Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231372e3134302e302f32342d3234203d3e203438363738.roa
File: 3138352e3231372e3134302e302f32342d3234203d3e203438363738.roa (raw, json)
Hash identifier: gCVgS3ZcB6Aer2kmwJn+4w5sBRS2hGCkLSO0WgwwYJw=
Subject key identifier: A2:42:0B:77:0A:20:5D:CC:4F:04:6C:94:60:D5:71:D6:A7:8C:60:16
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 31683F8739DDEF8F0C1A3320C559B52E4EB2CF34
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231372e3134302e302f32342d3234203d3e203438363738.roa
Signing time: Sat 02 Nov 2024 18:11:27 +0000
ROA not before: Sat 02 Nov 2024 18:06:27 +0000
ROA not after: Sat 01 Nov 2025 18:11:27 +0000
asID: 48678
IP address blocks: 185.217.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:68:3f:87:39:dd:ef:8f:0c:1a:33:20:c5:59:b5:2e:4e:b2:cf:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Nov 2 18:06:27 2024 GMT
Not After : Nov 1 18:11:27 2025 GMT
Subject: CN=A2420B770A205DCC4F046C9460D571D6A78C6016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:7d:a3:52:50:69:14:d4:34:ed:6b:56:53:83:
af:3f:8c:17:56:53:9f:85:6f:5c:b0:25:d0:21:ea:
10:88:10:5f:11:fe:34:5b:a1:03:1a:b2:6f:99:05:
de:21:63:5c:0c:4a:b2:9d:69:42:b2:41:47:4d:49:
30:0a:73:b4:36:4c:d0:09:b0:86:dc:37:96:3f:e1:
fd:10:cd:49:ff:a9:ed:5a:fc:41:c4:69:2f:e9:26:
3a:df:93:71:a3:5e:5d:5a:7b:e3:eb:d8:67:78:4d:
ea:7a:14:ea:e0:bd:01:41:10:e5:2b:16:9a:91:ce:
92:cc:72:1d:34:3c:5d:f2:77:47:9a:25:33:2e:5b:
0c:ed:0a:a4:9e:e2:e0:f0:7c:d3:3c:2b:bd:0a:9c:
22:17:e9:c8:6e:e4:70:6e:e4:99:5d:c1:69:47:8a:
e2:e8:29:3d:fc:48:c2:1e:22:a5:87:51:4b:41:c5:
2f:14:5f:c0:89:87:d7:ee:03:7f:33:79:54:ac:c3:
9e:f8:fe:f2:85:a3:3b:03:f1:93:6c:40:b2:14:67:
77:d7:e3:3f:17:5f:b6:a1:9a:47:56:cb:14:d8:f7:
ca:ec:10:37:f9:7e:af:f5:9b:ff:3c:46:2f:4f:47:
ec:9f:d6:1f:5a:71:8a:e0:97:52:31:3e:d8:65:b1:
4b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:42:0B:77:0A:20:5D:CC:4F:04:6C:94:60:D5:71:D6:A7:8C:60:16
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231372e3134302e302f32342d3234203d3e203438363738.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.140.0/24
Signature Algorithm: sha256WithRSAEncryption
58:7e:3d:de:c9:83:aa:4a:ac:16:3a:15:a5:b1:bb:ab:cf:37:
38:42:81:cf:82:33:19:68:6a:a4:bc:83:50:de:ee:30:36:65:
61:dd:ab:2a:e1:6e:c4:f0:42:80:a1:83:fa:b9:b6:e9:59:64:
45:de:f5:5f:f6:52:d3:99:4f:4b:fc:63:35:94:f0:3f:18:b3:
48:54:30:1f:b7:3b:63:12:33:0f:40:ce:9d:66:78:7b:06:4b:
b8:b8:53:24:50:ab:20:50:d1:62:f7:10:e3:aa:70:0b:98:69:
4d:48:43:1a:e4:ca:52:06:01:6b:66:df:6c:81:4a:5c:09:11:
e3:2f:cd:ff:94:67:d5:4d:5d:21:68:9e:f5:1c:7e:03:65:fb:
5a:36:01:32:ed:f0:cd:8a:15:b1:7f:c6:d7:e5:29:02:ec:58:
77:c8:b4:4e:6e:20:1f:ea:29:1e:00:7c:22:af:4c:a3:75:2f:
ac:fb:29:c1:c3:63:82:68:66:bd:66:65:ad:70:f6:b9:88:6d:
ac:52:0b:d3:bc:a6:f8:17:fd:ea:00:1d:48:b9:83:cb:d1:e1:
98:9c:11:95:d0:ac:10:93:72:55:88:6a:0a:2d:b9:c1:2c:e8:
2f:96:14:64:6c:ff:f8:8a:94:ee:c9:1e:02:a1:89:90:76:12:
b7:b6:77:e0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMWg/hznd748MGjMgxVm1Lk6yzzQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDExMDIxODA2MjdaFw0yNTExMDExODExMjdaMDMxMTAvBgNV
BAMTKEEyNDIwQjc3MEEyMDVEQ0M0RjA0NkM5NDYwRDU3MUQ2QTc4QzYwMTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjfaNSUGkU1DTta1ZTg68/jBdW
U5+Fb1ywJdAh6hCIEF8R/jRboQMasm+ZBd4hY1wMSrKdaUKyQUdNSTAKc7Q2TNAJ
sIbcN5Y/4f0QzUn/qe1a/EHEaS/pJjrfk3GjXl1ae+Pr2Gd4Tep6FOrgvQFBEOUr
FpqRzpLMch00PF3yd0eaJTMuWwztCqSe4uDwfNM8K70KnCIX6chu5HBu5JldwWlH
iuLoKT38SMIeIqWHUUtBxS8UX8CJh9fuA38zeVSsw574/vKFozsD8ZNsQLIUZ3fX
4z8XX7ahmkdWyxTY98rsEDf5fq/1m/88Ri9PR+yf1h9acYrgl1IxPthlsUtRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUokILdwogXcxPBGyUYNVx1qeMYBYwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMxMzcyZTMx
MzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzgzNjM3Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC52YwwDQYJKoZIhvcNAQELBQADggEBAFh+Pd7Jg6pKrBY6FaWxu6vPNzhCgc+C
MxloaqS8g1De7jA2ZWHdqyrhbsTwQoChg/q5tulZZEXe9V/2UtOZT0v8YzWU8D8Y
s0hUMB+3O2MSMw9Azp1meHsGS7i4UyRQqyBQ0WL3EOOqcAuYaU1IQxrkylIGAWtm
32yBSlwJEeMvzf+UZ9VNXSFonvUcfgNl+1o2ATLt8M2KFbF/xtflKQLsWHfItE5u
IB/qKR4AfCKvTKN1L6z7KcHDY4JoZr1mZa1w9rmIbaxSC9O8pvgX/eoAHUi5g8vR
4ZicEZXQrBCTclWIagotucEs6C+WFGRs//iKlO7JHgKhiZB2Ere2d+A=
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org