3:
5d:6e:9b:54
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZvkQu/vMwYczYQ1wR/XA1lP66BgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTdaFw0yNTA2MDIwNjA1MTdaMDMxMTAvBgNV
BAMTKDQ5NjFDREIwQzkwOUE0NkU1RDAwMDZFNkRGMjczRUEwMDhCMUU5QjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRV6iqYLvE/873AkRz89KTuOTU
qEygtSymIrB52Zm1JFMHdAxS6JDGspUHKww/dlFbMeIS1qShORQE+AjLQqYpB25v
ETgbHdukAY2T4UeVxHx6dwBWnB1NzZXxOQCRjYY/GrkGJxm94xvj9Dq0ZX/gm2yz
XMyDiInCKVHof4QfooTN1yhcUAqjZVBkXQFB9jIJwm/8+7ERTLXaBOpEm/jZ62io
7wsfBeLdSF5X4nh70GmUDPCsvpoN1Ui0gG5jZ0dgmt8DW/yOrkFs9/QqZ28e9HQ8
C+UtvnzfVo3aaMbgY0qZmzN5s6QyBjxFczh8GFda0AusBL1JiDR1kts+OBQxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUSWHNsMkJpG5dAAbm3yc+oAix6bQwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTMyMzUyZTM3
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uX1MMA0GCSqGSIb3DQEBCwUAA4IBAQBv2AEHHwsmmc0Lv1WXk1i5NeR/rld6WcTW
ICbG+VFx9Wz2cjpPWjccmXC0CdVVhu0AzhClUnTRNTL/FKsvJZEM0kXbcmO9/Dl8
STUlNyOIMTQHx5Mm+laoEod0E5jTpXCqeplwF5ZSiDljN0TymxhcTgLMlNukZD2C
k1XhPm1q10JU7NlIOtgXR9UbAg1aeDaVfkwTtfUiRFeg8exAtjG1xsBz8B+YFclt
XgCyYoDeosnzxdI3zA8Dy0deuINBLOBgNYHgUg4J9EPU6G6sZ3U6iYjCnf8KjBz4
LfVO6u6UrxoTxIAR+2mEMVWppYTr2MbFIUizFyHDv7JaWfNdbptU
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org