Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231382e302f32342d3234203d3e203630343538.roa
File: 3138352e3135362e3231382e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: NhGQeWUg6vIMhNcHN6bTvZm6URetlkY9NVPEBzs9QAg=
Subject key identifier: CE:96:A4:0F:82:D3:D3:3E:CE:D9:9B:63:3E:27:E8:91:57:1B:B8:1E
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 2C560A4CBB426324B161DB70649BAB064B618395
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231382e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jul 2023 05:41:56 +0000
ROA not before: Mon 03 Jul 2023 05:36:56 +0000
ROA not after: Mon 01 Jul 2024 05:41:56 +0000
asID: 60458
IP address blocks: 185.156.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:56:0a:4c:bb:42:63:24:b1:61:db:70:64:9b:ab:06:4b:61:83:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jul 3 05:36:56 2023 GMT
Not After : Jul 1 05:41:56 2024 GMT
Subject: CN=CE96A40F82D3D33ECED99B633E27E891571BB81E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ba:7c:19:2f:a1:99:a5:21:95:bd:62:b3:66:
eb:95:33:49:70:3c:cb:29:04:cc:4e:de:90:ce:09:
12:c4:a8:23:0c:15:e7:6d:d7:b0:e3:66:9b:dc:71:
f8:96:83:2c:60:ca:9b:16:61:8d:0d:36:cd:38:b5:
82:81:cb:d6:63:46:02:2f:39:08:d1:ac:91:9d:40:
e6:2d:13:7e:a2:a9:57:39:97:c8:e9:5c:c1:ec:1c:
96:77:da:72:0b:f0:ff:20:3f:a7:27:bc:30:c9:4a:
a6:bb:9d:65:fe:77:82:8a:d3:59:11:c5:b5:19:af:
8b:56:04:0d:7d:56:86:b1:6c:ab:11:6f:79:b6:ae:
9c:e7:43:ca:5f:77:20:0e:51:a6:7b:a2:7e:3b:c8:
6f:b0:2e:ed:79:dc:76:c0:e3:80:76:e5:dc:f7:cf:
21:18:7d:90:e4:83:54:c5:95:59:6d:75:3c:10:34:
02:19:42:89:0a:a5:7c:ec:e5:8b:6d:35:fb:f5:78:
00:23:cb:73:87:7d:14:86:06:49:df:cd:f1:a8:45:
08:dd:f3:8c:44:63:e5:5e:7a:58:87:0c:87:3a:21:
da:0a:43:ac:56:b1:bd:a5:93:dc:e9:94:03:4d:79:
9f:f3:69:63:b7:77:45:97:85:90:c2:89:a8:59:b5:
5d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:96:A4:0F:82:D3:D3:3E:CE:D9:9B:63:3E:27:E8:91:57:1B:B8:1E
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231382e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.218.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:43:9c:22:10:1d:b2:b1:0a:bb:99:c0:6a:10:42:50:a2:67:
53:b0:33:6f:af:d2:50:2d:b1:36:84:23:a5:7a:5c:78:d1:28:
37:50:ad:12:48:41:9f:6a:de:22:bc:67:e7:6c:5c:6c:f5:a5:
70:32:77:5f:15:7b:18:65:dd:e5:60:af:f3:75:c9:1a:6e:a6:
7f:b7:56:7e:97:bd:67:ce:c2:46:55:1a:98:c4:4f:aa:0f:17:
1f:56:6f:10:5c:2f:fb:52:80:d1:cb:33:b7:38:9c:fd:8e:92:
e3:25:01:2c:4c:c0:bd:82:e7:90:e9:bf:3b:e6:2b:3b:d6:8e:
86:f0:70:ce:f7:ce:50:ac:fb:e5:2e:15:fb:de:fe:81:74:37:
f7:e0:3c:c9:7b:0e:94:8b:84:a2:dc:c6:b6:09:bb:d7:1c:f0:
0b:57:63:04:66:94:33:8d:ba:6a:54:7f:0c:a8:e2:e0:1a:6b:
fa:df:56:17:1e:20:0e:ac:40:bf:c4:3c:0c:09:ca:fc:23:95:
de:56:78:e3:9e:62:42:0d:f1:66:01:6b:ff:2b:aa:2e:4d:82:
6a:a7:94:92:fe:e5:4e:4b:48:0e:b3:1a:d8:4b:b6:b8:f6:be:
c4:3c:90:0a:25:e4:1d:d8:78:2f:92:ae:c5:dc:40:0e:fa:ed:
84:17:aa:cb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULFYKTLtCYySxYdtwZJurBkthg5UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yMzA3MDMwNTM2NTZaFw0yNDA3MDEwNTQxNTZaMDMxMTAvBgNV
BAMTKENFOTZBNDBGODJEM0QzM0VDRUQ5OUI2MzNFMjdFODkxNTcxQkI4MUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3unwZL6GZpSGVvWKzZuuVM0lw
PMspBMxO3pDOCRLEqCMMFedt17DjZpvccfiWgyxgypsWYY0NNs04tYKBy9ZjRgIv
OQjRrJGdQOYtE36iqVc5l8jpXMHsHJZ32nIL8P8gP6cnvDDJSqa7nWX+d4KK01kR
xbUZr4tWBA19VoaxbKsRb3m2rpznQ8pfdyAOUaZ7on47yG+wLu153HbA44B25dz3
zyEYfZDkg1TFlVltdTwQNAIZQokKpXzs5YttNfv1eAAjy3OHfRSGBknfzfGoRQjd
84xEY+VeeliHDIc6IdoKQ6xWsb2lk9zplANNeZ/zaWO3d0WXhZDCiahZtV3bAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUzpakD4LT0z7O2ZtjPifokVcbuB4wHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTM1MzYyZTMy
MzEzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNDM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5nNowDQYJKoZIhvcNAQELBQADggEBAKhDnCIQHbKxCruZwGoQQlCiZ1OwM2+v
0lAtsTaEI6V6XHjRKDdQrRJIQZ9q3iK8Z+dsXGz1pXAyd18Vexhl3eVgr/N1yRpu
pn+3Vn6XvWfOwkZVGpjET6oPFx9WbxBcL/tSgNHLM7c4nP2OkuMlASxMwL2C55Dp
vzvmKzvWjobwcM73zlCs++UuFfve/oF0N/fgPMl7DpSLhKLcxrYJu9cc8AtXYwRm
lDONumpUfwyo4uAaa/rfVhceIA6sQL/EPAwJyvwjld5WeOOeYkIN8WYBa/8rqi5N
gmqnlJL+5U5LSA6zGthLtrj2vsQ8kAol5B3YeC+SrsXcQA767YQXqss=
-----END CERTIFICATE-----
Generated at Sun May 5 05:22:02 2024 by rpki-client on console-fra.rpki-client.org