Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3230322e3134362e302f32342d3234203d3e203630343538.roa
File: 3138352e3230322e3134362e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: y27l7FcbjPrTjnX8z1wdr/al0A0s6C1HocBfG9YczUM=
Subject key identifier: 33:9B:C8:32:F3:AB:77:BA:EC:E5:03:56:CD:90:B3:F8:19:C2:06:C4
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 64D9DD571DC8E902E00AE3508F372DA2C7490025
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3230322e3134362e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:17 +0000
ROA not before: Mon 03 Jun 2024 06:00:17 +0000
ROA not after: Mon 02 Jun 2025 06:05:17 +0000
asID: 60458
IP address blocks: 185.202.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:d9:dd:57:1d:c8:e9:02:e0:0a:e3:50:8f:37:2d:a2:c7:49:00:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:17 2024 GMT
Not After : Jun 2 06:05:17 2025 GMT
Subject: CN=339BC832F3AB77BAECE50356CD90B3F819C206C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f4:c3:91:d7:c6:1c:2e:eb:db:71:3b:80:69:
50:7a:78:c2:d1:4e:6b:1f:17:c8:bd:7c:d4:39:b6:
42:c5:f1:08:df:33:81:e0:db:43:63:41:de:8b:da:
23:ac:ed:9d:60:82:c2:f9:02:18:91:a1:92:be:0d:
08:1e:dc:28:24:b9:e4:b9:2d:58:28:92:04:a4:b9:
7e:59:fe:da:ff:31:fc:51:b4:99:f3:4b:15:44:a9:
cd:b1:ed:c8:ae:e7:fb:3c:ae:b4:a3:88:69:09:97:
f0:32:8b:0c:d7:09:66:5a:bc:68:3a:17:b3:23:8b:
87:82:58:32:fa:66:3d:1c:f6:05:4b:f7:d7:94:6a:
65:bb:37:d6:33:59:e1:80:ab:62:67:d3:7f:de:c6:
a5:c9:a6:27:f4:df:d8:bc:01:cd:0a:c5:55:20:49:
1d:b4:8c:15:07:e2:3f:59:b0:7b:23:86:43:a6:73:
44:9f:53:a0:4c:f7:2c:b8:4b:9e:87:88:cd:02:9f:
49:b1:8b:e8:08:fa:0e:f3:8d:d8:e5:55:eb:3a:cd:
05:0a:a9:c6:f0:31:4c:50:84:66:47:1c:be:43:e3:
45:27:98:0d:5d:9a:6a:69:bf:3a:2b:76:82:fb:f3:
b7:90:44:44:1b:d8:3b:13:2e:be:fd:42:09:c7:0e:
30:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:9B:C8:32:F3:AB:77:BA:EC:E5:03:56:CD:90:B3:F8:19:C2:06:C4
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3230322e3134362e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.146.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:0a:bb:21:9a:e8:08:b1:44:54:ad:15:f8:21:92:3b:cb:92:
f4:8e:a8:d7:28:e2:a7:ff:df:6e:55:32:e4:c3:09:f7:33:e0:
43:f9:6e:a3:23:19:32:98:01:1b:2e:5a:e9:62:02:ec:2c:63:
7e:ab:12:93:60:f9:6c:17:bd:22:a3:1f:4d:f2:ed:f3:74:3d:
87:c0:97:ce:dc:f4:8d:2b:a6:ac:84:48:6c:2a:26:ae:1f:c1:
65:cc:74:d8:ec:7a:81:47:57:82:d4:3c:2f:26:f7:86:db:3b:
cb:fb:11:9b:1f:65:89:e8:51:4d:c2:05:0c:15:b6:7b:cc:f4:
0e:31:ad:64:ec:37:c7:f1:7d:5d:8e:18:14:5e:cb:a2:b9:00:
51:80:70:84:1e:5c:4d:c7:3b:4e:9a:20:69:3c:91:1a:9d:69:
78:9e:4b:5b:20:27:c5:91:ea:cf:8a:7a:e0:2c:31:6e:bf:d8:
b2:59:b9:3e:ee:6c:14:b8:ac:01:1a:28:22:b9:b5:cb:5c:4f:
77:53:93:5f:91:b6:65:78:13:14:1e:03:7e:e6:89:9d:3e:03:
45:5d:73:13:c9:1d:6c:24:ba:5a:e8:48:63:ee:9f:03:e6:33:
37:75:7c:85:8a:c4:a6:51:41:a3:98:61:d4:03:54:a2:bb:92:
83:27:b8:4b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZNndVx3I6QLgCuNQjzctosdJACUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTdaFw0yNTA2MDIwNjA1MTdaMDMxMTAvBgNV
BAMTKDMzOUJDODMyRjNBQjc3QkFFQ0U1MDM1NkNEOTBCM0Y4MTlDMjA2QzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC49MOR18YcLuvbcTuAaVB6eMLR
TmsfF8i9fNQ5tkLF8QjfM4Hg20NjQd6L2iOs7Z1ggsL5AhiRoZK+DQge3CgkueS5
LVgokgSkuX5Z/tr/MfxRtJnzSxVEqc2x7ciu5/s8rrSjiGkJl/AyiwzXCWZavGg6
F7Mji4eCWDL6Zj0c9gVL99eUamW7N9YzWeGAq2Jn03/exqXJpif039i8Ac0KxVUg
SR20jBUH4j9ZsHsjhkOmc0SfU6BM9yy4S56HiM0Cn0mxi+gI+g7zjdjlVes6zQUK
qcbwMUxQhGZHHL5D40UnmA1dmmppvzordoL787eQREQb2DsTLr79QgnHDjDpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUM5vIMvOrd7rs5QNWzZCz+BnCBsQwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMwMzIyZTMx
MzQzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNDM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5ypIwDQYJKoZIhvcNAQELBQADggEBAMAKuyGa6AixRFStFfghkjvLkvSOqNco
4qf/325VMuTDCfcz4EP5bqMjGTKYARsuWuliAuwsY36rEpNg+WwXvSKjH03y7fN0
PYfAl87c9I0rpqyESGwqJq4fwWXMdNjseoFHV4LUPC8m94bbO8v7EZsfZYnoUU3C
BQwVtnvM9A4xrWTsN8fxfV2OGBRey6K5AFGAcIQeXE3HO06aIGk8kRqdaXieS1sg
J8WR6s+KeuAsMW6/2LJZuT7ubBS4rAEaKCK5tctcT3dTk1+RtmV4ExQeA37miZ0+
A0VdcxPJHWwkulroSGPunwPmMzd1fIWKxKZRQaOYYdQDVKK7koMnuEs=
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:50 2024 by rpki-client on console-fra.rpki-client.org