Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135342e302f32342d3234203d3e20323030303139.roa
File: 3138352e3232362e3135342e302f32342d3234203d3e20323030303139.roa (raw, json)
Hash identifier: 96QSwOxwyYqTqJ3XjUWn9gHjbPepDDirLYFilwesJ0U=
Subject key identifier: B7:AA:C1:8F:CE:2D:F4:4E:59:1B:83:C9:2F:C6:F3:93:2C:38:7A:68
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 344CA95CCA157A17C2B8B2D66FFBD076F0405906
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135342e302f32342d3234203d3e20323030303139.roa
Signing time: Wed 04 Dec 2024 16:54:25 +0000
ROA not before: Wed 04 Dec 2024 16:49:25 +0000
ROA not after: Wed 03 Dec 2025 16:54:25 +0000
asID: 200019
IP address blocks: 185.226.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 14:35:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:4c:a9:5c:ca:15:7a:17:c2:b8:b2:d6:6f:fb:d0:76:f0:40:59:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Dec 4 16:49:25 2024 GMT
Not After : Dec 3 16:54:25 2025 GMT
Subject: CN=B7AAC18FCE2DF44E591B83C92FC6F3932C387A68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ae:93:da:f0:f8:20:89:d4:6e:72:7a:45:c6:
ad:97:5a:63:54:e8:10:f6:a1:89:41:a6:8c:a4:44:
f1:33:35:54:8b:a9:55:09:a7:9e:a8:df:69:d2:56:
fd:59:dc:32:c8:f7:dd:ca:2c:35:b1:26:b8:da:d1:
45:fa:d2:44:6b:f7:a2:df:71:b6:38:05:70:80:2f:
fa:0f:60:82:3e:61:91:f6:e5:78:4f:7a:db:86:c4:
fc:85:01:d1:14:4f:2f:8e:1c:fd:29:cf:82:5d:f3:
2a:fd:f1:7c:19:45:df:67:e3:0a:84:9c:d1:82:08:
27:d2:3d:f4:a6:5c:d4:20:8a:85:8d:c7:49:8d:00:
ba:ba:d6:ee:17:d8:34:7f:ed:61:f6:2b:dc:ef:18:
a0:66:b5:f1:98:0c:97:d5:f1:18:39:88:d1:ec:ee:
1c:ed:59:f9:ec:c0:f9:17:9f:9c:73:7e:53:2e:69:
85:e5:2c:9e:03:70:32:92:f8:a6:53:87:42:20:b5:
cf:21:43:54:fd:a0:44:a9:07:84:5e:a8:95:5c:b8:
1b:df:6c:dd:d6:15:49:3e:42:ce:a2:ca:ef:3d:85:
a9:9f:1c:80:d7:96:b7:47:b9:0e:68:4a:e7:a8:95:
60:49:3b:35:a3:19:a7:b2:72:4d:0a:74:c8:6d:02:
e1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:AA:C1:8F:CE:2D:F4:4E:59:1B:83:C9:2F:C6:F3:93:2C:38:7A:68
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135342e302f32342d3234203d3e20323030303139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.154.0/24
Signature Algorithm: sha256WithRSAEncryption
06:82:c4:bf:40:b7:bc:14:f4:e6:07:f6:d7:1d:cd:ab:88:94:
53:2c:d8:40:6f:75:90:cd:c0:e6:95:7f:6a:f6:dd:ad:93:ba:
0a:73:c7:ca:ab:a3:ab:65:18:06:ee:00:16:7f:6c:b6:c1:80:
d1:8a:bf:11:71:5e:46:6c:9d:40:d8:39:fe:93:f2:69:00:86:
f5:cf:76:22:69:c2:58:0b:cf:d0:34:89:79:72:00:17:b5:7a:
3a:26:27:f1:34:e4:ca:b5:d7:b2:4d:75:20:a4:b3:2e:a8:33:
98:c5:cb:91:b3:b8:3f:aa:87:42:31:7b:0c:0a:a2:ce:d7:5b:
1c:04:19:de:85:00:b1:f0:ee:df:e1:04:9f:ce:24:ca:23:cf:
60:82:0a:97:ee:05:82:c4:ff:d9:9a:9c:7f:86:84:80:09:56:
4d:fb:01:6b:93:f5:be:35:4f:76:a3:cc:ca:05:0c:49:7f:b5:
eb:7b:60:c6:46:8b:7c:83:3b:25:ed:b6:ee:a5:ce:8e:6d:6f:
6a:e2:cf:40:50:56:36:20:40:8a:88:12:55:c4:05:ac:bc:22:
51:e9:1a:da:b0:df:f8:b8:da:24:bf:16:1d:b9:b1:05:67:07:
67:13:05:68:6e:06:e1:35:30:9e:1a:bc:1b:23:a9:c6:c6:50:
1a:2c:b3:1f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUNEypXMoVehfCuLLWb/vQdvBAWQYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDEyMDQxNjQ5MjVaFw0yNTEyMDMxNjU0MjVaMDMxMTAvBgNV
BAMTKEI3QUFDMThGQ0UyREY0NEU1OTFCODNDOTJGQzZGMzkzMkMzODdBNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyrpPa8PggidRucnpFxq2XWmNU
6BD2oYlBpoykRPEzNVSLqVUJp56o32nSVv1Z3DLI993KLDWxJrja0UX60kRr96Lf
cbY4BXCAL/oPYII+YZH25XhPetuGxPyFAdEUTy+OHP0pz4Jd8yr98XwZRd9n4wqE
nNGCCCfSPfSmXNQgioWNx0mNALq61u4X2DR/7WH2K9zvGKBmtfGYDJfV8Rg5iNHs
7hztWfnswPkXn5xzflMuaYXlLJ4DcDKS+KZTh0Igtc8hQ1T9oESpB4ReqJVcuBvf
bN3WFUk+Qs6iyu89hamfHIDXlrdHuQ5oSueolWBJOzWjGaeyck0KdMhtAuExAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUt6rBj84t9E5ZG4PJL8bzkyw4emgwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMyMzYyZTMx
MzUzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMDMwMzEzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnimjANBgkqhkiG9w0BAQsFAAOCAQEABoLEv0C3vBT05gf21x3Nq4iUUyzY
QG91kM3A5pV/avbdrZO6CnPHyqujq2UYBu4AFn9stsGA0Yq/EXFeRmydQNg5/pPy
aQCG9c92ImnCWAvP0DSJeXIAF7V6OiYn8TTkyrXXsk11IKSzLqgzmMXLkbO4P6qH
QjF7DAqiztdbHAQZ3oUAsfDu3+EEn84kyiPPYIIKl+4FgsT/2Zqcf4aEgAlWTfsB
a5P1vjVPdqPMygUMSX+163tgxkaLfIM7Je227qXOjm1vauLPQFBWNiBAiogSVcQF
rLwiUeka2rDf+LjaJL8WHbmxBWcHZxMFaG4G4TUwnhq8GyOpxsZQGiyzHw==
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:52:17 2025 by rpki-client