Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3230322e3134372e302f32342d3234203d3e203630343538.roa
File: 3138352e3230322e3134372e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: PHUCS8BTbDObAnUZclrhwWptBZTxV794GCvmFvLScak=
Subject key identifier: EF:9C:A8:74:CB:F6:D1:25:AB:90:E3:B1:1A:95:D4:FC:5E:6C:5B:0B
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 2314ACB3473462AD535C3B9116AB8B808B7D206D
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3230322e3134372e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:16 +0000
ROA not before: Mon 03 Jun 2024 06:00:16 +0000
ROA not after: Mon 02 Jun 2025 06:05:16 +0000
asID: 60458
IP address blocks: 185.202.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:14:ac:b3:47:34:62:ad:53:5c:3b:91:16:ab:8b:80:8b:7d:20:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:16 2024 GMT
Not After : Jun 2 06:05:16 2025 GMT
Subject: CN=EF9CA874CBF6D125AB90E3B11A95D4FC5E6C5B0B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e8:29:78:4d:d2:69:ce:62:86:9c:83:28:25:
55:e5:78:55:bc:50:11:e5:b3:c7:92:21:56:91:34:
3e:24:4e:58:e5:bb:23:45:fa:5e:ff:f5:1d:f4:4f:
d0:0a:40:7f:46:b7:8c:59:07:21:f6:b9:45:2f:8c:
0d:c2:53:0b:ba:00:77:a1:b1:20:1c:47:69:09:d5:
13:b7:0b:f6:ba:ab:61:f5:32:cc:2b:7a:7f:14:15:
3b:8c:04:70:bd:c1:f5:d0:26:b2:e7:e6:d0:75:a1:
12:70:81:f4:6d:81:15:a4:15:0e:9f:88:50:fd:0a:
92:34:04:8d:a2:c8:84:42:5a:8f:38:56:a0:2f:c9:
61:8d:56:35:7a:3c:ea:d9:35:e8:a6:f3:8d:4c:a0:
d7:70:a4:be:01:9d:cc:f5:fa:40:a6:98:e2:d9:e4:
7d:33:c0:b8:ad:99:8f:dc:7b:ee:29:4a:bd:14:48:
5d:9b:5b:fd:9e:18:ed:1e:aa:da:97:70:28:83:1a:
e4:15:dc:44:15:0d:eb:ec:5f:be:b4:fe:b5:e7:08:
e4:81:34:ef:26:32:df:8d:55:cb:83:6a:af:04:e7:
d0:da:4e:30:0a:cc:57:e1:df:ce:57:f9:92:f5:35:
ce:b9:02:c2:59:7d:29:75:94:ff:d6:06:1d:ba:3a:
e8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:9C:A8:74:CB:F6:D1:25:AB:90:E3:B1:1A:95:D4:FC:5E:6C:5B:0B
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3230322e3134372e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.147.0/24
Signature Algorithm: sha256WithRSAEncryption
05:ce:62:ee:c7:30:00:4e:51:ff:ae:61:30:e2:a4:16:29:b5:
25:ce:72:4c:a3:0b:9a:b6:7e:a3:54:58:da:b2:7f:4a:1f:7e:
17:7d:cd:c1:81:b9:68:f4:89:d7:db:56:e9:bb:29:2a:d5:45:
4e:74:dc:87:33:21:4e:26:4b:f4:a1:97:e7:aa:0b:db:b4:f4:
37:10:f9:31:31:8d:36:57:30:1c:40:35:18:64:c2:2e:da:79:
58:f2:a0:82:0b:b1:1c:1c:69:5c:31:21:6c:af:97:c7:56:ba:
1f:65:27:2a:bf:77:ab:8d:29:4d:85:b3:fe:d8:ef:f8:bf:e2:
9a:a9:6c:04:2a:6f:73:93:0e:5e:97:06:d9:ba:ca:a1:2c:ad:
90:f6:c0:47:25:43:97:fd:f3:b9:8b:ed:fd:2b:ad:f7:ee:44:
64:85:51:e7:3c:d8:70:08:71:18:9c:70:1c:2c:a1:6e:c1:6b:
21:1b:5c:54:bd:f9:89:d5:4f:4e:fd:ff:5e:b1:35:a0:46:c6:
83:27:a9:35:ce:73:58:be:08:db:df:6f:11:79:3e:90:38:48:
3b:af:a5:17:f4:b9:13:02:c9:45:56:a3:b3:87:53:64:63:12:
1d:a0:84:a7:e7:ef:37:45:c5:d3:a2:7c:f5:1e:95:99:1a:2f:
18:5b:36:a2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIxSss0c0Yq1TXDuRFquLgIt9IG0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTZaFw0yNTA2MDIwNjA1MTZaMDMxMTAvBgNV
BAMTKEVGOUNBODc0Q0JGNkQxMjVBQjkwRTNCMTFBOTVENEZDNUU2QzVCMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC6Cl4TdJpzmKGnIMoJVXleFW8
UBHls8eSIVaRND4kTljluyNF+l7/9R30T9AKQH9Gt4xZByH2uUUvjA3CUwu6AHeh
sSAcR2kJ1RO3C/a6q2H1Mswren8UFTuMBHC9wfXQJrLn5tB1oRJwgfRtgRWkFQ6f
iFD9CpI0BI2iyIRCWo84VqAvyWGNVjV6POrZNeim841MoNdwpL4Bncz1+kCmmOLZ
5H0zwLitmY/ce+4pSr0USF2bW/2eGO0eqtqXcCiDGuQV3EQVDevsX760/rXnCOSB
NO8mMt+NVcuDaq8E59DaTjAKzFfh385X+ZL1Nc65AsJZfSl1lP/WBh26OuhdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU75yodMv20SWrkOOxGpXU/F5sWwswHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMwMzIyZTMx
MzQzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNDM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5ypMwDQYJKoZIhvcNAQELBQADggEBAAXOYu7HMABOUf+uYTDipBYptSXOckyj
C5q2fqNUWNqyf0offhd9zcGBuWj0idfbVum7KSrVRU503IczIU4mS/Shl+eqC9u0
9DcQ+TExjTZXMBxANRhkwi7aeVjyoIILsRwcaVwxIWyvl8dWuh9lJyq/d6uNKU2F
s/7Y7/i/4pqpbAQqb3OTDl6XBtm6yqEsrZD2wEclQ5f987mL7f0rrffuRGSFUec8
2HAIcRiccBwsoW7BayEbXFS9+YnVT079/16xNaBGxoMnqTXOc1i+CNvfbxF5PpA4
SDuvpRf0uRMCyUVWo7OHU2RjEh2ghKfn7zdFxdOifPUelZkaLxhbNqI=
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org