Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136322e3137302e302f32342d3234203d3e203630343538.roa
File: 3138352e3136322e3137302e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: YOkgdfN6930njLnoIF3o5vYeuFYyl2ovNNQOIYyrjCk=
Subject key identifier: D3:9B:D7:4B:3E:71:1B:7B:5B:C3:82:85:62:BE:B3:84:16:B7:5B:01
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 327006758D2D219D7A17C99385CEE6EC22E54A49
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136322e3137302e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:17 +0000
ROA not before: Mon 03 Jun 2024 06:00:17 +0000
ROA not after: Mon 02 Jun 2025 06:05:17 +0000
asID: 60458
IP address blocks: 185.162.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:70:06:75:8d:2d:21:9d:7a:17:c9:93:85:ce:e6:ec:22:e5:4a:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:17 2024 GMT
Not After : Jun 2 06:05:17 2025 GMT
Subject: CN=D39BD74B3E711B7B5BC3828562BEB38416B75B01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:be:b4:91:33:06:3b:5a:45:88:72:a9:e2:fd:
63:5c:23:7d:85:6d:1a:4c:e9:7d:c8:a4:33:fe:11:
18:e4:68:87:e1:0d:46:1e:d4:e0:11:03:65:98:a1:
cc:4e:a3:25:29:6c:3e:3f:1e:14:75:95:07:1c:55:
83:c4:a8:10:7e:2b:67:cc:d3:8c:98:19:c3:6b:1e:
c7:7f:82:14:43:ba:ca:40:b0:8f:48:6f:92:af:27:
c0:69:c3:05:7b:e7:20:18:33:08:3e:14:0e:5a:a8:
6b:31:af:15:45:fe:12:97:d6:62:aa:32:2b:7f:81:
25:ac:57:00:4a:c3:68:bf:30:46:7d:9d:06:8b:c7:
36:ef:f5:c9:09:1f:02:1e:51:87:a9:2e:e4:3a:ad:
15:2b:88:c8:84:f9:f9:fd:92:82:44:5a:80:d9:d7:
6e:63:19:74:d4:09:1c:2f:9b:ca:46:c1:9c:c4:79:
36:d8:18:4b:ba:6e:61:2c:c4:7b:27:ec:36:09:3b:
6e:90:c0:9f:14:32:70:41:f5:86:a5:85:77:12:c4:
6e:d6:3c:30:f9:c1:13:c3:06:6c:24:62:78:aa:f4:
4a:06:fc:df:29:ad:10:e6:28:f2:75:ef:98:2f:9e:
da:4b:45:24:ee:a1:c9:8e:12:c9:ac:85:e2:8b:99:
15:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:9B:D7:4B:3E:71:1B:7B:5B:C3:82:85:62:BE:B3:84:16:B7:5B:01
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136322e3137302e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.170.0/24
Signature Algorithm: sha256WithRSAEncryption
46:80:8e:b8:e8:63:04:8c:71:60:de:08:c4:64:23:af:dc:8e:
73:cc:a1:19:fa:e3:7c:50:8f:7c:4b:5c:4e:b4:4a:9d:c4:1f:
f2:a7:dd:be:d0:4c:b9:35:01:7f:ea:be:d7:f1:33:47:70:db:
9d:0c:c6:5f:b4:03:6d:42:34:60:e8:dd:3b:e0:34:cd:be:e9:
31:a2:c3:de:c9:58:d0:5a:3a:e7:f2:0c:de:e3:64:94:ee:13:
b7:c3:c3:fd:23:f5:5a:4b:d0:ca:2c:94:83:b5:ad:92:65:56:
a6:d4:54:d9:ad:d9:22:1f:92:0b:28:8d:e0:fa:3b:e8:ad:a2:
9e:95:80:7b:c6:b0:dc:30:9e:9f:1a:da:ef:0b:9d:8a:4a:d5:
44:c7:6d:5e:44:c6:72:ba:c2:cf:e1:c5:51:b9:94:b4:2e:a7:
3e:17:20:d8:81:07:eb:c6:da:53:98:4f:e0:e8:4d:3b:97:12:
7b:b9:c7:41:8a:f1:51:ae:e9:c9:96:7b:bd:c9:35:b2:0f:bc:
e9:26:bb:f6:28:35:b5:3a:ab:c5:56:2f:ff:f3:60:53:1f:d7:
48:f4:26:22:04:33:2f:5e:49:f6:6a:d2:89:d0:88:6c:c8:a1:
29:3e:5c:bb:35:9f:f1:e1:69:a3:41:fb:17:17:34:89:ab:1c:
fb:94:e5:0d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMnAGdY0tIZ16F8mThc7m7CLlSkkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTdaFw0yNTA2MDIwNjA1MTdaMDMxMTAvBgNV
BAMTKEQzOUJENzRCM0U3MTFCN0I1QkMzODI4NTYyQkVCMzg0MTZCNzVCMDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlvrSRMwY7WkWIcqni/WNcI32F
bRpM6X3IpDP+ERjkaIfhDUYe1OARA2WYocxOoyUpbD4/HhR1lQccVYPEqBB+K2fM
04yYGcNrHsd/ghRDuspAsI9Ib5KvJ8BpwwV75yAYMwg+FA5aqGsxrxVF/hKX1mKq
Mit/gSWsVwBKw2i/MEZ9nQaLxzbv9ckJHwIeUYepLuQ6rRUriMiE+fn9koJEWoDZ
125jGXTUCRwvm8pGwZzEeTbYGEu6bmEsxHsn7DYJO26QwJ8UMnBB9YalhXcSxG7W
PDD5wRPDBmwkYniq9EoG/N8prRDmKPJ175gvntpLRSTuocmOEsmsheKLmRXfAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU05vXSz5xG3tbw4KFYr6zhBa3WwEwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTM2MzIyZTMx
MzczMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNDM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5oqowDQYJKoZIhvcNAQELBQADggEBAEaAjrjoYwSMcWDeCMRkI6/cjnPMoRn6
43xQj3xLXE60Sp3EH/Kn3b7QTLk1AX/qvtfxM0dw250Mxl+0A21CNGDo3TvgNM2+
6TGiw97JWNBaOufyDN7jZJTuE7fDw/0j9VpL0MoslIO1rZJlVqbUVNmt2SIfkgso
jeD6O+itop6VgHvGsNwwnp8a2u8LnYpK1UTHbV5ExnK6ws/hxVG5lLQupz4XINiB
B+vG2lOYT+DoTTuXEnu5x0GK8VGu6cmWe73JNbIPvOkmu/YoNbU6q8VWL//zYFMf
10j0JiIEMy9eSfZq0onQiGzIoSk+XLs1n/HhaaNB+xcXNImrHPuU5Q0=
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:50 2024 by rpki-client on console-fra.rpki-client.org