Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231382e302f32342d3234203d3e203630343538.roa
File: 3138352e3135362e3231382e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: tQ2GarT0Fq/Y4gJCnceY+9Ld6H3jfX5vzTogw0/cXn8=
Subject key identifier: 91:3C:26:FD:38:B0:DE:C1:0F:27:1C:F1:0C:F6:6E:00:1F:FD:2F:4A
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 1B65C35DBB3D0141981E6C2AA13B62C79C44819D
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231382e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:16 +0000
ROA not before: Mon 03 Jun 2024 06:00:16 +0000
ROA not after: Mon 02 Jun 2025 06:05:16 +0000
asID: 60458
IP address blocks: 185.156.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:65:c3:5d:bb:3d:01:41:98:1e:6c:2a:a1:3b:62:c7:9c:44:81:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:16 2024 GMT
Not After : Jun 2 06:05:16 2025 GMT
Subject: CN=913C26FD38B0DEC10F271CF10CF66E001FFD2F4A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e2:2f:b1:81:e7:c8:43:72:90:2e:c4:6e:47:
2b:9a:14:5d:21:25:f4:ab:64:90:43:e9:18:1a:05:
ac:67:90:ca:2c:16:5c:91:f4:2e:ae:e7:57:64:ba:
6d:c5:f4:fe:d6:ee:a2:9c:6b:81:1a:7e:38:94:29:
e9:18:c4:15:e2:34:e8:cc:ea:c3:ae:ce:43:8d:c0:
3d:45:f4:54:59:a4:f2:81:a6:3a:fc:12:73:e1:1a:
e2:62:01:53:55:a5:79:2b:12:fe:7e:2e:85:90:c0:
43:55:15:2a:ef:17:dd:0b:fc:e4:d7:9f:d5:9a:7c:
b6:60:89:40:85:bc:84:fd:c9:f1:11:05:6b:47:6d:
b0:84:0e:29:8f:f8:eb:a9:48:24:4c:ee:be:4d:d6:
15:25:81:a0:e8:8a:46:d5:85:c2:e1:78:7a:9c:a8:
ea:fa:ec:a3:e4:76:91:6f:b1:48:58:1b:80:37:9d:
53:bc:7e:35:c0:c7:c8:c9:86:ff:d7:e5:76:50:9a:
21:2a:ad:07:12:de:c4:48:c4:a7:09:cf:67:94:9e:
e0:48:0e:13:6e:a8:cc:7a:07:99:85:18:d1:57:2a:
ac:ab:de:89:e1:81:b1:95:2e:d5:56:c0:c1:01:93:
cd:62:e5:6a:a3:52:bc:1e:bd:23:38:f3:8d:bc:d7:
55:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:3C:26:FD:38:B0:DE:C1:0F:27:1C:F1:0C:F6:6E:00:1F:FD:2F:4A
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231382e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.218.0/24
Signature Algorithm: sha256WithRSAEncryption
23:75:77:e2:2c:ed:6b:f6:6b:2d:53:1b:9a:bc:fc:0d:84:64:
af:11:5f:80:12:50:8b:45:5f:ce:86:09:67:a4:7e:46:db:2b:
02:91:c7:a8:44:45:73:a2:db:4e:2b:89:ff:ac:7f:7e:25:ac:
73:26:01:2f:0c:1a:d8:d3:cf:dd:8b:7e:cf:aa:0c:f8:c8:d0:
7d:f3:42:9e:4d:8e:fd:57:8d:01:d7:aa:27:19:cb:7b:58:a8:
6a:eb:cf:dc:fa:5d:b3:1c:97:b3:eb:52:d0:ef:25:28:0e:fd:
ee:56:25:e9:9e:73:38:a5:3c:30:98:4f:28:27:bf:2f:bd:4f:
3c:9b:c9:19:34:fd:18:ea:e1:10:42:c0:41:85:e2:9f:60:5b:
41:e9:eb:e8:1c:bb:4c:b2:0c:df:1a:dc:2b:47:9d:3a:45:82:
f5:b0:be:4c:76:fe:16:f8:87:5c:94:93:f8:ba:41:3e:52:ed:
ab:52:0f:c0:f5:27:9f:3b:45:fd:c3:eb:02:ad:c7:94:6e:47:
40:7a:fb:b6:4d:cc:ba:89:3c:44:c7:9b:97:09:2c:c6:5e:29:
13:b4:bc:3f:07:88:a9:64:f5:dd:8c:30:da:b1:07:ba:df:d0:
23:31:91:cc:94:e1:99:8d:c0:0e:96:0b:af:4d:4e:ae:0d:e0:
28:41:97:a0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUG2XDXbs9AUGYHmwqoTtix5xEgZ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTZaFw0yNTA2MDIwNjA1MTZaMDMxMTAvBgNV
BAMTKDkxM0MyNkZEMzhCMERFQzEwRjI3MUNGMTBDRjY2RTAwMUZGRDJGNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCi4i+xgefIQ3KQLsRuRyuaFF0h
JfSrZJBD6RgaBaxnkMosFlyR9C6u51dkum3F9P7W7qKca4EafjiUKekYxBXiNOjM
6sOuzkONwD1F9FRZpPKBpjr8EnPhGuJiAVNVpXkrEv5+LoWQwENVFSrvF90L/OTX
n9WafLZgiUCFvIT9yfERBWtHbbCEDimP+OupSCRM7r5N1hUlgaDoikbVhcLheHqc
qOr67KPkdpFvsUhYG4A3nVO8fjXAx8jJhv/X5XZQmiEqrQcS3sRIxKcJz2eUnuBI
DhNuqMx6B5mFGNFXKqyr3onhgbGVLtVWwMEBk81i5WqjUrwevSM4842811UrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUkTwm/Tiw3sEPJxzxDPZuAB/9L0owHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTM1MzYyZTMy
MzEzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNDM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5nNowDQYJKoZIhvcNAQELBQADggEBACN1d+Is7Wv2ay1TG5q8/A2EZK8RX4AS
UItFX86GCWekfkbbKwKRx6hERXOi204rif+sf34lrHMmAS8MGtjTz92Lfs+qDPjI
0H3zQp5Njv1XjQHXqicZy3tYqGrrz9z6XbMcl7PrUtDvJSgO/e5WJemeczilPDCY
Tygnvy+9TzybyRk0/Rjq4RBCwEGF4p9gW0Hp6+gcu0yyDN8a3CtHnTpFgvWwvkx2
/hb4h1yUk/i6QT5S7atSD8D1J587Rf3D6wKtx5RuR0B6+7ZNzLqJPETHm5cJLMZe
KRO0vD8HiKlk9d2MMNqxB7rf0CMxkcyU4ZmNwA6WC69NTq4N4ChBl6A=
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org