Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136322e3137312e302f32342d3234203d3e203630343538.roa
File: 3138352e3136322e3137312e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: 90y99P9qHniaFbGtU9mUaKbMcuKr4zjh7sttYrxcBYY=
Subject key identifier: 7C:58:B3:89:A2:D8:0B:96:13:CC:A8:7E:6A:4D:6D:B8:AA:11:28:D0
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 5BCAD0652477CE3028758E07C500C65F033CB782
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136322e3137312e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:16 +0000
ROA not before: Mon 03 Jun 2024 06:00:16 +0000
ROA not after: Mon 02 Jun 2025 06:05:16 +0000
asID: 60458
IP address blocks: 185.162.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:ca:d0:65:24:77:ce:30:28:75:8e:07:c5:00:c6:5f:03:3c:b7:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:16 2024 GMT
Not After : Jun 2 06:05:16 2025 GMT
Subject: CN=7C58B389A2D80B9613CCA87E6A4D6DB8AA1128D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3a:00:84:e7:e8:36:64:25:30:0a:e3:f6:01:
b6:42:1a:3f:33:58:0f:93:09:fb:50:ee:50:05:e1:
83:4e:47:b4:2b:5b:9a:b6:fd:82:61:f1:23:35:84:
bb:28:08:44:59:ad:db:b1:7c:b2:09:d2:c2:69:3e:
03:02:9b:e5:42:95:1d:67:80:b2:9b:25:57:28:b1:
af:77:f8:a6:f4:a4:42:2d:b1:ec:91:fe:b6:91:b4:
9c:c8:a5:33:89:bc:d3:09:bc:82:f5:d3:28:5b:3e:
42:44:9b:e1:b8:76:0b:77:10:14:2d:8c:03:6f:dc:
c2:dc:9b:dd:d5:de:9e:7b:d5:55:a0:ff:95:53:20:
6b:02:56:22:a6:d4:4c:5f:ae:33:a3:59:d1:2c:a5:
60:19:db:f7:73:85:18:46:31:df:2c:b4:6d:78:d7:
99:6f:23:05:9b:29:db:73:34:cc:d5:1d:f1:3e:19:
f6:25:05:b2:f8:bd:50:75:fc:83:14:08:65:ed:0a:
85:d3:e7:c6:74:c1:70:fb:10:04:7c:2d:a7:3f:52:
db:9c:88:ff:7b:ab:d1:15:59:16:54:a8:4e:97:b9:
68:6c:6e:7e:64:3a:3d:c8:37:11:d1:2e:8c:a3:59:
0c:31:46:22:fb:c1:18:c0:e4:e7:c2:9f:13:a8:90:
db:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:58:B3:89:A2:D8:0B:96:13:CC:A8:7E:6A:4D:6D:B8:AA:11:28:D0
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136322e3137312e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.171.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:73:08:25:ee:c2:fb:f8:64:4c:15:e5:c0:4a:78:ad:2d:0e:
28:03:46:4d:6e:cb:8f:a7:13:4c:c6:63:36:13:1b:15:f9:4c:
42:2a:2c:c2:02:3e:29:ca:c6:54:55:02:a8:7c:d2:4d:b9:c3:
1f:8b:1d:3b:0c:4a:56:9f:42:a8:4d:b8:aa:f9:0b:3c:b7:5b:
6c:bb:09:d6:c1:ec:78:f9:ce:85:d5:f5:aa:23:d1:03:01:0f:
7b:c8:f8:7f:0d:df:8b:61:01:3a:45:80:20:e8:06:60:f5:68:
41:c2:68:41:7c:6c:81:f6:bb:bb:db:1b:43:32:b9:09:77:67:
00:09:de:c7:cd:0d:fa:5b:30:18:4e:ae:bb:bf:cc:08:10:d5:
7c:78:b7:8b:ff:31:8e:7e:c5:35:90:ae:b2:ea:70:f5:9a:a4:
00:28:0d:3b:23:f2:e8:41:dd:79:61:76:af:71:c0:be:a6:eb:
1a:69:f4:ae:31:6c:c6:fe:7b:4c:50:9e:62:ed:ab:e5:50:87:
7f:36:30:04:2e:19:0e:b0:fa:4c:9f:5d:f1:42:a4:b8:0f:e9:
26:a4:d2:6c:01:ae:62:8e:78:fd:94:72:a6:a6:9a:cd:64:4c:
01:b6:73:54:6d:0c:46:d9:8c:0c:f2:83:f9:2b:09:fd:fa:38:
21:15:11:20
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUW8rQZSR3zjAodY4HxQDGXwM8t4IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTZaFw0yNTA2MDIwNjA1MTZaMDMxMTAvBgNV
BAMTKDdDNThCMzg5QTJEODBCOTYxM0NDQTg3RTZBNEQ2REI4QUExMTI4RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHOgCE5+g2ZCUwCuP2AbZCGj8z
WA+TCftQ7lAF4YNOR7QrW5q2/YJh8SM1hLsoCERZrduxfLIJ0sJpPgMCm+VClR1n
gLKbJVcosa93+Kb0pEItseyR/raRtJzIpTOJvNMJvIL10yhbPkJEm+G4dgt3EBQt
jANv3MLcm93V3p571VWg/5VTIGsCViKm1ExfrjOjWdEspWAZ2/dzhRhGMd8stG14
15lvIwWbKdtzNMzVHfE+GfYlBbL4vVB1/IMUCGXtCoXT58Z0wXD7EAR8Lac/Utuc
iP97q9EVWRZUqE6XuWhsbn5kOj3INxHRLoyjWQwxRiL7wRjA5OfCnxOokNshAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUfFiziaLYC5YTzKh+ak1tuKoRKNAwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTM2MzIyZTMx
MzczMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNDM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5oqswDQYJKoZIhvcNAQELBQADggEBAC1zCCXuwvv4ZEwV5cBKeK0tDigDRk1u
y4+nE0zGYzYTGxX5TEIqLMICPinKxlRVAqh80k25wx+LHTsMSlafQqhNuKr5Czy3
W2y7CdbB7Hj5zoXV9aoj0QMBD3vI+H8N34thATpFgCDoBmD1aEHCaEF8bIH2u7vb
G0MyuQl3ZwAJ3sfNDfpbMBhOrru/zAgQ1Xx4t4v/MY5+xTWQrrLqcPWapAAoDTsj
8uhB3Xlhdq9xwL6m6xpp9K4xbMb+e0xQnmLtq+VQh382MAQuGQ6w+kyfXfFCpLgP
6Sak0mwBrmKOeP2Ucqamms1kTAG2c1RtDEbZjAzyg/krCf36OCEVESA=
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:50 2024 by rpki-client on console-fra.rpki-client.org