Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135342e302f32342d3234203d3e203233343730.roa
File: 3138352e3232362e3135342e302f32342d3234203d3e203233343730.roa (raw, json)
Hash identifier: MGMXCMyBA0XzIDmNV3+9HMaNmEfJ5gdxCh4b/i7an9U=
Subject key identifier: E2:47:5B:B9:FC:74:DB:E5:52:F9:81:EA:E9:7C:1A:B5:90:CF:76:45
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 2476FB6E395F2E4DF90F2382016797D825314F86
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135342e302f32342d3234203d3e203233343730.roa
Signing time: Sun 29 Sep 2024 10:01:58 +0000
ROA not before: Sun 29 Sep 2024 09:56:58 +0000
ROA not after: Sun 28 Sep 2025 10:01:58 +0000
asID: 23470
IP address blocks: 185.226.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:76:fb:6e:39:5f:2e:4d:f9:0f:23:82:01:67:97:d8:25:31:4f:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Sep 29 09:56:58 2024 GMT
Not After : Sep 28 10:01:58 2025 GMT
Subject: CN=E2475BB9FC74DBE552F981EAE97C1AB590CF7645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:93:ff:cf:8d:68:cf:17:81:9f:27:93:0a:de:
a3:5c:7f:8d:0f:11:cd:a4:f9:31:99:7d:58:4d:b5:
ce:d3:d5:f2:3e:3d:90:43:20:b2:0e:ed:b6:e8:3c:
44:c7:af:3b:67:aa:3e:88:ae:89:7c:95:ab:96:aa:
bf:3d:c0:82:1d:78:b6:9e:16:df:e1:c3:72:be:a9:
e8:5a:18:80:dd:7b:68:f8:35:8d:ce:56:ef:dc:c2:
1f:8b:82:a8:90:63:22:b9:b9:38:f3:08:03:d9:f4:
63:de:5c:ba:e5:b6:e4:82:4b:1f:31:69:ae:14:c4:
c8:75:60:7d:b8:43:79:57:12:e6:f6:45:ff:67:11:
11:8c:eb:b3:ec:5e:92:c9:d5:41:09:8f:85:f1:29:
d8:3e:1f:5b:1f:04:4a:50:1c:96:9f:60:9a:a2:4e:
ad:d9:49:27:62:7a:ff:9a:ac:40:0b:5e:00:90:1c:
b5:75:21:12:17:d7:43:ea:50:49:b1:78:d6:9f:ba:
a4:96:b2:a2:e8:db:6e:3c:3e:56:85:8e:ea:3e:5d:
70:a1:48:b5:fe:ba:11:86:a9:b9:cd:fe:c3:72:e2:
1c:d8:e5:01:37:b5:84:4f:36:52:bc:84:c3:74:f1:
0b:d6:b7:60:5d:6a:02:cd:3d:4f:ea:18:63:75:bd:
bf:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:47:5B:B9:FC:74:DB:E5:52:F9:81:EA:E9:7C:1A:B5:90:CF:76:45
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135342e302f32342d3234203d3e203233343730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.154.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:d3:c1:70:d0:f0:35:4b:95:cc:6e:c1:0e:92:28:26:ff:37:
2a:02:db:4b:7f:d8:28:1a:97:af:9d:3b:a3:ad:29:cd:44:49:
38:b0:be:fa:68:28:f6:cc:b9:1e:f8:7d:44:95:cc:3c:46:10:
0d:50:4b:e9:72:e9:21:be:c0:13:39:03:83:81:b5:25:b0:ab:
be:f8:c2:f8:d1:ef:d8:d6:b5:df:ed:2d:82:53:27:34:20:7a:
f4:6c:b6:7e:44:bf:24:5d:d2:7f:0f:55:25:30:8d:f9:de:91:
af:e7:f9:f5:b8:ac:b4:61:36:ac:5d:11:83:79:59:ad:61:eb:
6d:af:27:39:c0:67:47:1c:12:36:9a:cd:a9:b6:4b:f0:e1:f2:
61:7e:b1:b5:2d:90:7f:cf:02:f0:ba:84:d2:c1:8a:f5:33:5d:
79:6e:70:4a:8b:b6:c7:94:b1:7d:3a:f5:8e:3f:01:b8:3b:bf:
7d:99:4a:8f:a2:06:bf:f6:86:2f:14:f4:3c:41:82:16:4e:56:
79:64:0d:4a:84:01:77:9d:93:18:2d:33:e4:6c:c5:78:f3:f4:
94:07:4f:3b:96:d8:81:a6:af:35:11:c2:b9:25:4b:55:32:7f:
41:69:a7:57:06:e5:73:e4:12:48:78:a7:3c:d2:01:44:00:da:
80:c3:d4:a7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJHb7bjlfLk35DyOCAWeX2CUxT4YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA5MjkwOTU2NThaFw0yNTA5MjgxMDAxNThaMDMxMTAvBgNV
BAMTKEUyNDc1QkI5RkM3NERCRTU1MkY5ODFFQUU5N0MxQUI1OTBDRjc2NDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqk//PjWjPF4GfJ5MK3qNcf40P
Ec2k+TGZfVhNtc7T1fI+PZBDILIO7bboPETHrztnqj6Irol8lauWqr89wIIdeLae
Ft/hw3K+qehaGIDde2j4NY3OVu/cwh+LgqiQYyK5uTjzCAPZ9GPeXLrltuSCSx8x
aa4UxMh1YH24Q3lXEub2Rf9nERGM67PsXpLJ1UEJj4XxKdg+H1sfBEpQHJafYJqi
Tq3ZSSdiev+arEALXgCQHLV1IRIX10PqUEmxeNafuqSWsqLo2248PlaFjuo+XXCh
SLX+uhGGqbnN/sNy4hzY5QE3tYRPNlK8hMN08QvWt2BdagLNPU/qGGN1vb/xAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU4kdbufx02+VS+YHq6XwatZDPdkUwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMyMzYyZTMx
MzUzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzMzNDM3MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC54powDQYJKoZIhvcNAQELBQADggEBAMDTwXDQ8DVLlcxuwQ6SKCb/NyoC20t/
2Cgal6+dO6OtKc1ESTiwvvpoKPbMuR74fUSVzDxGEA1QS+ly6SG+wBM5A4OBtSWw
q774wvjR79jWtd/tLYJTJzQgevRstn5EvyRd0n8PVSUwjfneka/n+fW4rLRhNqxd
EYN5Wa1h622vJznAZ0ccEjaazam2S/Dh8mF+sbUtkH/PAvC6hNLBivUzXXlucEqL
tseUsX069Y4/Abg7v32ZSo+iBr/2hi8U9DxBghZOVnlkDUqEAXedkxgtM+RsxXjz
9JQHTzuW2IGmrzURwrklS1Uyf0Fpp1cG5XPkEkh4pzzSAUQA2oDD1Kc=
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org