Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136372e32342e302f32342d3234203d3e203630343538.roa
File: 3138352e3136372e32342e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: SDt985Ss2j95VPPnUftv3k+r40+EetHHWWJxi8YFELg=
Subject key identifier: 6F:59:61:8C:E1:6F:CC:89:58:E5:AB:1F:9D:45:BD:E2:02:C8:36:BF
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 406F9764ECB1B75DB5F539C2ABB244A086212E75
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136372e32342e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:17 +0000
ROA not before: Mon 03 Jun 2024 06:00:17 +0000
ROA not after: Mon 02 Jun 2025 06:05:17 +0000
asID: 60458
IP address blocks: 185.167.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:6f:97:64:ec:b1:b7:5d:b5:f5:39:c2:ab:b2:44:a0:86:21:2e:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:17 2024 GMT
Not After : Jun 2 06:05:17 2025 GMT
Subject: CN=6F59618CE16FCC8958E5AB1F9D45BDE202C836BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:93:02:07:1f:a8:b3:4e:fb:48:5b:a1:22:eb:
08:44:a9:58:5e:b2:e0:3f:ac:c9:65:16:1c:e0:43:
02:ec:90:b4:9c:33:2a:77:58:85:6a:69:2b:8e:96:
3a:e6:b1:ac:bf:7e:29:9d:9c:aa:a6:7f:bf:6c:04:
1d:1a:22:3f:94:59:1d:a1:0a:e0:c5:c0:60:b1:89:
49:8d:62:fc:21:c7:5c:21:05:6c:dc:81:8c:77:52:
7d:21:72:37:4e:b8:8f:28:32:d4:eb:cc:05:31:89:
7f:0f:9d:f9:a6:27:bb:ec:d4:8e:24:0a:4f:b9:56:
97:68:44:b3:3b:db:43:20:9b:77:d6:00:c0:84:af:
fa:8f:02:5c:db:df:4f:be:e1:ed:31:54:a5:51:ab:
e0:d1:cd:e9:cf:86:0e:83:25:d0:ad:52:6f:ea:67:
3c:cb:2c:17:12:2a:1c:44:51:40:5e:db:5c:eb:84:
22:87:2d:8d:04:e5:db:64:5c:f4:2a:ad:48:3d:73:
58:5d:73:9d:85:92:78:d6:0b:fd:12:b9:6c:02:63:
cb:d3:23:c5:07:6e:75:1f:07:29:b9:98:6a:5e:ff:
a5:29:0c:95:b3:ed:63:7a:a4:c1:3d:97:1c:cf:f1:
0f:37:b9:02:77:5f:f0:87:48:a4:17:c6:e8:a9:2e:
69:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:59:61:8C:E1:6F:CC:89:58:E5:AB:1F:9D:45:BD:E2:02:C8:36:BF
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136372e32342e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.24.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:cd:f4:6f:a0:28:c6:e5:da:7c:f7:dd:b7:bb:47:df:04:96:
67:62:aa:00:b0:ce:8c:6e:bc:bb:be:55:d4:f8:8e:25:2e:57:
c9:bf:66:7b:bd:f7:c5:f2:2f:37:61:59:bf:3c:f8:9d:60:c5:
e1:53:06:38:ef:5f:96:43:4d:bd:68:ab:18:d4:1e:e0:65:5d:
4e:57:5b:eb:5f:a7:69:6b:ee:fc:31:9f:e0:f2:9a:d4:8d:d8:
4e:71:94:46:6b:b5:ec:8a:17:d1:ce:97:10:71:bf:a4:86:4f:
b6:4c:f0:eb:b6:a7:57:3f:16:dd:20:b5:cb:52:e5:b8:29:95:
0a:b5:01:71:76:80:02:e6:58:4f:5c:d1:20:49:75:60:53:69:
11:1f:94:12:82:e5:37:d9:09:a4:62:e5:5c:eb:ca:10:7d:4f:
f8:95:db:a4:cb:ef:62:15:43:4d:69:d8:d4:55:44:13:15:9a:
88:c8:88:7c:d6:76:f4:80:0f:6d:86:79:04:f5:64:02:02:5d:
0d:8d:26:72:9b:40:3a:7b:d7:af:7b:49:e5:08:21:34:52:b5:
3e:f1:cf:48:48:ba:d7:a9:0d:88:14:a2:69:07:8c:e5:f4:19:
1b:0f:f6:87:f0:a7:a7:21:84:18:ff:f7:26:4c:6e:4b:5f:fd:
2d:fa:1d:bc
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQG+XZOyxt1219TnCq7JEoIYhLnUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTdaFw0yNTA2MDIwNjA1MTdaMDMxMTAvBgNV
BAMTKDZGNTk2MThDRTE2RkNDODk1OEU1QUIxRjlENDVCREUyMDJDODM2QkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKkwIHH6izTvtIW6Ei6whEqVhe
suA/rMllFhzgQwLskLScMyp3WIVqaSuOljrmsay/fimdnKqmf79sBB0aIj+UWR2h
CuDFwGCxiUmNYvwhx1whBWzcgYx3Un0hcjdOuI8oMtTrzAUxiX8PnfmmJ7vs1I4k
Ck+5VpdoRLM720Mgm3fWAMCEr/qPAlzb30++4e0xVKVRq+DRzenPhg6DJdCtUm/q
ZzzLLBcSKhxEUUBe21zrhCKHLY0E5dtkXPQqrUg9c1hdc52FknjWC/0SuWwCY8vT
I8UHbnUfBym5mGpe/6UpDJWz7WN6pME9lxzP8Q83uQJ3X/CHSKQXxuipLmlDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUb1lhjOFvzIlY5asfnUW94gLINr8wHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTM2MzcyZTMy
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uacYMA0GCSqGSIb3DQEBCwUAA4IBAQC8zfRvoCjG5dp89923u0ffBJZnYqoAsM6M
bry7vlXU+I4lLlfJv2Z7vffF8i83YVm/PPidYMXhUwY471+WQ029aKsY1B7gZV1O
V1vrX6dpa+78MZ/g8prUjdhOcZRGa7XsihfRzpcQcb+khk+2TPDrtqdXPxbdILXL
UuW4KZUKtQFxdoAC5lhPXNEgSXVgU2kRH5QSguU32QmkYuVc68oQfU/4lduky+9i
FUNNadjUVUQTFZqIyIh81nb0gA9thnkE9WQCAl0NjSZym0A6e9eve0nlCCE0UrU+
8c9ISLrXqQ2IFKJpB4zl9BkbD/aH8KenIYQY//cmTG5LX/0t+h28
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org