Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136372e32352e302f32342d3234203d3e203630343538.roa
File: 3138352e3136372e32352e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: VnpNuWI2I8KmFIWMJWyePxJLR3+QOvzrDMMohIFeAkU=
Subject key identifier: 6A:3A:6F:71:42:CF:EB:61:AE:C6:7C:6F:FF:30:D9:AA:9B:9C:CE:99
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 28E5D6B9AE1C26D60547AD078EBC0848BCF77C49
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136372e32352e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:17 +0000
ROA not before: Mon 03 Jun 2024 06:00:17 +0000
ROA not after: Mon 02 Jun 2025 06:05:17 +0000
asID: 60458
IP address blocks: 185.167.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:e5:d6:b9:ae:1c:26:d6:05:47:ad:07:8e:bc:08:48:bc:f7:7c:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:17 2024 GMT
Not After : Jun 2 06:05:17 2025 GMT
Subject: CN=6A3A6F7142CFEB61AEC67C6FFF30D9AA9B9CCE99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7c:17:1c:d5:2c:24:b8:bf:31:1e:4a:86:44:
60:be:eb:78:f5:4f:fc:64:e7:9f:9b:72:a4:b2:f7:
c2:9b:73:a3:02:64:ef:42:59:2f:81:04:e4:d0:d2:
b2:1b:ed:b1:b8:46:0a:29:9c:e4:7a:db:05:25:0b:
80:2d:1a:b1:13:fe:28:d4:17:c7:46:f2:14:f7:7f:
a4:7d:c0:0c:3d:4a:ed:12:8e:89:12:16:36:b7:4b:
a8:15:a6:a9:3e:41:77:55:26:06:13:72:5f:c1:a0:
a4:44:d1:28:1c:2d:7c:36:41:e0:f4:95:fb:e6:dd:
c7:c8:27:08:16:7f:12:ef:0b:55:2e:04:80:b5:21:
df:54:0a:41:7f:1f:ad:34:96:20:ef:41:ec:dc:ee:
56:13:3c:73:4f:29:ec:d8:83:c5:f0:85:d0:fa:f4:
71:62:59:dc:8d:99:43:1c:7d:cc:8e:32:6b:7d:a6:
c5:08:85:8b:1c:f4:6d:c6:0f:e4:52:85:a1:7b:3c:
2c:a0:bd:f2:99:2f:9b:02:d4:b2:29:03:7d:71:19:
76:dc:29:ea:84:ef:f7:0d:03:d8:58:9c:4a:ff:77:
c7:ca:10:19:c8:88:59:86:49:f4:ff:3a:00:be:e5:
b1:3a:14:86:18:f4:09:a5:86:a3:27:e1:4c:30:f4:
38:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:3A:6F:71:42:CF:EB:61:AE:C6:7C:6F:FF:30:D9:AA:9B:9C:CE:99
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136372e32352e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.25.0/24
Signature Algorithm: sha256WithRSAEncryption
95:c6:c2:5b:79:ff:1e:67:a0:a3:d7:4b:41:49:c1:35:35:22:
02:a4:aa:c6:1e:67:7b:7a:2c:0e:3b:16:d6:23:18:47:d6:00:
5a:1d:f1:5a:4d:f0:2a:db:8f:03:e7:a6:79:d2:84:39:fd:36:
3c:3e:15:7f:ef:53:f2:5a:f7:ff:ba:e0:38:c3:0f:e7:30:20:
73:54:47:77:4c:34:0d:7e:2a:3b:8d:34:e5:cd:86:a9:2b:23:
99:a9:3c:f9:25:0c:c4:44:64:1a:cf:9e:4a:c6:b3:70:8e:a9:
f4:4e:e7:8c:57:05:03:18:96:53:1a:19:3b:48:56:6b:65:b1:
0f:af:94:a7:b1:3e:ff:e5:17:98:ad:17:ef:10:72:06:29:29:
eb:b1:f2:25:38:b8:6b:1c:09:bc:10:07:e0:25:06:a3:43:34:
91:08:fb:45:0b:aa:86:72:bf:e4:05:d5:23:58:85:b7:b3:1f:
92:cd:5d:66:dd:d8:e8:9b:9c:9f:9a:31:68:45:dd:07:25:4a:
f5:d7:eb:7a:d2:f3:68:79:f9:60:05:1d:ef:35:4e:22:b0:ed:
09:ae:10:df:ca:ea:d1:01:99:42:bb:71:72:1d:d8:68:9f:7d:
1f:c9:1d:a3:15:02:0d:d3:56:85:ab:38:5e:b5:bf:6a:9f:7e:
98:79:76:d3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKOXWua4cJtYFR60HjrwISLz3fEkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTdaFw0yNTA2MDIwNjA1MTdaMDMxMTAvBgNV
BAMTKDZBM0E2RjcxNDJDRkVCNjFBRUM2N0M2RkZGMzBEOUFBOUI5Q0NFOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpfBcc1SwkuL8xHkqGRGC+63j1
T/xk55+bcqSy98Kbc6MCZO9CWS+BBOTQ0rIb7bG4RgopnOR62wUlC4AtGrET/ijU
F8dG8hT3f6R9wAw9Su0SjokSFja3S6gVpqk+QXdVJgYTcl/BoKRE0SgcLXw2QeD0
lfvm3cfIJwgWfxLvC1UuBIC1Id9UCkF/H600liDvQezc7lYTPHNPKezYg8XwhdD6
9HFiWdyNmUMcfcyOMmt9psUIhYsc9G3GD+RShaF7PCygvfKZL5sC1LIpA31xGXbc
KeqE7/cNA9hYnEr/d8fKEBnIiFmGSfT/OgC+5bE6FIYY9AmlhqMn4Uww9DgxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUajpvcULP62Guxnxv/zDZqpuczpkwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTM2MzcyZTMy
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uacZMA0GCSqGSIb3DQEBCwUAA4IBAQCVxsJbef8eZ6Cj10tBScE1NSICpKrGHmd7
eiwOOxbWIxhH1gBaHfFaTfAq248D56Z50oQ5/TY8PhV/71PyWvf/uuA4ww/nMCBz
VEd3TDQNfio7jTTlzYapKyOZqTz5JQzERGQaz55KxrNwjqn0TueMVwUDGJZTGhk7
SFZrZbEPr5SnsT7/5ReYrRfvEHIGKSnrsfIlOLhrHAm8EAfgJQajQzSRCPtFC6qG
cr/kBdUjWIW3sx+SzV1m3djom5yfmjFoRd0HJUr11+t60vNoeflgBR3vNU4isO0J
rhDfyurRAZlCu3FyHdhon30fyR2jFQIN01aFqzhetb9qn36YeXbT
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org