Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136322e3136382e302f32332d3233203d3e203630343538.roa
File: 3138352e3136322e3136382e302f32332d3233203d3e203630343538.roa (raw, json)
Hash identifier: uukrgDj0e2sDc9yoJUQCOwA8MTnflTfxiRJx5xhrfKA=
Subject key identifier: A4:DF:AF:9F:F4:86:E2:DC:22:BA:98:EF:06:AB:FA:F1:06:79:F8:D0
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 56B0358AC20AC7BEFD5C1F3E0765D8B4BBA6AB93
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136322e3136382e302f32332d3233203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:17 +0000
ROA not before: Mon 03 Jun 2024 06:00:17 +0000
ROA not after: Mon 02 Jun 2025 06:05:17 +0000
asID: 60458
IP address blocks: 185.162.168.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:b0:35:8a:c2:0a:c7:be:fd:5c:1f:3e:07:65:d8:b4:bb:a6:ab:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:17 2024 GMT
Not After : Jun 2 06:05:17 2025 GMT
Subject: CN=A4DFAF9FF486E2DC22BA98EF06ABFAF10679F8D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1f:61:df:51:58:a7:a9:27:76:3b:ea:08:b9:
d8:ec:e8:82:44:bd:ba:b7:d4:17:12:bc:34:4b:d6:
a9:1e:9b:9f:5f:76:c0:2a:9e:28:66:86:97:a0:66:
8e:e4:74:63:af:bf:e0:6b:31:dc:92:e3:aa:bf:64:
62:85:ad:00:b4:43:ad:39:6d:7d:4e:f0:3c:e2:41:
ec:f3:9c:a2:84:bd:ae:ee:13:1e:d1:14:fe:18:84:
2a:6a:6e:61:0c:af:3d:44:29:0d:85:a5:a2:1a:ae:
30:73:68:c4:ed:a6:93:10:21:e8:fb:a6:31:46:75:
14:c5:af:94:3e:ec:b7:8c:54:26:60:c6:f3:40:7c:
ec:24:36:45:ad:38:a2:58:51:ae:27:bb:a3:40:2f:
9c:52:1f:85:02:c5:21:d8:4b:bf:a5:55:49:2a:33:
c9:b9:62:ea:0c:38:9c:7f:bd:af:ed:e0:d8:47:de:
7b:74:6e:3c:bb:5a:31:e2:97:3e:d3:28:2c:17:e5:
b9:18:4a:e2:f6:5a:96:b8:63:52:8c:4e:ea:85:7a:
56:bd:22:ed:c4:b6:43:56:43:c6:9f:c9:62:38:2a:
d3:be:64:50:84:d6:43:19:eb:bc:3c:07:a3:2e:31:
5b:7a:cc:79:ef:d9:6a:3d:e8:ca:51:b2:b7:4c:71:
0f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:DF:AF:9F:F4:86:E2:DC:22:BA:98:EF:06:AB:FA:F1:06:79:F8:D0
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136322e3136382e302f32332d3233203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.168.0/23
Signature Algorithm: sha256WithRSAEncryption
83:78:c1:74:fb:5d:3e:62:ae:5b:ac:69:e7:79:6d:63:79:ed:
f3:18:7c:de:0c:08:d0:9f:47:52:30:eb:54:7e:a2:50:1d:d0:
43:44:87:cb:88:96:57:d3:f8:8c:6f:06:17:db:e1:4f:09:d7:
ae:cd:a4:a3:51:fe:e1:3d:f4:62:63:f6:a0:4a:6c:9f:ae:55:
31:27:7a:cd:33:02:10:b4:37:dd:1d:13:26:e5:b6:69:f5:be:
8c:16:1c:a2:b8:c0:f4:0a:42:45:52:f9:7f:cd:23:92:c9:0e:
39:62:00:f2:f3:8d:69:23:b7:6e:59:de:b6:c2:8a:24:dc:70:
4b:f8:35:7e:d3:5e:ca:02:8e:d4:42:2e:01:40:78:05:96:89:
9b:b7:2f:3a:cc:27:45:32:a9:7e:ad:13:37:25:ec:d3:45:0c:
c2:05:1c:c1:f6:58:b2:96:18:07:f1:c2:1d:d5:ab:c9:4d:5f:
0e:45:de:52:a4:72:93:21:b9:9a:2b:8e:9f:32:a8:58:e9:32:
37:e6:22:54:da:35:0b:1d:a0:d4:7e:6b:ac:23:b1:b9:2a:c3:
d8:8a:2b:44:fc:bd:c1:7d:92:49:3a:3f:bd:9a:56:5e:f5:18:
1f:59:ca:a0:c2:8e:62:a0:bd:fd:a5:d4:18:e5:b7:77:43:78:
9a:81:b3:15
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVrA1isIKx779XB8+B2XYtLumq5MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTdaFw0yNTA2MDIwNjA1MTdaMDMxMTAvBgNV
BAMTKEE0REZBRjlGRjQ4NkUyREMyMkJBOThFRjA2QUJGQUYxMDY3OUY4RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgH2HfUVinqSd2O+oIudjs6IJE
vbq31BcSvDRL1qkem59fdsAqnihmhpegZo7kdGOvv+BrMdyS46q/ZGKFrQC0Q605
bX1O8DziQezznKKEva7uEx7RFP4YhCpqbmEMrz1EKQ2FpaIarjBzaMTtppMQIej7
pjFGdRTFr5Q+7LeMVCZgxvNAfOwkNkWtOKJYUa4nu6NAL5xSH4UCxSHYS7+lVUkq
M8m5YuoMOJx/va/t4NhH3nt0bjy7WjHilz7TKCwX5bkYSuL2Wpa4Y1KMTuqFela9
Iu3EtkNWQ8afyWI4KtO+ZFCE1kMZ67w8B6MuMVt6zHnv2Wo96MpRsrdMcQ9JAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUpN+vn/SG4twiupjvBqv68QZ5+NAwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTM2MzIyZTMx
MzYzODJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM2MzAzNDM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5oqgwDQYJKoZIhvcNAQELBQADggEBAIN4wXT7XT5irlusaed5bWN57fMYfN4M
CNCfR1Iw61R+olAd0ENEh8uIllfT+IxvBhfb4U8J167NpKNR/uE99GJj9qBKbJ+u
VTEnes0zAhC0N90dEybltmn1vowWHKK4wPQKQkVS+X/NI5LJDjliAPLzjWkjt25Z
3rbCiiTccEv4NX7TXsoCjtRCLgFAeAWWiZu3LzrMJ0UyqX6tEzcl7NNFDMIFHMH2
WLKWGAfxwh3Vq8lNXw5F3lKkcpMhuZorjp8yqFjpMjfmIlTaNQsdoNR+a6wjsbkq
w9iKK0T8vcF9kkk6P72aVl71GB9ZyqDCjmKgvf2l1Bjlt3dDeJqBsxU=
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:50 2024 by rpki-client on console-fra.rpki-client.org