Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231392e302f32342d3234203d3e203630343538.roa
File: 3138352e3135362e3231392e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: y5D649dlQavGoM7fmIIjbhoGyJ3iTHGQLZ6nviq9KP0=
Subject key identifier: 60:25:EC:A3:36:15:39:CF:DF:2A:F6:68:D6:20:0A:0F:E6:D5:3D:54
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 5CDA2782904ACCE21C1221F1084656FFCEEF81D6
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231392e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jul 2023 05:42:04 +0000
ROA not before: Mon 03 Jul 2023 05:37:04 +0000
ROA not after: Mon 01 Jul 2024 05:42:04 +0000
asID: 60458
IP address blocks: 185.156.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:da:27:82:90:4a:cc:e2:1c:12:21:f1:08:46:56:ff:ce:ef:81:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jul 3 05:37:04 2023 GMT
Not After : Jul 1 05:42:04 2024 GMT
Subject: CN=6025ECA3361539CFDF2AF668D6200A0FE6D53D54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:38:bd:54:b6:eb:54:9e:cd:da:c4:8b:3d:cb:
cb:f5:0e:07:38:e5:11:89:01:b7:1c:20:59:84:23:
2a:74:ef:cc:e7:66:58:57:a3:08:2c:94:3f:b0:8e:
da:b3:65:d7:f4:00:82:25:bb:5f:63:c2:76:68:23:
1c:75:55:2d:a0:90:d1:8c:60:6e:4d:58:ce:f9:7b:
7d:01:8f:99:a9:be:39:47:78:a8:fd:63:53:bc:36:
85:21:f1:95:18:9a:b4:7b:aa:63:88:d2:4e:3f:69:
41:dd:ba:1c:cd:bc:6d:32:9a:a0:86:c4:b8:fb:d9:
6b:37:db:0b:de:04:f1:a2:0c:4f:99:12:d8:84:7f:
56:f9:bf:0a:01:5b:b1:d5:6f:07:6b:82:36:76:70:
46:05:60:87:43:ac:45:b5:12:51:f7:9b:61:63:cd:
9e:2c:45:50:a8:4c:89:c3:40:49:ec:c8:4f:0d:05:
40:39:07:67:b2:59:0b:3e:24:e4:5e:90:a6:88:57:
82:84:30:31:75:81:71:10:59:4e:17:34:c1:34:b6:
6e:5e:6c:f9:85:f5:fd:c6:8e:d9:f2:82:be:f5:49:
cd:3a:0e:a0:e0:c8:a8:ac:7d:b4:2d:fe:ee:57:2b:
59:6c:c4:93:fe:f0:69:9d:56:de:46:8f:b9:e0:96:
64:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:25:EC:A3:36:15:39:CF:DF:2A:F6:68:D6:20:0A:0F:E6:D5:3D:54
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231392e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.219.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:8f:32:82:e6:eb:92:2d:3e:82:8f:1c:f3:8f:46:86:c7:0f:
9f:e5:71:67:3b:d6:38:32:9e:c6:24:1e:71:04:4b:dd:60:c0:
c2:81:77:2b:2f:f4:bb:ee:c6:d1:f2:1e:14:be:15:37:bc:c8:
40:01:71:a6:eb:10:e1:d8:70:1b:6e:cd:78:24:66:52:8b:1b:
ae:55:5a:65:f1:bb:45:1d:87:7b:77:4f:7d:74:04:15:1e:0d:
03:fe:9f:61:6f:8b:52:82:a2:dc:93:d0:17:ea:91:a2:f8:a7:
a3:9d:6d:2d:38:57:1d:dd:b1:26:d3:e3:63:6c:6f:c2:c1:ee:
8e:41:9b:a3:82:02:56:39:84:64:5a:45:9c:56:24:25:07:cc:
cd:37:92:b4:0f:42:6c:50:75:3c:68:d9:8f:90:9d:54:47:cb:
94:ad:b7:ae:41:92:77:34:a2:f0:be:06:9a:66:e8:73:61:3f:
c3:86:b0:88:61:f5:39:44:e6:49:04:c7:23:66:1c:3e:93:9a:
6c:28:7d:c6:bb:cf:fe:ea:db:6d:5e:5b:ee:b0:4b:19:5c:d5:
c8:07:ca:1d:e5:dc:51:7d:59:eb:f6:6f:8f:85:50:71:e0:5c:
3b:bc:97:c8:f6:13:d9:09:7f:32:81:f3:f8:f9:b5:45:4b:f5:
17:a3:32:f5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXNongpBKzOIcEiHxCEZW/87vgdYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yMzA3MDMwNTM3MDRaFw0yNDA3MDEwNTQyMDRaMDMxMTAvBgNV
BAMTKDYwMjVFQ0EzMzYxNTM5Q0ZERjJBRjY2OEQ2MjAwQTBGRTZENTNENTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5OL1UtutUns3axIs9y8v1Dgc4
5RGJAbccIFmEIyp078znZlhXowgslD+wjtqzZdf0AIIlu19jwnZoIxx1VS2gkNGM
YG5NWM75e30Bj5mpvjlHeKj9Y1O8NoUh8ZUYmrR7qmOI0k4/aUHduhzNvG0ymqCG
xLj72Ws32wveBPGiDE+ZEtiEf1b5vwoBW7HVbwdrgjZ2cEYFYIdDrEW1ElH3m2Fj
zZ4sRVCoTInDQEnsyE8NBUA5B2eyWQs+JORekKaIV4KEMDF1gXEQWU4XNME0tm5e
bPmF9f3Gjtnygr71Sc06DqDgyKisfbQt/u5XK1lsxJP+8GmdVt5Gj7nglmTpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUYCXsozYVOc/fKvZo1iAKD+bVPVQwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTM1MzYyZTMy
MzEzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNDM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5nNswDQYJKoZIhvcNAQELBQADggEBANOPMoLm65ItPoKPHPOPRobHD5/lcWc7
1jgynsYkHnEES91gwMKBdysv9LvuxtHyHhS+FTe8yEABcabrEOHYcBtuzXgkZlKL
G65VWmXxu0Udh3t3T310BBUeDQP+n2Fvi1KCotyT0BfqkaL4p6OdbS04Vx3dsSbT
42Nsb8LB7o5Bm6OCAlY5hGRaRZxWJCUHzM03krQPQmxQdTxo2Y+QnVRHy5Stt65B
knc0ovC+Bppm6HNhP8OGsIhh9TlE5kkExyNmHD6Tmmwofca7z/7q221eW+6wSxlc
1cgHyh3l3FF9Wev2b4+FUHHgXDu8l8j2E9kJfzKB8/j5tUVL9RejMvU=
-----END CERTIFICATE-----
Generated at Sun May 5 05:22:02 2024 by rpki-client on console-fra.rpki-client.org