Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231392e302f32342d3234203d3e203630343538.roa
File: 3138352e3135362e3231392e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: bhmXA/UCtt1nyQrYM2jVbYPPjvHj1kbq2elTOOXjriw=
Subject key identifier: BC:34:43:BB:AD:AF:F3:86:8C:A5:F4:06:52:46:6D:17:FA:D2:B9:25
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 0BA11A151E2B86B55D480113A084F28D759070D3
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231392e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:16 +0000
ROA not before: Mon 03 Jun 2024 06:00:16 +0000
ROA not after: Mon 02 Jun 2025 06:05:16 +0000
asID: 60458
IP address blocks: 185.156.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:a1:1a:15:1e:2b:86:b5:5d:48:01:13:a0:84:f2:8d:75:90:70:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:16 2024 GMT
Not After : Jun 2 06:05:16 2025 GMT
Subject: CN=BC3443BBADAFF3868CA5F40652466D17FAD2B925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b4:aa:39:86:ae:09:c5:12:c4:94:08:75:74:
a9:11:86:f6:d7:7e:a8:c5:32:e4:fa:82:ef:f6:49:
c4:80:99:44:96:8b:cb:37:ef:83:d3:e2:fb:cd:31:
22:4a:c6:0a:29:7b:a7:f4:c6:f8:23:53:2c:4d:93:
9d:e9:61:d1:ec:85:46:c9:c7:39:d9:0e:94:85:de:
33:2a:58:da:eb:72:1a:e6:bb:76:f9:31:88:21:26:
48:ab:97:c5:31:08:d6:b6:b4:12:f1:90:06:17:b3:
95:34:5d:ad:c7:2e:b7:5d:e6:73:8d:91:88:e3:84:
b3:2b:b2:12:0c:5a:e4:8b:45:c3:b6:bf:d6:53:6c:
df:12:48:62:d2:69:f8:2f:48:7d:b0:d4:f0:40:71:
2c:1c:6d:79:f2:64:28:70:2a:be:98:79:b3:1e:29:
b9:ee:75:4e:ad:c0:c3:35:a9:93:9a:e2:51:ff:a4:
c4:e7:03:0c:e5:1c:43:a2:74:21:64:67:71:bb:4a:
4d:2c:68:4a:d5:2a:b2:5a:fc:41:94:34:67:a5:2d:
60:43:e9:b6:d1:f1:e8:65:74:43:6a:e0:90:88:cb:
41:f4:e5:8d:a9:b0:45:d3:f7:88:0e:59:f1:f2:45:
97:4c:d0:80:54:5b:75:89:e0:c6:ea:2b:df:8a:9c:
e7:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:34:43:BB:AD:AF:F3:86:8C:A5:F4:06:52:46:6D:17:FA:D2:B9:25
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231392e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.219.0/24
Signature Algorithm: sha256WithRSAEncryption
89:6f:44:26:15:bf:c8:b0:68:8b:09:d1:fd:93:4c:90:12:bc:
17:f6:85:ec:e0:84:71:dd:8c:85:6c:95:cc:88:b7:4a:cd:1c:
1d:df:9d:89:c0:47:f9:f6:76:af:60:7f:9f:bd:98:bc:38:0b:
fc:ad:95:01:8d:36:1f:5e:1b:fb:b9:a9:56:56:0b:6c:56:fc:
38:53:79:1b:9c:88:7a:1a:ee:10:ac:3c:2c:54:44:18:81:0c:
74:a8:85:15:ed:7f:c5:cb:a5:05:7c:f3:8d:55:85:3f:f5:5f:
8c:2f:af:e5:f2:7d:33:ce:67:a2:a9:aa:2b:32:1f:48:38:9d:
da:b2:c3:96:8c:05:68:9e:9e:1a:17:eb:b8:39:c7:53:67:15:
59:91:9c:1d:48:61:5d:6e:a4:dd:e4:14:f6:5f:07:ce:da:1a:
a0:67:ae:a7:de:cd:d3:a5:b2:9f:39:d1:18:94:fb:aa:93:1b:
2d:ad:20:9e:cc:63:54:3c:90:ad:fa:5b:5b:10:ea:9b:1d:3d:
2b:3e:3a:16:71:d4:0a:93:f9:25:cc:c3:55:b8:dd:70:54:af:
73:9a:b7:7d:f3:5d:45:86:b8:dc:43:ef:22:17:c3:05:29:53:
54:56:7c:6e:41:0d:8f:29:62:78:7a:28:f6:1f:2e:bb:a8:b2:
b6:28:6c:8e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUC6EaFR4rhrVdSAEToITyjXWQcNMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTZaFw0yNTA2MDIwNjA1MTZaMDMxMTAvBgNV
BAMTKEJDMzQ0M0JCQURBRkYzODY4Q0E1RjQwNjUyNDY2RDE3RkFEMkI5MjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKtKo5hq4JxRLElAh1dKkRhvbX
fqjFMuT6gu/2ScSAmUSWi8s374PT4vvNMSJKxgope6f0xvgjUyxNk53pYdHshUbJ
xznZDpSF3jMqWNrrchrmu3b5MYghJkirl8UxCNa2tBLxkAYXs5U0Xa3HLrdd5nON
kYjjhLMrshIMWuSLRcO2v9ZTbN8SSGLSafgvSH2w1PBAcSwcbXnyZChwKr6YebMe
KbnudU6twMM1qZOa4lH/pMTnAwzlHEOidCFkZ3G7Sk0saErVKrJa/EGUNGelLWBD
6bbR8ehldENq4JCIy0H05Y2psEXT94gOWfHyRZdM0IBUW3WJ4MbqK9+KnOcNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUvDRDu62v84aMpfQGUkZtF/rSuSUwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTM1MzYyZTMy
MzEzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNDM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5nNswDQYJKoZIhvcNAQELBQADggEBAIlvRCYVv8iwaIsJ0f2TTJASvBf2hezg
hHHdjIVslcyIt0rNHB3fnYnAR/n2dq9gf5+9mLw4C/ytlQGNNh9eG/u5qVZWC2xW
/DhTeRuciHoa7hCsPCxURBiBDHSohRXtf8XLpQV8841VhT/1X4wvr+XyfTPOZ6Kp
qisyH0g4ndqyw5aMBWienhoX67g5x1NnFVmRnB1IYV1upN3kFPZfB87aGqBnrqfe
zdOlsp850RiU+6qTGy2tIJ7MY1Q8kK36W1sQ6psdPSs+OhZx1AqT+SXMw1W43XBU
r3Oat33zXUWGuNxD7yIXwwUpU1RWfG5BDY8pYnh6KPYfLruosrYobI4=
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:50 2024 by rpki-client on console-fra.rpki-client.org