Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136372e32362e302f32342d3234203d3e203630343538.roa
File: 3138352e3136372e32362e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: O69sqtNFc4fPuNyqGjOM4FatZVNxxGea7spNYxzpgA4=
Subject key identifier: FD:E4:11:B5:B4:53:70:0E:31:BC:87:F7:98:99:03:DB:7B:51:E6:08
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 7981014578EE052A83038F8E750E2DE7B12A0870
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136372e32362e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:17 +0000
ROA not before: Mon 03 Jun 2024 06:00:17 +0000
ROA not after: Mon 02 Jun 2025 06:05:17 +0000
asID: 60458
IP address blocks: 185.167.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:81:01:45:78:ee:05:2a:83:03:8f:8e:75:0e:2d:e7:b1:2a:08:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:17 2024 GMT
Not After : Jun 2 06:05:17 2025 GMT
Subject: CN=FDE411B5B453700E31BC87F7989903DB7B51E608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:41:f0:bb:74:52:9f:1d:05:9b:95:07:29:94:
e8:46:03:b1:02:87:dc:e3:f5:27:11:27:d0:e2:f0:
74:f1:ca:01:36:fb:45:6a:7f:69:ac:5f:2e:e8:b3:
4a:4a:5a:cc:ed:e3:11:f6:e7:a8:83:3a:44:6a:62:
2b:fc:e1:63:e2:63:3f:cf:7d:6e:da:f3:fe:9a:e6:
a4:5c:63:0c:c7:96:0c:53:fb:36:ac:5c:11:cb:e3:
ac:53:a9:78:fa:54:9b:0e:26:99:38:60:39:f0:77:
ad:63:6b:60:03:5d:19:1f:be:8b:e9:0c:7c:25:61:
ed:77:b0:33:a2:d6:03:a5:24:b9:73:db:8f:1c:88:
9e:1b:39:60:6d:4f:75:d9:14:76:be:55:7e:1f:3a:
30:19:7d:2e:fd:fb:42:30:3d:e9:61:7a:97:dd:ed:
f5:ac:ff:54:90:f9:f9:a2:0c:2d:88:22:24:68:e5:
c4:5e:24:a6:85:25:b8:16:55:86:8a:23:4e:3b:cf:
4d:77:8d:6e:7c:f3:d6:ca:2e:11:54:80:d7:99:6a:
10:7a:ff:69:e9:5d:b1:4d:86:4b:a5:ff:6c:f4:e7:
0a:de:39:04:cf:e8:65:fd:d4:3b:6a:c6:cd:ae:24:
40:fc:7e:4f:50:8a:9f:1a:35:d7:60:6d:ee:71:ec:
90:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:E4:11:B5:B4:53:70:0E:31:BC:87:F7:98:99:03:DB:7B:51:E6:08
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136372e32362e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.26.0/24
Signature Algorithm: sha256WithRSAEncryption
db:fd:a2:3c:3a:9d:0a:44:d3:6e:1e:ea:85:b7:5a:5e:fd:0e:
06:b3:7d:a9:b8:2f:20:4f:49:ed:dd:34:da:a4:d0:2a:a1:ef:
97:ce:8b:79:10:5c:ad:9a:d5:4b:ce:84:e2:e3:f3:0c:fb:6b:
78:eb:03:53:19:ac:44:06:4f:4f:90:73:3a:b3:ea:f3:d3:23:
7b:fd:f0:b5:2f:1b:26:a7:22:ee:32:24:42:9d:ab:aa:8c:db:
87:8c:81:98:56:81:f9:4c:ca:2b:ce:df:64:71:dd:81:b5:13:
59:7c:2c:f7:30:5d:5a:25:ea:9a:b4:9c:9e:68:f8:fa:d6:f7:
32:dd:b8:00:89:58:59:6c:7b:dd:05:25:d7:61:bf:d0:2b:ce:
dd:7f:5f:4c:18:e4:7c:30:bf:48:67:88:94:d3:af:42:8e:59:
e5:a4:e5:f1:70:c8:48:f4:dd:06:f1:a6:c7:21:ce:39:3c:cd:
fe:1a:87:ad:87:39:cd:58:18:a7:de:0f:7f:f3:82:e5:7e:83:
24:4f:7f:ec:07:ca:9c:f3:a6:b2:cf:b2:5b:b9:6b:a3:0f:57:
42:ea:a2:a1:ea:6d:a0:7f:71:c2:da:a8:79:86:39:93:63:94:
e7:4b:b3:21:af:30:df:72:df:74:40:01:fc:da:8f:17:06:7e:
41:9c:f8:2c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUeYEBRXjuBSqDA4+OdQ4t57EqCHAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTdaFw0yNTA2MDIwNjA1MTdaMDMxMTAvBgNV
BAMTKEZERTQxMUI1QjQ1MzcwMEUzMUJDODdGNzk4OTkwM0RCN0I1MUU2MDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdQfC7dFKfHQWblQcplOhGA7EC
h9zj9ScRJ9Di8HTxygE2+0Vqf2msXy7os0pKWszt4xH256iDOkRqYiv84WPiYz/P
fW7a8/6a5qRcYwzHlgxT+zasXBHL46xTqXj6VJsOJpk4YDnwd61ja2ADXRkfvovp
DHwlYe13sDOi1gOlJLlz248ciJ4bOWBtT3XZFHa+VX4fOjAZfS79+0IwPelhepfd
7fWs/1SQ+fmiDC2IIiRo5cReJKaFJbgWVYaKI047z013jW5889bKLhFUgNeZahB6
/2npXbFNhkul/2z05wreOQTP6GX91Dtqxs2uJED8fk9Qip8aNddgbe5x7JAPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU/eQRtbRTcA4xvIf3mJkD23tR5ggwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTM2MzcyZTMy
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uacaMA0GCSqGSIb3DQEBCwUAA4IBAQDb/aI8Op0KRNNuHuqFt1pe/Q4Gs32puC8g
T0nt3TTapNAqoe+Xzot5EFytmtVLzoTi4/MM+2t46wNTGaxEBk9PkHM6s+rz0yN7
/fC1LxsmpyLuMiRCnauqjNuHjIGYVoH5TMorzt9kcd2BtRNZfCz3MF1aJeqatJye
aPj61vcy3bgAiVhZbHvdBSXXYb/QK87df19MGOR8ML9IZ4iU069CjlnlpOXxcMhI
9N0G8abHIc45PM3+GoethznNWBin3g9/84LlfoMkT3/sB8qc86ayz7JbuWujD1dC
6qKh6m2gf3HC2qh5hjmTY5TnS7MhrzDfct90QAH82o8XBn5BnPgs
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org