Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231362e302f32342d3234203d3e203630343538.roa
File: 3138352e3135362e3231362e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: ALtE4rA0qkakD26O1pKsp2Bxp6wYcZcO5dyC1MXQvMI=
Subject key identifier: 10:10:C8:BA:15:57:4A:A9:D3:B3:A3:5F:99:F4:E1:98:EC:EF:FC:68
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 3E47FD5628DED08ECB61033BDE21C54E5C3485FD
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231362e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:17 +0000
ROA not before: Mon 03 Jun 2024 06:00:17 +0000
ROA not after: Mon 02 Jun 2025 06:05:17 +0000
asID: 60458
IP address blocks: 185.156.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:47:fd:56:28:de:d0:8e:cb:61:03:3b:de:21:c5:4e:5c:34:85:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:17 2024 GMT
Not After : Jun 2 06:05:17 2025 GMT
Subject: CN=1010C8BA15574AA9D3B3A35F99F4E198ECEFFC68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2b:9e:4b:08:08:1f:23:91:6f:3e:53:47:9c:
3a:ec:78:ce:b4:cc:41:ed:5f:5a:e3:60:b6:e1:a1:
ee:62:14:b1:5d:ed:f8:d6:f9:2a:c0:a3:14:ec:27:
22:7f:be:14:29:a7:e8:c4:c5:cb:79:22:02:ad:e3:
c6:13:c8:2b:f2:a1:5f:6d:a0:60:8d:d9:43:e9:8b:
75:30:93:ab:54:b0:78:1a:e2:87:4a:e7:3a:29:16:
5d:0d:35:f3:40:ac:07:b6:bc:12:29:8e:e9:23:17:
ac:78:c6:72:0b:ad:c9:e0:6f:7d:35:e2:50:4d:c6:
15:04:b2:40:96:a7:8a:ef:a8:e1:fa:22:e3:d5:63:
ce:b4:26:75:22:9c:12:79:36:39:26:66:2d:ca:4a:
92:1f:a4:f3:80:16:5f:2b:5e:32:b2:ea:3a:2f:ef:
ed:49:6f:a5:83:99:48:00:c0:7c:58:e1:37:5a:c5:
cf:10:41:14:68:e9:d2:5e:da:ac:a7:6e:1a:cc:50:
c9:8e:8d:28:e3:12:aa:44:f2:dc:01:4f:a8:c4:46:
1b:9d:dc:77:be:5f:84:24:6d:e2:11:43:cd:d1:6d:
8f:e9:19:f3:88:56:f0:5b:22:71:0b:32:07:9c:8f:
e0:ee:45:08:4f:26:2d:e1:cc:8a:9a:d8:c3:65:56:
70:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:10:C8:BA:15:57:4A:A9:D3:B3:A3:5F:99:F4:E1:98:EC:EF:FC:68
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231362e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.216.0/24
Signature Algorithm: sha256WithRSAEncryption
83:9f:bd:17:f4:07:a3:26:10:56:85:dd:93:ef:58:f1:b3:5c:
51:c6:6e:eb:ee:1c:0a:b7:90:3a:ea:98:d3:52:9a:94:88:77:
83:3f:6b:7d:32:0d:53:95:80:39:f1:5c:c5:42:6e:68:b3:c6:
87:fa:cb:1d:74:76:e1:cf:0c:11:7c:04:e7:d5:ef:72:ad:4e:
68:24:7a:a9:70:29:af:ca:5e:21:d7:62:bd:9c:44:a1:f4:ab:
f0:e5:4d:2b:d3:0c:71:83:5f:27:37:f6:f1:23:b7:d1:85:83:
bc:36:54:d1:72:5b:6c:13:43:14:ad:34:93:fc:b8:b3:0c:c5:
33:2f:cf:6c:99:0e:a8:c5:b1:c8:b7:5d:44:34:85:c8:30:06:
7b:bc:af:5d:86:79:d7:54:d6:a9:73:85:c3:d6:7a:d0:d9:90:
4a:b7:b4:0c:26:5e:7c:54:37:f6:b2:db:58:71:de:6c:1b:dc:
4e:12:c5:73:59:8f:28:08:9e:58:43:01:31:e0:71:a7:11:a7:
94:b6:ac:86:62:70:93:78:a4:b7:3a:40:c5:b4:4d:db:a9:d5:
bb:ef:09:25:bf:2f:bb:b6:f4:48:c3:c4:82:aa:b5:f3:bf:77:
c6:47:84:0c:1d:f6:44:0c:09:72:72:ab:05:39:81:84:5e:6c:
16:8f:8c:76
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPkf9Vije0I7LYQM73iHFTlw0hf0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTdaFw0yNTA2MDIwNjA1MTdaMDMxMTAvBgNV
BAMTKDEwMTBDOEJBMTU1NzRBQTlEM0IzQTM1Rjk5RjRFMTk4RUNFRkZDNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkK55LCAgfI5FvPlNHnDrseM60
zEHtX1rjYLbhoe5iFLFd7fjW+SrAoxTsJyJ/vhQpp+jExct5IgKt48YTyCvyoV9t
oGCN2UPpi3Uwk6tUsHga4odK5zopFl0NNfNArAe2vBIpjukjF6x4xnILrcngb301
4lBNxhUEskCWp4rvqOH6IuPVY860JnUinBJ5NjkmZi3KSpIfpPOAFl8rXjKy6jov
7+1Jb6WDmUgAwHxY4Tdaxc8QQRRo6dJe2qynbhrMUMmOjSjjEqpE8twBT6jERhud
3He+X4QkbeIRQ83RbY/pGfOIVvBbInELMgecj+DuRQhPJi3hzIqa2MNlVnBRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUEBDIuhVXSqnTs6NfmfThmOzv/GgwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTM1MzYyZTMy
MzEzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNDM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5nNgwDQYJKoZIhvcNAQELBQADggEBAIOfvRf0B6MmEFaF3ZPvWPGzXFHGbuvu
HAq3kDrqmNNSmpSId4M/a30yDVOVgDnxXMVCbmizxof6yx10duHPDBF8BOfV73Kt
TmgkeqlwKa/KXiHXYr2cRKH0q/DlTSvTDHGDXyc39vEjt9GFg7w2VNFyW2wTQxSt
NJP8uLMMxTMvz2yZDqjFsci3XUQ0hcgwBnu8r12GeddU1qlzhcPWetDZkEq3tAwm
XnxUN/ay21hx3mwb3E4SxXNZjygInlhDATHgcacRp5S2rIZicJN4pLc6QMW0Tdup
1bvvCSW/L7u29EjDxIKqtfO/d8ZHhAwd9kQMCXJyqwU5gYRebBaPjHY=
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:50 2024 by rpki-client on console-fra.rpki-client.org