Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3132352e37382e302f32342d3234203d3e203630343538.roa
File: 3138352e3132352e37382e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: Yx85jlC/pqOIJh9zjrd7wmwgYOsvMkGtTigiR7bSUBQ=
Subject key identifier: 0F:A9:E2:1F:51:CD:8E:6C:0B:90:D6:72:63:94:89:A8:9F:DF:C3:0C
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 1BA7A112E6F59B0FC749A408400DED0B5A1ED6BB
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3132352e37382e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jul 2023 05:42:02 +0000
ROA not before: Mon 03 Jul 2023 05:37:02 +0000
ROA not after: Mon 01 Jul 2024 05:42:02 +0000
asID: 60458
IP address blocks: 185.125.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:a7:a1:12:e6:f5:9b:0f:c7:49:a4:08:40:0d:ed:0b:5a:1e:d6:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jul 3 05:37:02 2023 GMT
Not After : Jul 1 05:42:02 2024 GMT
Subject: CN=0FA9E21F51CD8E6C0B90D672639489A89FDFC30C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ce:4a:98:35:36:e8:d6:b6:ea:5c:d3:15:4a:
d4:67:0a:70:87:1e:a6:54:a4:7e:ba:b6:4f:c4:32:
82:fd:6b:28:7d:57:a4:79:29:4f:fd:d1:00:ac:98:
9e:bf:5b:11:44:30:d0:b5:4c:48:b0:cc:cb:e6:64:
d9:f0:a7:6a:24:40:4f:59:62:4f:34:e7:da:b1:a3:
f7:01:f6:13:e5:1d:f8:a1:24:b4:56:bb:cf:db:4f:
28:88:c6:3a:a1:95:82:5a:32:36:57:e1:9a:91:0d:
f4:95:67:2d:1c:0e:f2:31:26:fd:3e:59:a4:df:c9:
42:c2:69:44:fc:7b:a5:71:57:ed:a0:62:e2:70:73:
05:df:52:a3:d0:d8:8d:4f:88:65:48:87:eb:fd:f4:
a4:1f:3f:a0:0f:9e:58:07:b5:7e:ef:89:a2:1c:f8:
fc:47:0b:81:54:98:9b:3e:60:22:90:2e:0a:05:a8:
8e:76:b5:09:5a:5c:10:04:5b:d0:e8:bf:93:04:11:
f2:c3:b4:dc:2a:fe:6e:7e:f1:cd:88:c0:8b:d7:cb:
e4:42:16:b0:f4:67:39:5a:45:27:9c:f1:93:7f:af:
25:81:f9:f8:03:85:42:0e:97:8f:15:e5:fe:9c:ac:
88:fa:e8:6b:b5:04:59:f2:c1:85:68:e6:a2:f4:cd:
d4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A9:E2:1F:51:CD:8E:6C:0B:90:D6:72:63:94:89:A8:9F:DF:C3:0C
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3132352e37382e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.78.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:f4:bc:ba:6d:08:17:29:bd:f7:5f:86:ae:b8:ec:76:c7:71:
b9:91:4a:78:62:d1:eb:58:52:bc:5c:ac:57:5e:e6:59:6b:0e:
fd:84:b8:ce:4d:1b:1f:64:e8:af:64:31:04:b9:95:58:b2:f2:
92:66:11:fb:b1:a4:5e:5f:fb:53:fd:22:bf:4c:26:b9:a2:cb:
b9:12:38:c7:1f:21:de:9f:1f:ff:da:c7:10:b2:55:c6:f2:36:
a9:b8:e1:66:1c:26:86:b6:07:07:5b:9d:8b:3d:f9:e6:c7:a5:
6b:48:de:8d:2a:ad:b0:43:d5:75:ce:54:f1:67:6e:51:a8:cd:
88:a7:f9:1b:23:6f:78:3f:f8:e6:be:fd:2c:2f:51:9e:27:c0:
46:3f:11:57:68:19:2f:38:c3:fd:09:d2:8e:9b:ba:da:cc:b9:
f5:f6:4c:02:59:ee:b9:92:f4:c4:13:31:f0:ad:0d:12:20:64:
59:a7:d8:03:cb:49:54:76:b1:9c:b3:5d:cb:50:55:90:76:06:
33:9f:fb:01:98:da:da:94:6c:e2:9a:3c:99:a4:dc:d7:fb:cd:
2f:3b:16:5d:4f:a8:20:19:a6:3a:ea:64:cd:f7:0e:8b:bc:48:
2b:ed:1b:53:d0:50:7e:64:e2:21:6e:09:1e:ab:62:b0:92:8d:
7a:c9:1c:7d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUG6ehEub1mw/HSaQIQA3tC1oe1rswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yMzA3MDMwNTM3MDJaFw0yNDA3MDEwNTQyMDJaMDMxMTAvBgNV
BAMTKDBGQTlFMjFGNTFDRDhFNkMwQjkwRDY3MjYzOTQ4OUE4OUZERkMzMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5zkqYNTbo1rbqXNMVStRnCnCH
HqZUpH66tk/EMoL9ayh9V6R5KU/90QCsmJ6/WxFEMNC1TEiwzMvmZNnwp2okQE9Z
Yk8059qxo/cB9hPlHfihJLRWu8/bTyiIxjqhlYJaMjZX4ZqRDfSVZy0cDvIxJv0+
WaTfyULCaUT8e6VxV+2gYuJwcwXfUqPQ2I1PiGVIh+v99KQfP6APnlgHtX7viaIc
+PxHC4FUmJs+YCKQLgoFqI52tQlaXBAEW9Dov5MEEfLDtNwq/m5+8c2IwIvXy+RC
FrD0ZzlaRSec8ZN/ryWB+fgDhUIOl48V5f6crIj66Gu1BFnywYVo5qL0zdQlAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUD6niH1HNjmwLkNZyY5SJqJ/fwwwwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTMyMzUyZTM3
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uX1OMA0GCSqGSIb3DQEBCwUAA4IBAQC79Ly6bQgXKb33X4auuOx2x3G5kUp4YtHr
WFK8XKxXXuZZaw79hLjOTRsfZOivZDEEuZVYsvKSZhH7saReX/tT/SK/TCa5osu5
EjjHHyHenx//2scQslXG8japuOFmHCaGtgcHW52LPfnmx6VrSN6NKq2wQ9V1zlTx
Z25RqM2Ip/kbI294P/jmvv0sL1GeJ8BGPxFXaBkvOMP9CdKOm7razLn19kwCWe65
kvTEEzHwrQ0SIGRZp9gDy0lUdrGcs13LUFWQdgYzn/sBmNralGzimjyZpNzX+80v
OxZdT6ggGaY66mTN9w6LvEgr7RtT0FB+ZOIhbgkeq2Kwko16yRx9
-----END CERTIFICATE-----
Generated at Mon May 6 01:02:59 2024 by rpki-client on console-ams.rpki-client.org