Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135322e302f32342d3234203d3e203432383331.roa
File: 3138352e3232362e3135322e302f32342d3234203d3e203432383331.roa (raw, json)
Hash identifier: 2iZuFtoo8q53yETNgCmRHTR4lUa6RiA7X1J8o6k1GHg=
Subject key identifier: D7:F2:78:45:44:0C:0A:4E:FC:76:0E:45:87:2E:32:8B:E4:5C:62:16
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 55CB6AAF9BBD3B02258FD12A3C7C9ED43E88A8E7
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135322e302f32342d3234203d3e203432383331.roa
Signing time: Thu 19 Sep 2024 14:46:19 +0000
ROA not before: Thu 19 Sep 2024 14:41:19 +0000
ROA not after: Thu 18 Sep 2025 14:46:19 +0000
asID: 42831
IP address blocks: 185.226.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:cb:6a:af:9b:bd:3b:02:25:8f:d1:2a:3c:7c:9e:d4:3e:88:a8:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Sep 19 14:41:19 2024 GMT
Not After : Sep 18 14:46:19 2025 GMT
Subject: CN=D7F27845440C0A4EFC760E45872E328BE45C6216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1f:6c:c3:13:d8:b5:f9:c6:f5:71:37:ab:56:
81:db:39:de:12:82:f7:a8:94:6c:b4:7a:27:65:aa:
3a:c4:63:70:0b:0b:5f:fc:69:ed:3e:ba:d2:54:a0:
e3:d0:aa:c5:c2:59:4a:56:b3:10:33:78:f8:6a:82:
bb:24:2d:59:89:62:96:5f:25:69:8f:6d:a0:97:66:
60:30:69:81:84:7a:c0:75:08:3e:66:6f:3d:3c:8f:
d5:a5:f4:37:85:0e:7c:c5:e0:c5:49:f4:a7:0f:68:
83:89:07:99:e1:c3:e2:9a:1d:8a:67:db:5c:b0:a4:
88:03:cd:a5:40:2c:e7:e8:09:25:3f:2c:82:f0:94:
e4:38:5b:d6:e6:ef:2b:8f:13:14:0f:07:a6:84:53:
2e:90:2d:7b:fe:3c:76:ad:bf:e0:d2:88:8b:67:d2:
15:d3:49:22:09:65:88:ab:25:31:ab:ec:24:ff:13:
fd:bc:5c:72:9b:d3:8a:1e:0a:23:43:89:06:e8:98:
34:e2:2b:e6:3b:2e:5a:2c:a4:94:13:7e:0f:00:05:
6b:54:d4:86:21:32:b4:6f:e1:d5:04:9f:1c:53:59:
f5:f9:b4:da:21:fe:b3:eb:2f:ea:46:74:f9:f7:67:
d3:14:9e:12:15:6a:1f:0a:d1:67:bd:92:1a:50:a3:
24:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:F2:78:45:44:0C:0A:4E:FC:76:0E:45:87:2E:32:8B:E4:5C:62:16
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135322e302f32342d3234203d3e203432383331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.152.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:a2:eb:5a:23:ca:18:e4:29:1f:5b:b9:6e:e4:eb:1f:08:20:
a9:b7:77:4f:2d:57:af:c0:3c:d3:61:7c:45:8a:c3:5c:1e:07:
13:65:c6:b6:23:eb:0f:55:ce:4e:44:bd:ba:63:ee:27:4c:7a:
4a:75:7c:eb:18:d0:be:01:dc:b8:cb:18:87:d9:49:fe:be:d7:
08:73:23:24:64:bd:3a:99:3c:84:ce:a8:fe:3b:5b:c6:95:bd:
b2:94:2c:e6:c4:8a:09:81:a5:c3:52:f0:21:fb:98:e1:ec:44:
29:2d:a7:84:64:49:fc:66:ba:40:14:a5:60:59:d4:50:9b:f8:
73:f4:e1:48:63:f0:97:69:96:eb:52:a6:98:26:85:55:2c:3d:
88:32:a5:e8:bc:0f:c4:a8:fc:8c:cb:08:4d:32:d8:3c:ac:86:
ba:ee:9e:1b:ec:16:95:e0:2a:b9:ff:36:20:ef:99:f8:2e:12:
0d:12:38:7a:8c:77:6c:2f:86:b9:b1:0e:fb:4f:35:4d:0e:fa:
60:38:89:6e:a0:1d:8c:65:26:e6:a8:bc:d0:a4:4d:06:3a:5d:
c1:fd:52:b7:72:54:2a:6e:74:b9:f2:2b:2e:9d:be:5f:ee:a7:
78:dc:e8:4d:e7:a0:e1:8b:e1:ea:ef:d0:38:e6:ca:7e:38:d8:
15:b5:5c:a0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVctqr5u9OwIlj9EqPHye1D6IqOcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA5MTkxNDQxMTlaFw0yNTA5MTgxNDQ2MTlaMDMxMTAvBgNV
BAMTKEQ3RjI3ODQ1NDQwQzBBNEVGQzc2MEU0NTg3MkUzMjhCRTQ1QzYyMTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9H2zDE9i1+cb1cTerVoHbOd4S
gveolGy0eidlqjrEY3ALC1/8ae0+utJUoOPQqsXCWUpWsxAzePhqgrskLVmJYpZf
JWmPbaCXZmAwaYGEesB1CD5mbz08j9Wl9DeFDnzF4MVJ9KcPaIOJB5nhw+KaHYpn
21ywpIgDzaVALOfoCSU/LILwlOQ4W9bm7yuPExQPB6aEUy6QLXv+PHatv+DSiItn
0hXTSSIJZYirJTGr7CT/E/28XHKb04oeCiNDiQbomDTiK+Y7LlospJQTfg8ABWtU
1IYhMrRv4dUEnxxTWfX5tNoh/rPrL+pGdPn3Z9MUnhIVah8K0We9khpQoyRFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU1/J4RUQMCk78dg5Fhy4yi+RcYhYwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMyMzYyZTMx
MzUzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzIzODMzMzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC54pgwDQYJKoZIhvcNAQELBQADggEBAKKi61ojyhjkKR9buW7k6x8IIKm3d08t
V6/APNNhfEWKw1weBxNlxrYj6w9Vzk5Evbpj7idMekp1fOsY0L4B3LjLGIfZSf6+
1whzIyRkvTqZPITOqP47W8aVvbKULObEigmBpcNS8CH7mOHsRCktp4RkSfxmukAU
pWBZ1FCb+HP04Uhj8JdplutSppgmhVUsPYgypei8D8So/IzLCE0y2Dyshrrunhvs
FpXgKrn/NiDvmfguEg0SOHqMd2wvhrmxDvtPNU0O+mA4iW6gHYxlJuaovNCkTQY6
XcH9UrdyVCpudLnyKy6dvl/up3jc6E3noOGL4erv0Djmyn442BW1XKA=
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org