Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136322e3136382e302f32332d3233203d3e203630343538.roa
File: 3138352e3136322e3136382e302f32332d3233203d3e203630343538.roa (raw, json)
Hash identifier: yiWey9Tvi2l3p1TPd7zesC6Zw+Zx91M7V4br/C0VJzY=
Subject key identifier: D2:D4:60:51:CE:7C:38:9D:30:76:69:EF:ED:2E:B4:A1:11:AC:17:0D
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 31721F076D30850EA093B0749F2EA3A0DF397302
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136322e3136382e302f32332d3233203d3e203630343538.roa
Signing time: Mon 03 Jul 2023 05:42:09 +0000
ROA not before: Mon 03 Jul 2023 05:37:09 +0000
ROA not after: Mon 01 Jul 2024 05:42:09 +0000
asID: 60458
IP address blocks: 185.162.168.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:72:1f:07:6d:30:85:0e:a0:93:b0:74:9f:2e:a3:a0:df:39:73:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jul 3 05:37:09 2023 GMT
Not After : Jul 1 05:42:09 2024 GMT
Subject: CN=D2D46051CE7C389D307669EFED2EB4A111AC170D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:40:be:4e:20:5c:5b:44:5b:3f:ce:65:3c:93:
95:7c:34:73:34:e9:ef:91:22:bb:31:97:fe:7d:39:
b9:17:74:a6:d0:ce:52:ed:0e:42:13:3a:87:7d:22:
fe:a9:01:ae:cc:db:e9:24:48:63:af:1e:47:4a:3a:
90:6a:b5:cd:72:ce:5f:b8:64:f9:2d:dd:98:cb:7e:
49:58:e9:a3:04:b0:06:a0:08:9e:66:33:6e:26:a9:
e6:9e:28:89:73:46:66:ed:c1:8f:59:19:5e:c5:e6:
df:7a:d0:30:eb:c7:87:79:c5:50:59:58:d0:aa:42:
c3:46:3a:73:fe:3d:3d:82:75:21:f4:20:9f:14:c9:
f7:ad:6b:ef:23:a7:23:55:3d:0c:64:83:a8:da:2d:
f2:09:84:17:f9:d0:fe:af:8f:bf:89:94:1b:ee:b4:
d8:3b:a4:da:82:d6:d3:d7:f4:b0:94:8d:59:b0:67:
11:3d:6c:5f:72:22:95:85:5b:09:b4:17:f6:71:87:
ea:dc:40:cf:78:68:f2:ec:a1:d5:6b:8d:15:79:28:
cc:00:c8:9f:c3:1a:0b:9b:e6:d0:07:4b:65:d3:7c:
f5:ae:23:66:ce:5d:bf:91:a7:fc:c6:cc:93:ac:c9:
87:b2:e0:74:01:1a:36:13:5d:fc:72:69:44:1e:c2:
98:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:D4:60:51:CE:7C:38:9D:30:76:69:EF:ED:2E:B4:A1:11:AC:17:0D
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136322e3136382e302f32332d3233203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.168.0/23
Signature Algorithm: sha256WithRSAEncryption
41:de:b5:3f:df:13:76:02:b9:53:ff:04:fe:aa:26:26:fd:40:
4c:0a:0f:b6:6f:d0:5c:71:7f:c3:90:0c:d1:47:81:d1:be:c9:
0e:f0:3e:f4:d5:8d:4f:25:01:58:86:e4:bf:77:d0:01:ac:37:
3c:c4:97:a2:be:a2:cc:0a:40:24:58:f5:dc:a2:2f:ba:b9:8e:
16:f1:88:66:e1:e7:e2:91:b3:e5:36:31:24:35:fb:e0:b1:09:
bd:09:4b:b8:58:8b:ba:29:01:b0:2c:23:43:17:4d:07:7a:8a:
f4:0c:3c:e3:47:86:bd:42:66:b6:e6:f6:27:73:e9:f1:0d:e8:
c2:b5:d1:3d:3d:59:86:c2:ab:44:d1:b3:c5:4c:c2:a5:4a:aa:
e8:ff:67:52:fd:06:4c:b4:d7:1b:e4:a8:e6:24:68:d6:e5:8c:
6c:47:75:55:e3:36:88:7e:17:f8:33:c4:f8:27:d1:32:7b:77:
59:c9:6a:7a:09:d2:a0:68:53:2a:3f:dc:26:4a:8b:5c:16:15:
ff:49:34:79:a0:41:d7:6e:70:d0:87:ce:a7:07:76:4e:2e:84:
59:d6:a0:e3:db:be:54:ed:f7:b6:36:43:ce:2a:3e:97:1c:96:
10:93:af:0c:53:65:b0:2a:f2:b2:46:b9:d9:db:a4:36:38:92:
11:02:12:37
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMXIfB20whQ6gk7B0ny6joN85cwIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yMzA3MDMwNTM3MDlaFw0yNDA3MDEwNTQyMDlaMDMxMTAvBgNV
BAMTKEQyRDQ2MDUxQ0U3QzM4OUQzMDc2NjlFRkVEMkVCNEExMTFBQzE3MEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCQL5OIFxbRFs/zmU8k5V8NHM0
6e+RIrsxl/59ObkXdKbQzlLtDkITOod9Iv6pAa7M2+kkSGOvHkdKOpBqtc1yzl+4
ZPkt3ZjLfklY6aMEsAagCJ5mM24mqeaeKIlzRmbtwY9ZGV7F5t960DDrx4d5xVBZ
WNCqQsNGOnP+PT2CdSH0IJ8Uyfeta+8jpyNVPQxkg6jaLfIJhBf50P6vj7+JlBvu
tNg7pNqC1tPX9LCUjVmwZxE9bF9yIpWFWwm0F/Zxh+rcQM94aPLsodVrjRV5KMwA
yJ/DGgub5tAHS2XTfPWuI2bOXb+Rp/zGzJOsyYey4HQBGjYTXfxyaUQewpgpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU0tRgUc58OJ0wdmnv7S60oRGsFw0wHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTM2MzIyZTMx
MzYzODJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM2MzAzNDM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5oqgwDQYJKoZIhvcNAQELBQADggEBAEHetT/fE3YCuVP/BP6qJib9QEwKD7Zv
0Fxxf8OQDNFHgdG+yQ7wPvTVjU8lAViG5L930AGsNzzEl6K+oswKQCRY9dyiL7q5
jhbxiGbh5+KRs+U2MSQ1++CxCb0JS7hYi7opAbAsI0MXTQd6ivQMPONHhr1CZrbm
9idz6fEN6MK10T09WYbCq0TRs8VMwqVKquj/Z1L9Bky01xvkqOYkaNbljGxHdVXj
Noh+F/gzxPgn0TJ7d1nJanoJ0qBoUyo/3CZKi1wWFf9JNHmgQdducNCHzqcHdk4u
hFnWoOPbvlTt97Y2Q84qPpcclhCTrwxTZbAq8rJGudnbpDY4khECEjc=
-----END CERTIFICATE-----
Generated at Mon May 6 01:02:59 2024 by rpki-client on console-ams.rpki-client.org