Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3132352e37392e302f32342d3234203d3e203630343538.roa
File: 3138352e3132352e37392e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: 6bMsKitOUdBcqK+DC0Q6Ki6fqYFRE4NfOkuepLu+524=
Subject key identifier: A9:B5:26:89:3C:30:43:5B:C8:70:6D:0F:14:DF:5A:11:88:3F:70:99
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 72F5CEE0D2D58A710666D5968AB75389F2AAE66A
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3132352e37392e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:16 +0000
ROA not before: Mon 03 Jun 2024 06:00:16 +0000
ROA not after: Mon 02 Jun 2025 06:05:16 +0000
asID: 60458
IP address blocks: 185.125.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:f5:ce:e0:d2:d5:8a:71:06:66:d5:96:8a:b7:53:89:f2:aa:e6:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:16 2024 GMT
Not After : Jun 2 06:05:16 2025 GMT
Subject: CN=A9B526893C30435BC8706D0F14DF5A11883F7099
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:bc:8d:11:74:d3:30:f9:f7:1f:d5:c5:8a:b9:
5c:64:74:7d:27:64:80:3b:51:2f:d4:5f:ae:82:4e:
0f:c3:ea:e3:92:bb:ce:38:08:a5:55:a7:92:7a:d3:
55:e2:e0:0c:c6:7a:fe:15:ef:6b:e6:12:d2:cf:16:
14:7c:fa:27:e9:8d:61:2a:a9:79:81:60:41:a6:c8:
46:17:9f:0e:8a:1b:c3:91:55:df:ff:7b:e6:70:4d:
f5:a1:ae:bf:f0:64:fa:4c:b6:6e:3b:5f:90:af:ea:
c1:69:96:77:38:de:bf:05:29:d1:f0:27:d7:41:27:
7d:c8:18:3d:a5:ab:4a:87:61:20:22:d6:91:30:3c:
7b:78:e5:77:66:5d:47:6a:42:5b:0c:c5:a1:5b:a7:
66:0a:ab:2d:c5:8b:a1:03:8d:fb:8f:ad:94:9d:d1:
2b:7d:e2:f4:8d:a1:c9:cb:a5:a8:e9:e7:68:9d:65:
8c:af:65:eb:f6:72:ff:d0:b5:a7:8e:4f:c6:6c:67:
6a:11:c8:3b:1e:08:c3:e1:95:11:63:e0:c7:f5:e2:
e3:d8:eb:d8:6d:89:12:f4:69:9d:60:4b:aa:98:1c:
80:d4:20:6e:2a:14:81:46:9f:c2:b6:8e:a6:de:15:
f8:44:9d:93:82:1d:83:59:0b:1a:32:75:ba:ef:33:
c4:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:B5:26:89:3C:30:43:5B:C8:70:6D:0F:14:DF:5A:11:88:3F:70:99
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3132352e37392e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.79.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:b1:2a:c7:da:96:d7:32:43:6e:40:33:84:d8:f6:a8:ad:0f:
0c:e0:34:08:af:b5:99:53:b1:0c:67:68:9c:3d:52:80:85:68:
28:f5:07:f7:93:1f:d9:8b:44:a2:0b:d5:95:24:5b:2c:72:7f:
db:fe:5f:40:b3:35:44:1b:1b:67:15:a2:a6:9b:d7:63:44:85:
b1:4e:63:86:4e:be:00:16:b6:db:5e:f7:0b:fd:81:93:1c:ef:
9d:51:70:d5:a3:97:c2:a6:26:5e:05:02:8d:c6:4b:df:cc:11:
5f:9c:f7:44:d8:16:08:8a:36:77:b2:55:29:bf:a2:47:1d:01:
52:ba:8a:70:a0:f1:2b:b8:30:e5:23:b1:1d:98:72:62:aa:32:
f3:13:6e:03:fc:73:b4:e7:d7:60:c0:fe:0b:e1:bd:98:fc:f4:
14:d0:c9:92:dd:0c:7c:7d:e9:bf:61:4a:94:aa:bf:d0:73:a1:
46:a1:97:32:46:3b:8e:a3:9a:cf:69:19:d6:a5:5c:5a:2f:fb:
39:ee:03:2e:13:aa:d0:94:ee:2c:12:e9:34:e2:84:b4:bb:97:
4f:cb:14:64:5a:59:78:b8:5e:40:a4:e7:8a:9f:dd:5e:18:53:
6d:17:86:a1:f9:ad:cc:cf:28:1e:be:0d:db:d1:73:a5:17:ff:
8b:ba:9d:22
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUcvXO4NLVinEGZtWWirdTifKq5mowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTZaFw0yNTA2MDIwNjA1MTZaMDMxMTAvBgNV
BAMTKEE5QjUyNjg5M0MzMDQzNUJDODcwNkQwRjE0REY1QTExODgzRjcwOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBvI0RdNMw+fcf1cWKuVxkdH0n
ZIA7US/UX66CTg/D6uOSu844CKVVp5J601Xi4AzGev4V72vmEtLPFhR8+ifpjWEq
qXmBYEGmyEYXnw6KG8ORVd//e+ZwTfWhrr/wZPpMtm47X5Cv6sFplnc43r8FKdHw
J9dBJ33IGD2lq0qHYSAi1pEwPHt45XdmXUdqQlsMxaFbp2YKqy3Fi6EDjfuPrZSd
0St94vSNocnLpajp52idZYyvZev2cv/QtaeOT8ZsZ2oRyDseCMPhlRFj4Mf14uPY
69htiRL0aZ1gS6qYHIDUIG4qFIFGn8K2jqbeFfhEnZOCHYNZCxoydbrvM8T9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqbUmiTwwQ1vIcG0PFN9aEYg/cJkwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTMyMzUyZTM3
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uX1PMA0GCSqGSIb3DQEBCwUAA4IBAQA8sSrH2pbXMkNuQDOE2PaorQ8M4DQIr7WZ
U7EMZ2icPVKAhWgo9Qf3kx/Zi0SiC9WVJFsscn/b/l9AszVEGxtnFaKmm9djRIWx
TmOGTr4AFrbbXvcL/YGTHO+dUXDVo5fCpiZeBQKNxkvfzBFfnPdE2BYIijZ3slUp
v6JHHQFSuopwoPEruDDlI7EdmHJiqjLzE24D/HO059dgwP4L4b2Y/PQU0MmS3Qx8
fem/YUqUqr/Qc6FGoZcyRjuOo5rPaRnWpVxaL/s57gMuE6rQlO4sEuk04oS0u5dP
yxRkWll4uF5ApOeKn91eGFNtF4ah+a3Mzygevg3b0XOlF/+Lup0i
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:50 2024 by rpki-client on console-fra.rpki-client.org