Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135332e302f32342d3234203d3e20323131343430.roa
File: 3138352e3232362e3135332e302f32342d3234203d3e20323131343430.roa (raw, json)
Hash identifier: 6CGpf7emh1UjrNPPuzV0823u1l4fTWrjCwjQE//uP/w=
Subject key identifier: 37:0A:AD:34:A0:5F:8D:5E:5D:C3:A5:5B:27:E7:35:FA:74:C2:6E:AD
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 782106EC188D3C0A43876696A7B4F565F566E91D
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135332e302f32342d3234203d3e20323131343430.roa
Signing time: Mon 15 Apr 2024 08:13:58 +0000
ROA not before: Mon 15 Apr 2024 08:08:58 +0000
ROA not after: Mon 14 Apr 2025 08:13:58 +0000
asID: 211440
IP address blocks: 185.226.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:21:06:ec:18:8d:3c:0a:43:87:66:96:a7:b4:f5:65:f5:66:e9:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Apr 15 08:08:58 2024 GMT
Not After : Apr 14 08:13:58 2025 GMT
Subject: CN=370AAD34A05F8D5E5DC3A55B27E735FA74C26EAD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ff:55:c6:54:f3:58:d3:e9:38:a8:ac:d6:4c:
2d:0d:be:39:a3:9b:c7:68:82:bc:cd:19:77:1d:23:
8b:83:2d:17:db:e7:f7:91:cf:2b:ed:d3:aa:de:c8:
07:7c:13:49:43:77:5d:7c:a2:0e:5f:4f:46:5c:6a:
bf:eb:14:11:d6:0e:4c:a1:ad:cc:69:d3:0c:ba:fc:
21:08:74:8b:c1:fe:11:ac:5b:24:f6:d7:5e:69:67:
6a:d1:d5:e8:bc:96:df:8b:49:db:c3:16:52:96:0a:
a4:76:33:25:40:33:b1:be:90:2e:11:ac:a6:a5:a6:
c9:35:69:22:8f:09:db:1a:a2:3b:63:b2:ed:bc:41:
67:59:f5:9c:13:08:b7:ca:8f:bc:59:96:4e:03:5a:
12:65:8c:5d:5b:0f:3d:39:4a:aa:ff:21:7c:81:08:
94:b1:4f:80:a3:45:c0:92:3d:71:58:c1:b9:ba:31:
ca:27:79:09:59:f8:25:05:1b:df:14:28:83:9b:28:
44:27:11:7c:3f:b1:9d:f9:44:8d:5a:18:92:ce:f8:
fc:6b:35:df:79:de:75:68:be:6d:23:de:18:8b:f1:
f9:1a:97:c4:c0:79:b4:96:3a:04:1b:da:05:a9:4a:
c9:bc:1c:92:f1:ce:9f:9a:32:17:1f:84:61:f6:02:
fb:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:0A:AD:34:A0:5F:8D:5E:5D:C3:A5:5B:27:E7:35:FA:74:C2:6E:AD
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135332e302f32342d3234203d3e20323131343430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.153.0/24
Signature Algorithm: sha256WithRSAEncryption
76:fc:ed:16:39:0e:4a:80:53:51:5e:2a:4d:b6:23:48:68:b8:
33:76:fd:f1:e5:d8:d6:10:2e:3a:c3:2f:7f:d0:83:cb:e2:c0:
08:1b:b3:aa:45:b6:46:ce:b5:7a:5a:cc:00:19:05:06:68:c6:
93:86:82:4a:6a:60:f2:3b:dd:a6:46:8f:58:bd:1b:ea:39:25:
bc:47:9e:c2:1f:20:11:df:da:dd:a0:6c:2d:52:7f:e5:c3:0e:
a8:15:07:a9:1b:31:98:d5:c7:b7:d9:e1:d4:24:51:ea:b8:12:
3d:ff:80:1d:83:6b:51:33:82:60:9f:d0:70:32:8e:bd:87:ba:
23:40:ad:48:5d:b3:a9:3e:b9:ae:a8:8a:6d:41:55:ec:ea:5e:
22:54:42:1a:57:14:26:3a:59:3f:9d:37:c0:fc:91:d8:3f:37:
0f:29:e6:78:ff:66:88:1b:6d:07:b7:42:b9:52:85:45:85:f8:
8d:4c:a2:b9:1e:ba:e7:d8:76:46:f0:2d:c9:d3:90:05:87:cc:
2a:3a:d9:a8:27:1d:66:fe:16:d3:80:5d:5d:aa:be:69:a9:35:
dd:a8:ae:6a:df:26:cc:7c:ae:25:d2:70:45:8c:42:0e:96:e3:
b9:02:95:03:a9:d1:9c:53:09:31:0f:6c:fb:f5:b1:a7:60:7a:
44:1d:ed:75
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUeCEG7BiNPApDh2aWp7T1ZfVm6R0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA0MTUwODA4NThaFw0yNTA0MTQwODEzNThaMDMxMTAvBgNV
BAMTKDM3MEFBRDM0QTA1RjhENUU1REMzQTU1QjI3RTczNUZBNzRDMjZFQUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG/1XGVPNY0+k4qKzWTC0Nvjmj
m8dogrzNGXcdI4uDLRfb5/eRzyvt06reyAd8E0lDd118og5fT0Zcar/rFBHWDkyh
rcxp0wy6/CEIdIvB/hGsWyT2115pZ2rR1ei8lt+LSdvDFlKWCqR2MyVAM7G+kC4R
rKalpsk1aSKPCdsaojtjsu28QWdZ9ZwTCLfKj7xZlk4DWhJljF1bDz05Sqr/IXyB
CJSxT4CjRcCSPXFYwbm6MconeQlZ+CUFG98UKIObKEQnEXw/sZ35RI1aGJLO+Pxr
Nd953nVovm0j3hiL8fkal8TAebSWOgQb2gWpSsm8HJLxzp+aMhcfhGH2AvtlAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUNwqtNKBfjV5dw6VbJ+c1+nTCbq0wHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMyMzYyZTMx
MzUzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMTM0MzQzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnimTANBgkqhkiG9w0BAQsFAAOCAQEAdvztFjkOSoBTUV4qTbYjSGi4M3b9
8eXY1hAuOsMvf9CDy+LACBuzqkW2Rs61elrMABkFBmjGk4aCSmpg8jvdpkaPWL0b
6jklvEeewh8gEd/a3aBsLVJ/5cMOqBUHqRsxmNXHt9nh1CRR6rgSPf+AHYNrUTOC
YJ/QcDKOvYe6I0CtSF2zqT65rqiKbUFV7OpeIlRCGlcUJjpZP503wPyR2D83Dynm
eP9miBttB7dCuVKFRYX4jUyiuR6659h2RvAtydOQBYfMKjrZqCcdZv4W04BdXaq+
aak13aiuat8mzHyuJdJwRYxCDpbjuQKVA6nRnFMJMQ9s+/Wxp2B6RB3tdQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:01 2024 by rpki-client on console-fra.rpki-client.org