Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231362e302f32342d3234203d3e203630343538.roa
File: 3138352e3135362e3231362e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: i3+h4aF4VisQVOs8GzWAOELAYb1H2hDjZq2C0mPJqcY=
Subject key identifier: 84:40:44:18:E8:6E:6E:A5:E0:02:5C:B7:44:DE:A5:EA:95:FA:40:E3
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 57DCBE3DC9A62195C84BA62C4C084C84E9086151
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231362e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jul 2023 05:41:57 +0000
ROA not before: Mon 03 Jul 2023 05:36:57 +0000
ROA not after: Mon 01 Jul 2024 05:41:57 +0000
asID: 60458
IP address blocks: 185.156.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:dc:be:3d:c9:a6:21:95:c8:4b:a6:2c:4c:08:4c:84:e9:08:61:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jul 3 05:36:57 2023 GMT
Not After : Jul 1 05:41:57 2024 GMT
Subject: CN=84404418E86E6EA5E0025CB744DEA5EA95FA40E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bf:cb:5d:55:e1:c6:c7:6f:d5:25:8a:77:4d:
44:c6:56:79:8d:53:c9:6d:33:93:e5:59:48:aa:47:
e2:89:87:60:bc:e9:25:38:de:69:17:75:8a:6d:c7:
d4:3c:6e:a5:49:7d:fc:39:e1:10:ad:3f:54:68:37:
24:a6:26:e6:4f:5e:1e:76:a2:cd:aa:41:0c:62:bd:
ff:1f:bf:8b:bf:03:7d:ab:a5:f2:af:8d:fa:01:d3:
bb:8d:83:05:c0:f5:63:31:7e:e3:13:00:2d:50:92:
71:f1:4f:67:a5:ad:4c:21:e2:0d:21:b2:65:17:cf:
ff:06:0b:1a:a2:0d:dd:55:f4:7f:be:34:df:85:9c:
d8:f5:9c:6a:e0:8e:2f:b7:be:94:26:a5:f5:4e:53:
33:e7:7b:0f:86:e3:c3:be:0b:fb:21:6e:37:a3:d0:
ec:95:6c:68:65:53:0b:57:e6:6d:4b:1d:eb:77:44:
3c:e3:f8:a6:6f:f6:98:5d:f5:25:a2:84:45:ca:a5:
50:7e:05:2b:fb:dc:7f:03:7c:5e:76:76:da:27:cf:
dc:c6:f3:3c:0e:88:b5:d3:6b:85:19:2b:4d:9f:0c:
a3:8c:28:0d:c8:f0:03:a4:1a:a5:fd:11:ad:6d:66:
df:0b:e9:d1:a0:ac:fb:38:98:62:64:67:43:56:81:
0e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:40:44:18:E8:6E:6E:A5:E0:02:5C:B7:44:DE:A5:EA:95:FA:40:E3
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231362e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.216.0/24
Signature Algorithm: sha256WithRSAEncryption
76:f0:25:fc:fc:81:11:88:6a:96:9b:55:c6:86:af:8a:63:0b:
fe:30:1e:07:c8:81:c6:68:27:fe:e9:3e:98:6d:4e:27:f3:d9:
99:7b:1a:da:f1:8f:51:1b:8c:4a:23:79:db:bd:9c:72:be:cf:
b4:d0:5f:8d:fd:8f:ad:5b:67:8e:87:22:24:3c:2c:87:9f:b2:
b9:60:30:25:f4:c0:5c:70:67:19:9e:65:c2:3a:91:66:fb:33:
41:c9:5d:b3:6d:cb:4e:4e:3d:3e:dd:f0:97:5c:db:39:a9:d6:
60:90:58:f0:76:c7:40:a6:c6:30:b2:31:33:fd:8a:8e:b1:10:
17:ab:91:b7:c5:76:eb:47:a1:74:fe:fe:7d:50:44:bb:db:d0:
f6:b6:ac:e0:bd:98:55:46:74:15:7b:11:21:3f:bf:7a:64:65:
5f:9a:b8:55:60:5f:a1:2b:11:3f:49:c0:51:d0:60:b0:0c:66:
3b:27:7a:db:36:11:1e:cb:1c:4a:c3:6f:13:92:f5:e7:f5:57:
cb:02:81:d8:64:ef:5d:12:96:ef:be:d1:22:b4:1e:7f:37:57:
0e:39:da:cd:90:8b:9e:f9:c3:9e:a7:13:d9:c8:11:f2:dd:7a:
b0:d5:a6:c2:9b:6d:4d:0e:e4:28:6d:57:a6:fd:3d:99:da:ee:
21:2c:12:40
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUV9y+PcmmIZXIS6YsTAhMhOkIYVEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yMzA3MDMwNTM2NTdaFw0yNDA3MDEwNTQxNTdaMDMxMTAvBgNV
BAMTKDg0NDA0NDE4RTg2RTZFQTVFMDAyNUNCNzQ0REVBNUVBOTVGQTQwRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCv8tdVeHGx2/VJYp3TUTGVnmN
U8ltM5PlWUiqR+KJh2C86SU43mkXdYptx9Q8bqVJffw54RCtP1RoNySmJuZPXh52
os2qQQxivf8fv4u/A32rpfKvjfoB07uNgwXA9WMxfuMTAC1QknHxT2elrUwh4g0h
smUXz/8GCxqiDd1V9H++NN+FnNj1nGrgji+3vpQmpfVOUzPnew+G48O+C/shbjej
0OyVbGhlUwtX5m1LHet3RDzj+KZv9phd9SWihEXKpVB+BSv73H8DfF52dtonz9zG
8zwOiLXTa4UZK02fDKOMKA3I8AOkGqX9Ea1tZt8L6dGgrPs4mGJkZ0NWgQ5LAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUhEBEGOhubqXgAly3RN6l6pX6QOMwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTM1MzYyZTMy
MzEzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNDM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5nNgwDQYJKoZIhvcNAQELBQADggEBAHbwJfz8gRGIapabVcaGr4pjC/4wHgfI
gcZoJ/7pPphtTifz2Zl7Gtrxj1EbjEojedu9nHK+z7TQX439j61bZ46HIiQ8LIef
srlgMCX0wFxwZxmeZcI6kWb7M0HJXbNty05OPT7d8Jdc2zmp1mCQWPB2x0CmxjCy
MTP9io6xEBerkbfFdutHoXT+/n1QRLvb0Pa2rOC9mFVGdBV7ESE/v3pkZV+auFVg
X6ErET9JwFHQYLAMZjsnets2ER7LHErDbxOS9ef1V8sCgdhk710Slu++0SK0Hn83
Vw452s2Qi575w56nE9nIEfLderDVpsKbbU0O5ChtV6b9PZna7iEsEkA=
-----END CERTIFICATE-----
Generated at Mon May 6 01:08:53 2024 by rpki-client on console-fra.rpki-client.org