Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136372e32352e302f32342d3234203d3e203630343538.roa
File: 3138352e3136372e32352e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: /1MHI4aV5jtOdQTFybX9UgjJlF3Q0rJIhXLJo4SqcQQ=
Subject key identifier: 47:8E:26:AF:8F:DF:D8:01:18:9A:95:37:EE:15:08:CC:A1:CD:25:86
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 2792EAB88AB31D760946F3614C4682D612544F92
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136372e32352e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jul 2023 05:41:57 +0000
ROA not before: Mon 03 Jul 2023 05:36:57 +0000
ROA not after: Mon 01 Jul 2024 05:41:57 +0000
asID: 60458
IP address blocks: 185.167.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:92:ea:b8:8a:b3:1d:76:09:46:f3:61:4c:46:82:d6:12:54:4f:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jul 3 05:36:57 2023 GMT
Not After : Jul 1 05:41:57 2024 GMT
Subject: CN=478E26AF8FDFD801189A9537EE1508CCA1CD2586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2b:4f:64:4f:a3:19:74:42:1f:60:af:b4:b8:
4d:80:91:31:71:14:56:f1:33:a0:0b:0e:ea:75:df:
b5:4f:1d:39:a8:4f:0a:e5:d7:71:44:cc:ca:4d:e0:
1d:da:01:c0:09:5c:1e:65:25:21:54:f9:b1:7c:56:
c5:5a:df:41:0e:b1:74:17:d2:dd:49:20:a5:4d:55:
c4:8c:64:eb:49:d0:75:d3:cc:45:d2:eb:e3:ba:65:
d8:cb:20:6b:c9:46:14:64:0d:d7:9f:7a:63:bd:8e:
99:0e:6c:1d:b2:53:11:a3:a9:f2:d5:32:c0:31:68:
9d:46:fa:10:18:69:bf:2e:da:59:33:ad:a4:5a:16:
38:8f:16:a3:f2:bb:7b:90:31:c1:b3:4f:0d:34:f2:
b7:c5:c2:5e:24:89:44:64:2f:28:c0:57:f1:06:9b:
81:c5:1d:bd:ba:53:c8:58:1c:86:4f:4d:61:e1:46:
24:99:68:35:70:bf:80:dd:f0:d0:71:9e:69:16:61:
2d:46:cb:d8:f4:75:87:bc:86:b1:87:ca:93:26:08:
96:85:90:eb:92:8c:af:0e:17:24:c0:25:1b:ed:94:
7a:08:e3:a1:60:76:9a:9f:11:27:65:e8:de:e4:87:
22:c2:00:bc:cb:10:c3:ef:f5:70:f2:8e:6f:5a:89:
6b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:8E:26:AF:8F:DF:D8:01:18:9A:95:37:EE:15:08:CC:A1:CD:25:86
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136372e32352e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.25.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:32:67:31:b0:eb:2a:e1:9c:e3:a1:50:79:2d:a7:d6:f6:dd:
bd:09:fa:ea:53:f6:8d:18:52:a2:6d:b9:e9:8d:07:82:4c:97:
5c:d7:0d:54:7d:0a:54:7d:9f:90:34:01:da:d6:41:65:52:49:
4b:a6:34:1d:36:e3:f9:f4:96:c9:a9:6b:4f:e0:1c:8f:7e:ce:
d6:fe:75:4a:0f:74:ac:20:24:b8:ec:09:5d:f2:2c:82:79:97:
15:8a:25:3f:3a:e3:e8:eb:47:6a:61:5f:01:e1:2a:53:05:9b:
aa:e8:e8:6a:d2:db:fa:1a:d0:6c:46:e7:14:81:6f:70:74:c4:
e9:f1:32:18:94:53:3a:6d:99:18:5b:f3:be:7d:9d:c4:b0:94:
f4:c7:19:4d:b7:a6:9e:0c:a3:4e:56:c8:5f:62:3a:e3:c8:f4:
aa:62:09:4b:be:6c:4f:25:d5:95:0f:e3:d8:55:52:48:ba:4f:
83:3e:4c:b2:23:70:9e:c1:c7:f0:36:87:36:a1:e4:0e:d0:bb:
94:ad:c2:d6:4f:16:da:50:45:59:75:21:a5:04:9a:4d:62:ad:
c2:74:07:e8:a2:a0:ce:62:80:0a:b5:22:63:ba:0e:a4:27:90:
46:d1:2c:79:0a:f5:c3:52:10:e3:a2:b5:db:f2:25:c5:ed:51:
75:dd:82:23
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJ5LquIqzHXYJRvNhTEaC1hJUT5IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yMzA3MDMwNTM2NTdaFw0yNDA3MDEwNTQxNTdaMDMxMTAvBgNV
BAMTKDQ3OEUyNkFGOEZERkQ4MDExODlBOTUzN0VFMTUwOENDQTFDRDI1ODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4K09kT6MZdEIfYK+0uE2AkTFx
FFbxM6ALDup137VPHTmoTwrl13FEzMpN4B3aAcAJXB5lJSFU+bF8VsVa30EOsXQX
0t1JIKVNVcSMZOtJ0HXTzEXS6+O6ZdjLIGvJRhRkDdefemO9jpkObB2yUxGjqfLV
MsAxaJ1G+hAYab8u2lkzraRaFjiPFqPyu3uQMcGzTw008rfFwl4kiURkLyjAV/EG
m4HFHb26U8hYHIZPTWHhRiSZaDVwv4Dd8NBxnmkWYS1Gy9j0dYe8hrGHypMmCJaF
kOuSjK8OFyTAJRvtlHoI46FgdpqfESdl6N7khyLCALzLEMPv9XDyjm9aiWt1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUR44mr4/f2AEYmpU37hUIzKHNJYYwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTM2MzcyZTMy
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uacZMA0GCSqGSIb3DQEBCwUAA4IBAQA/MmcxsOsq4ZzjoVB5LafW9t29CfrqU/aN
GFKibbnpjQeCTJdc1w1UfQpUfZ+QNAHa1kFlUklLpjQdNuP59JbJqWtP4ByPfs7W
/nVKD3SsICS47Ald8iyCeZcViiU/OuPo60dqYV8B4SpTBZuq6Ohq0tv6GtBsRucU
gW9wdMTp8TIYlFM6bZkYW/O+fZ3EsJT0xxlNt6aeDKNOVshfYjrjyPSqYglLvmxP
JdWVD+PYVVJIuk+DPkyyI3CewcfwNoc2oeQO0LuUrcLWTxbaUEVZdSGlBJpNYq3C
dAfooqDOYoAKtSJjug6kJ5BG0Sx5CvXDUhDjorXb8iXF7VF13YIj
-----END CERTIFICATE-----
Generated at Mon May 6 01:08:53 2024 by rpki-client on console-fra.rpki-client.org