Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231352e3131342e302f32342d3234203d3e203631333137.roa
File: 3138352e3231352e3131342e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: xXyOVH/36PSoLLnN/ttYaRQNeWh9XvGmEpunILoiF1M=
Subject key identifier: 19:0A:B5:E3:7C:C4:0A:FB:92:4C:76:9E:EA:AD:DA:DD:AE:45:5D:66
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 166DB7AB5D8BE0327F38C2E79DFC655DF45B9EB4
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231352e3131342e302f32342d3234203d3e203631333137.roa
Signing time: Mon 03 Jun 2024 12:05:18 +0000
ROA not before: Mon 03 Jun 2024 12:00:18 +0000
ROA not after: Mon 02 Jun 2025 12:05:18 +0000
asID: 61317
IP address blocks: 185.215.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:6d:b7:ab:5d:8b:e0:32:7f:38:c2:e7:9d:fc:65:5d:f4:5b:9e:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 12:00:18 2024 GMT
Not After : Jun 2 12:05:18 2025 GMT
Subject: CN=190AB5E37CC40AFB924C769EEAADDADDAE455D66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:de:5f:f3:fe:db:51:78:d4:7e:cf:39:ad:f7:
9c:3f:2d:68:b4:28:13:80:c2:4c:32:d6:4a:49:f6:
07:9a:32:0e:72:78:4f:db:8c:75:f2:cd:5f:4d:79:
c1:d5:e2:44:34:31:66:dc:dc:12:e7:de:5b:c8:f5:
94:5c:e8:1c:56:e4:58:0d:a2:f6:3e:a2:d4:ca:29:
e6:1e:b1:0c:a5:5b:48:3a:9a:ac:2e:65:5a:08:89:
4b:61:75:dd:d9:97:b6:ef:40:d6:24:06:f0:be:14:
ec:70:13:ca:ee:ac:6d:6f:3d:b4:78:2b:37:a0:05:
b0:07:66:fa:da:be:81:c6:00:c3:02:76:98:f3:2c:
bc:ea:66:69:73:36:56:30:b2:c9:5f:fd:2c:13:ed:
87:ff:47:b3:8a:a3:69:0e:5a:8f:a6:d9:56:c0:52:
f8:f0:7e:ee:d5:ca:26:ac:8c:fc:33:7d:c7:3c:5d:
91:83:11:9b:b8:0e:be:a7:51:99:ff:48:2f:4a:22:
3e:65:9b:a3:88:e5:2f:0b:9e:4e:b5:00:6c:4b:30:
cf:54:69:ab:fa:1b:2e:ec:81:b9:ff:2e:4d:f7:38:
6d:ca:81:bb:50:6e:a8:bf:71:e6:e2:13:b7:d8:30:
3c:9b:03:89:20:78:cd:b7:bb:f4:27:db:22:f2:19:
68:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:0A:B5:E3:7C:C4:0A:FB:92:4C:76:9E:EA:AD:DA:DD:AE:45:5D:66
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231352e3131342e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.114.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:a5:5d:bb:3e:61:7d:81:c3:14:ec:de:e2:1e:58:a9:b2:16:
0d:65:b8:a6:7d:c4:3b:91:ae:f5:8e:23:e0:1b:ea:fe:09:c9:
05:bd:a2:ea:f6:67:24:a6:0d:b3:8b:8d:9a:87:23:ec:52:a4:
67:f4:bf:a0:9e:1c:dc:cd:56:5a:95:8c:c2:5e:3f:04:16:25:
cc:ed:f1:97:0c:4e:8d:1f:d1:79:23:1f:e0:4d:b1:5c:47:b6:
95:cf:fa:4b:16:86:5e:ba:6d:a4:f2:55:18:0b:a8:4a:8c:25:
6e:a1:c5:fd:47:d5:a9:cd:89:eb:fa:34:18:c5:77:f3:64:92:
a8:64:1a:6f:96:df:f5:f9:83:c0:e7:e1:77:9d:74:ff:6c:74:
d6:da:3e:06:30:8f:30:53:99:1e:7a:ea:7d:a1:a5:e7:2c:6b:
47:1a:a2:29:91:4f:29:01:a5:59:f8:91:31:a9:f4:05:cc:a3:
63:19:7d:32:96:c2:7f:b0:98:84:7f:70:39:6c:96:25:79:85:
d4:47:9f:f2:5a:29:1b:10:85:aa:e3:00:08:c5:8d:28:57:c1:
e5:fd:15:a0:0a:18:41:94:49:cb:ca:b7:42:49:f7:29:45:26:
7b:b7:6b:b9:bf:bc:1f:2d:d4:31:55:4d:04:03:9d:f8:9f:ca:
5e:9a:fa:ff
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFm23q12L4DJ/OMLnnfxlXfRbnrQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMxMjAwMThaFw0yNTA2MDIxMjA1MThaMDMxMTAvBgNV
BAMTKDE5MEFCNUUzN0NDNDBBRkI5MjRDNzY5RUVBQUREQUREQUU0NTVENjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCT3l/z/ttReNR+zzmt95w/LWi0
KBOAwkwy1kpJ9geaMg5yeE/bjHXyzV9NecHV4kQ0MWbc3BLn3lvI9ZRc6BxW5FgN
ovY+otTKKeYesQylW0g6mqwuZVoIiUthdd3Zl7bvQNYkBvC+FOxwE8rurG1vPbR4
KzegBbAHZvravoHGAMMCdpjzLLzqZmlzNlYwsslf/SwT7Yf/R7OKo2kOWo+m2VbA
Uvjwfu7VyiasjPwzfcc8XZGDEZu4Dr6nUZn/SC9KIj5lm6OI5S8Lnk61AGxLMM9U
aav6Gy7sgbn/Lk33OG3KgbtQbqi/cebiE7fYMDybA4kgeM23u/Qn2yLyGWh7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUGQq143zECvuSTHae6q3a3a5FXWYwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMxMzUyZTMx
MzEzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC513IwDQYJKoZIhvcNAQELBQADggEBAH6lXbs+YX2BwxTs3uIeWKmyFg1luKZ9
xDuRrvWOI+Ab6v4JyQW9our2ZySmDbOLjZqHI+xSpGf0v6CeHNzNVlqVjMJePwQW
Jczt8ZcMTo0f0XkjH+BNsVxHtpXP+ksWhl66baTyVRgLqEqMJW6hxf1H1anNiev6
NBjFd/NkkqhkGm+W3/X5g8Dn4XeddP9sdNbaPgYwjzBTmR566n2hpecsa0caoimR
TykBpVn4kTGp9AXMo2MZfTKWwn+wmIR/cDlsliV5hdRHn/JaKRsQharjAAjFjShX
weX9FaAKGEGUScvKt0JJ9ylFJnu3a7m/vB8t1DFVTQQDnfifyl6a+v8=
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:50 2024 by rpki-client on console-fra.rpki-client.org