Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231372e3134302e302f32342d3234203d3e203539343332.roa
File: 3138352e3231372e3134302e302f32342d3234203d3e203539343332.roa (raw, json)
Hash identifier: yGjLp4hQkvs/v28PvPBQqH104+27I58bZdoK1hEWVSg=
Subject key identifier: B3:F4:7C:B4:58:BE:B1:85:7D:BA:1E:04:9E:AE:69:29:A3:8A:41:E6
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 4BB1331A5A1CD86E6565457FF9A0D1A1EFED7B06
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231372e3134302e302f32342d3234203d3e203539343332.roa
Signing time: Tue 26 Mar 2024 06:59:33 +0000
ROA not before: Tue 26 Mar 2024 06:54:33 +0000
ROA not after: Tue 25 Mar 2025 06:59:33 +0000
asID: 59432
IP address blocks: 185.217.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:b1:33:1a:5a:1c:d8:6e:65:65:45:7f:f9:a0:d1:a1:ef:ed:7b:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Mar 26 06:54:33 2024 GMT
Not After : Mar 25 06:59:33 2025 GMT
Subject: CN=B3F47CB458BEB1857DBA1E049EAE6929A38A41E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:68:b8:80:8a:e0:13:d6:3d:39:ab:e0:8b:f7:
70:3f:34:d9:10:3d:1c:c6:e3:4f:a9:32:00:5d:c0:
65:a3:90:33:64:b2:f0:6e:af:fa:82:5a:69:02:70:
e4:e3:b7:dd:f7:d6:ab:a2:d6:30:63:9e:76:a5:4e:
7f:ea:d4:02:9d:48:52:da:f6:16:5a:5f:5c:4c:6f:
0e:d4:b7:40:da:34:2b:44:d5:21:87:7b:a7:31:a2:
c2:1a:7e:12:4b:db:ff:6b:8b:e3:d9:ac:55:31:73:
b5:d8:8f:73:98:93:0b:9c:4f:05:71:80:63:95:87:
36:6b:66:dd:1c:8f:06:05:43:61:3c:b3:94:4f:f5:
49:1b:8c:2b:82:1b:dd:72:2f:74:04:a2:b9:57:fe:
d7:58:e5:da:e2:66:b5:18:3f:34:51:4f:52:3e:78:
72:84:bd:de:64:12:35:ed:f4:1e:23:4f:08:8b:8b:
57:cc:44:d9:5e:d2:bb:a5:70:cc:2f:2b:14:28:79:
fa:56:10:d9:80:03:eb:cb:e3:8b:b8:f7:b0:94:0d:
d2:9c:3e:ad:99:25:b3:98:5a:c7:60:81:d2:6c:01:
31:63:91:be:f9:94:60:7f:5d:f4:13:2d:f4:66:26:
85:62:bc:88:d7:9c:e1:f1:fc:12:91:1e:e3:49:ff:
80:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:F4:7C:B4:58:BE:B1:85:7D:BA:1E:04:9E:AE:69:29:A3:8A:41:E6
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231372e3134302e302f32342d3234203d3e203539343332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.140.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:11:d5:91:44:46:7f:92:03:14:93:9e:c5:16:0f:75:69:1c:
bf:12:d2:31:e1:56:eb:1c:e0:65:f0:0f:eb:d6:4c:92:70:09:
35:21:db:9a:2d:0d:e9:0b:7c:96:7c:2c:d5:0c:d7:f8:ff:ee:
9c:fd:b0:ce:34:97:b7:94:07:72:d1:cc:4b:20:64:70:5c:f1:
ca:38:1b:9d:7c:c2:bc:af:81:50:a4:fd:4c:d2:eb:aa:d9:5c:
41:ad:73:ee:4b:5c:20:f9:7e:ba:92:86:62:33:7d:bf:c2:eb:
fa:7d:a6:9b:05:bf:14:f3:0a:44:4f:ba:c4:b2:8c:2f:4c:e0:
08:a6:b1:ad:ef:38:96:31:39:e5:a8:0f:99:76:b8:07:63:b1:
6d:d1:f5:d1:9a:65:dd:2b:95:36:75:11:80:45:1e:65:e6:61:
5c:83:05:53:68:95:01:c0:b4:2c:4c:ed:95:a5:53:2b:72:30:
36:de:40:bd:9a:c1:06:68:64:18:c3:90:67:db:e2:8a:3e:a4:
c0:b1:ba:40:1b:ae:4e:e2:5f:f6:b2:85:26:ee:1e:e1:13:c7:
a3:32:05:45:3e:df:30:0b:9f:2a:51:ac:02:77:02:08:59:d6:
2f:7b:af:92:e6:ab:51:89:82:82:8b:dc:ce:24:27:3d:9c:76:
4e:6b:62:05
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUS7EzGloc2G5lZUV/+aDRoe/tewYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDAzMjYwNjU0MzNaFw0yNTAzMjUwNjU5MzNaMDMxMTAvBgNV
BAMTKEIzRjQ3Q0I0NThCRUIxODU3REJBMUUwNDlFQUU2OTI5QTM4QTQxRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCraLiAiuAT1j05q+CL93A/NNkQ
PRzG40+pMgBdwGWjkDNksvBur/qCWmkCcOTjt9331qui1jBjnnalTn/q1AKdSFLa
9hZaX1xMbw7Ut0DaNCtE1SGHe6cxosIafhJL2/9ri+PZrFUxc7XYj3OYkwucTwVx
gGOVhzZrZt0cjwYFQ2E8s5RP9UkbjCuCG91yL3QEorlX/tdY5driZrUYPzRRT1I+
eHKEvd5kEjXt9B4jTwiLi1fMRNle0rulcMwvKxQoefpWENmAA+vL44u497CUDdKc
Pq2ZJbOYWsdggdJsATFjkb75lGB/XfQTLfRmJoVivIjXnOHx/BKRHuNJ/4BbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUs/R8tFi+sYV9uh4Enq5pKaOKQeYwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMxMzcyZTMx
MzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzkzNDMzMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC52YwwDQYJKoZIhvcNAQELBQADggEBAG0R1ZFERn+SAxSTnsUWD3VpHL8S0jHh
Vusc4GXwD+vWTJJwCTUh25otDekLfJZ8LNUM1/j/7pz9sM40l7eUB3LRzEsgZHBc
8co4G518wryvgVCk/UzS66rZXEGtc+5LXCD5frqShmIzfb/C6/p9ppsFvxTzCkRP
usSyjC9M4Aimsa3vOJYxOeWoD5l2uAdjsW3R9dGaZd0rlTZ1EYBFHmXmYVyDBVNo
lQHAtCxM7ZWlUytyMDbeQL2awQZoZBjDkGfb4oo+pMCxukAbrk7iX/ayhSbuHuET
x6MyBUU+3zALnypRrAJ3AghZ1i97r5Lmq1GJgoKL3M4kJz2cdk5rYgU=
-----END CERTIFICATE-----
Generated at Tue Jun 4 07:46:41 2024 by rpki-client on console-fra.rpki-client.org