Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3230322e3134352e302f32342d3234203d3e203630343538.roa
File: 3138352e3230322e3134352e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: nDXO7yXyC/Nn/Xe6lPY2ju2y9VL6B45N2Dn5QCb1Pe8=
Subject key identifier: 40:5F:DA:C0:7D:AF:7A:59:90:68:89:EB:CA:A5:DA:07:FF:39:42:CB
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 7899510938F6F4AB602E2B16D815561BB46E24BC
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3230322e3134352e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:16 +0000
ROA not before: Mon 03 Jun 2024 06:00:16 +0000
ROA not after: Mon 02 Jun 2025 06:05:16 +0000
asID: 60458
IP address blocks: 185.202.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:99:51:09:38:f6:f4:ab:60:2e:2b:16:d8:15:56:1b:b4:6e:24:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:16 2024 GMT
Not After : Jun 2 06:05:16 2025 GMT
Subject: CN=405FDAC07DAF7A59906889EBCAA5DA07FF3942CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9e:cd:20:d3:38:58:47:1c:86:9b:a9:27:02:
8a:9d:9a:7f:01:38:bf:7d:6c:49:87:53:3c:e3:8b:
21:f3:cd:17:bd:b7:c7:f3:85:ca:f3:9d:61:6f:5b:
38:d0:90:33:6b:79:89:c8:b5:e0:07:b6:b1:b3:d8:
5c:90:c9:0d:c2:b1:e4:5d:f5:d3:3a:27:64:c0:71:
3d:22:e3:c5:b2:a4:64:16:ac:59:ac:d0:05:dd:51:
99:a7:d3:2f:96:a3:3d:8f:58:4b:b8:9d:25:ea:b9:
a3:46:77:79:ef:77:21:52:87:96:1e:eb:9e:ba:3c:
8e:71:ca:d8:57:72:a2:09:f1:4e:05:32:9f:0a:d2:
9b:30:5b:5e:c0:5d:da:19:e9:43:3d:ae:cc:ee:5d:
f7:7e:5f:6a:89:3a:3d:31:b1:a9:7a:2f:9d:8d:df:
5b:15:eb:fd:87:be:25:f4:c8:96:1e:a9:e9:c6:3c:
ca:92:de:d2:2b:86:e9:81:32:46:f9:12:97:8f:f3:
18:8d:3d:bc:07:09:f5:80:8b:1d:28:22:53:57:b5:
67:3c:b7:d9:4f:26:05:2b:b8:3a:9e:5a:42:54:34:
63:e5:e5:84:dd:22:cd:f6:6d:2b:5d:cd:49:8a:2b:
d6:85:6c:85:0e:e0:62:64:eb:f0:75:e9:ab:38:d0:
11:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:5F:DA:C0:7D:AF:7A:59:90:68:89:EB:CA:A5:DA:07:FF:39:42:CB
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3230322e3134352e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.145.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:97:b2:1d:0a:86:59:72:6d:bd:cf:41:dd:cb:1a:39:89:61:
8b:bf:b3:83:84:e6:c8:51:e5:24:87:4b:a4:2d:fe:90:7e:d3:
7e:06:ec:ec:f0:5d:9d:f9:8e:c9:35:57:31:b3:cb:fc:3b:c2:
cf:63:a7:58:78:49:4d:9a:a4:95:6d:6b:6b:81:95:0c:e7:b3:
c8:7a:01:22:a2:dc:c6:22:28:07:8c:91:84:2e:1d:64:7c:a1:
b0:13:39:1a:7f:fb:4c:0e:a7:ea:b2:1e:a1:19:99:a5:ec:2d:
88:ca:bd:51:ea:ae:1e:9f:eb:0b:a3:52:95:70:e6:dc:45:c4:
24:e0:4c:9b:b9:1c:98:9a:8b:c1:52:25:94:ce:f4:17:73:e0:
c6:68:6d:69:cc:2e:4f:6d:51:08:b0:b3:c1:79:71:e4:45:73:
33:5a:41:26:b4:f0:e5:5a:74:65:42:2d:7f:f4:c9:38:a2:3d:
57:bb:92:f8:9d:c6:02:fe:20:8b:43:f6:22:41:86:71:cf:f8:
ad:c7:b0:4d:4b:89:ac:c3:45:c2:8c:45:1d:69:77:47:ec:7a:
df:93:2e:0c:ca:d8:06:d0:55:2b:ca:7f:58:f7:ad:6d:7a:d6:
9e:97:ba:92:18:e3:fb:f1:11:7a:6b:39:e5:98:b7:b0:39:c1:
22:20:92:2d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeJlRCTj29KtgLisW2BVWG7RuJLwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTZaFw0yNTA2MDIwNjA1MTZaMDMxMTAvBgNV
BAMTKDQwNUZEQUMwN0RBRjdBNTk5MDY4ODlFQkNBQTVEQTA3RkYzOTQyQ0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXns0g0zhYRxyGm6knAoqdmn8B
OL99bEmHUzzjiyHzzRe9t8fzhcrznWFvWzjQkDNreYnIteAHtrGz2FyQyQ3CseRd
9dM6J2TAcT0i48WypGQWrFms0AXdUZmn0y+Woz2PWEu4nSXquaNGd3nvdyFSh5Ye
6566PI5xythXcqIJ8U4FMp8K0pswW17AXdoZ6UM9rszuXfd+X2qJOj0xsal6L52N
31sV6/2HviX0yJYeqenGPMqS3tIrhumBMkb5EpeP8xiNPbwHCfWAix0oIlNXtWc8
t9lPJgUruDqeWkJUNGPl5YTdIs32bStdzUmKK9aFbIUO4GJk6/B16as40BFtAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUQF/awH2velmQaInryqXaB/85QsswHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMwMzIyZTMx
MzQzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNDM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5ypEwDQYJKoZIhvcNAQELBQADggEBAGuXsh0Khllybb3PQd3LGjmJYYu/s4OE
5shR5SSHS6Qt/pB+034G7OzwXZ35jsk1VzGzy/w7ws9jp1h4SU2apJVta2uBlQzn
s8h6ASKi3MYiKAeMkYQuHWR8obATORp/+0wOp+qyHqEZmaXsLYjKvVHqrh6f6wuj
UpVw5txFxCTgTJu5HJiai8FSJZTO9Bdz4MZobWnMLk9tUQiws8F5ceRFczNaQSa0
8OVadGVCLX/0yTiiPVe7kvidxgL+IItD9iJBhnHP+K3HsE1LiazDRcKMRR1pd0fs
et+TLgzK2AbQVSvKf1j3rW161p6XupIY4/vxEXprOeWYt7A5wSIgki0=
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:50 2024 by rpki-client on console-fra.rpki-client.org