Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3230322e3134342e302f32342d3234203d3e203630343538.roa
File: 3138352e3230322e3134342e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: wMbONWZYzoFpIJkzzGLtbCPOiclU0tDOMOsZQEZWQ2c=
Subject key identifier: 71:4E:56:4D:DC:1C:4E:8D:13:E4:31:28:C4:F2:BE:02:E8:01:4E:29
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 367D12212A7762816F25AF02219028BBF8EBCC15
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3230322e3134342e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:17 +0000
ROA not before: Mon 03 Jun 2024 06:00:17 +0000
ROA not after: Mon 02 Jun 2025 06:05:17 +0000
asID: 60458
IP address blocks: 185.202.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:7d:12:21:2a:77:62:81:6f:25:af:02:21:90:28:bb:f8:eb:cc:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:17 2024 GMT
Not After : Jun 2 06:05:17 2025 GMT
Subject: CN=714E564DDC1C4E8D13E43128C4F2BE02E8014E29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:54:ff:38:d6:d0:c1:6e:b8:0f:35:4a:ed:82:
6c:9b:95:52:1a:d8:2f:08:42:62:67:a2:f7:fa:e8:
e3:0a:cf:d3:a5:27:73:99:96:6f:88:7b:47:ab:af:
55:2c:1e:5e:99:91:3a:e8:81:64:c7:6d:91:12:a0:
28:07:e9:6c:c8:d6:e3:9b:f7:6e:11:a4:74:57:68:
72:4a:a7:08:c1:23:5c:d8:99:82:14:49:4d:a8:45:
73:91:e9:a2:cb:61:ce:a7:74:39:4f:4f:86:94:3d:
9a:03:55:6a:66:48:30:60:44:88:ba:e9:1a:62:04:
0b:97:2b:ce:9d:97:c6:33:de:d3:6c:83:5d:c3:aa:
b8:99:24:d2:54:fd:a9:74:92:4f:63:67:c2:8d:3e:
54:4b:9b:0a:83:dc:74:4b:0d:85:a3:16:b3:0c:58:
a0:9f:9a:a3:f4:cb:10:af:12:26:94:f1:8b:2a:fe:
6f:d2:6d:25:82:6f:3e:51:93:2e:cd:8b:34:96:19:
11:00:f8:b2:69:63:e5:52:8f:e0:90:bd:20:51:eb:
70:0a:f4:27:87:75:3c:fa:8e:31:6e:ba:7f:de:09:
26:69:35:f6:36:31:cc:d2:d7:ca:bd:da:46:58:c9:
d9:76:6c:c0:76:d8:34:e2:d8:e6:79:39:a6:29:03:
09:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:4E:56:4D:DC:1C:4E:8D:13:E4:31:28:C4:F2:BE:02:E8:01:4E:29
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3230322e3134342e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.144.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:0c:8b:af:55:85:3f:82:23:2c:52:40:cd:24:4b:0b:c1:60:
24:46:36:92:49:8b:64:52:56:06:ef:21:c1:ee:c9:7e:ba:7c:
fd:15:da:22:12:5d:30:8c:c0:46:9f:ed:b5:f3:c2:ef:ec:d5:
6e:b6:74:ba:39:53:98:f7:55:4f:07:b6:28:04:00:5d:3e:3c:
b2:d8:41:75:6f:c0:bb:a5:df:ed:49:59:e2:39:84:26:b5:b5:
53:d0:2f:6f:9e:50:08:76:54:7b:25:69:fb:cf:69:17:18:b3:
35:08:c2:89:ed:d4:cb:52:f0:4a:d2:bb:bb:aa:4e:c5:1a:28:
9e:f1:6c:be:88:db:1f:6f:ef:a1:6b:87:aa:fe:c8:fe:5f:61:
49:68:d6:34:a1:e4:22:ed:fe:00:14:45:3e:f6:6d:48:9c:6b:
e2:62:74:55:ac:22:58:24:5c:e8:87:8f:a1:38:dc:56:61:11:
a2:8f:42:52:e4:94:1d:8b:96:1a:be:a7:ce:d2:6c:6a:37:ec:
91:0f:35:9a:21:77:59:3f:ac:af:6e:3b:d5:b0:8c:ee:04:76:
85:8b:e8:41:a3:3e:84:12:bd:f4:83:5a:30:56:ce:a5:c0:f3:
9e:bb:9c:e9:ad:a6:b9:52:24:c3:a1:bd:57:e3:e6:50:be:f4:
fd:92:76:b8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNn0SISp3YoFvJa8CIZAou/jrzBUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTdaFw0yNTA2MDIwNjA1MTdaMDMxMTAvBgNV
BAMTKDcxNEU1NjREREMxQzRFOEQxM0U0MzEyOEM0RjJCRTAyRTgwMTRFMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZVP841tDBbrgPNUrtgmyblVIa
2C8IQmJnovf66OMKz9OlJ3OZlm+Ie0err1UsHl6ZkTrogWTHbZESoCgH6WzI1uOb
924RpHRXaHJKpwjBI1zYmYIUSU2oRXOR6aLLYc6ndDlPT4aUPZoDVWpmSDBgRIi6
6RpiBAuXK86dl8Yz3tNsg13DqriZJNJU/al0kk9jZ8KNPlRLmwqD3HRLDYWjFrMM
WKCfmqP0yxCvEiaU8Ysq/m/SbSWCbz5Rky7NizSWGREA+LJpY+VSj+CQvSBR63AK
9CeHdTz6jjFuun/eCSZpNfY2MczS18q92kZYydl2bMB22DTi2OZ5OaYpAwldAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUcU5WTdwcTo0T5DEoxPK+AugBTikwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMwMzIyZTMx
MzQzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNDM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5ypAwDQYJKoZIhvcNAQELBQADggEBANYMi69VhT+CIyxSQM0kSwvBYCRGNpJJ
i2RSVgbvIcHuyX66fP0V2iISXTCMwEaf7bXzwu/s1W62dLo5U5j3VU8HtigEAF0+
PLLYQXVvwLul3+1JWeI5hCa1tVPQL2+eUAh2VHslafvPaRcYszUIwont1MtS8ErS
u7uqTsUaKJ7xbL6I2x9v76Frh6r+yP5fYUlo1jSh5CLt/gAURT72bUica+JidFWs
IlgkXOiHj6E43FZhEaKPQlLklB2Llhq+p87SbGo37JEPNZohd1k/rK9uO9WwjO4E
doWL6EGjPoQSvfSDWjBWzqXA8567nOmtprlSJMOhvVfj5lC+9P2Sdrg=
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org