Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3232382e302f32332d3233203d3e203630343538.roa
File: 3138352e33372e3232382e302f32332d3233203d3e203630343538.roa (raw, json)
Hash identifier: peErcXlsbgfgsqewrSXZu5B3J55p3gwflAU5kOjFoMo=
Subject key identifier: 43:6B:1A:75:63:65:1D:91:7B:11:16:7D:02:75:55:B8:55:17:20:43
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 5F2402F8A86F18136DF0AC4C36005D07DE6D223A
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3232382e302f32332d3233203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:17 +0000
ROA not before: Mon 03 Jun 2024 06:00:17 +0000
ROA not after: Mon 02 Jun 2025 06:05:17 +0000
asID: 60458
IP address blocks: 185.37.228.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:24:02:f8:a8:6f:18:13:6d:f0:ac:4c:36:00:5d:07:de:6d:22:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:17 2024 GMT
Not After : Jun 2 06:05:17 2025 GMT
Subject: CN=436B1A7563651D917B11167D027555B855172043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:8c:d8:98:79:f4:b0:53:28:a1:94:ce:bd:e1:
03:54:25:93:3b:a8:a1:19:75:d3:97:c3:a9:88:bd:
3d:55:f4:16:b8:be:60:1c:9a:2f:cd:49:29:ea:7d:
e9:3a:f9:44:ca:45:74:4e:be:18:ea:19:6b:38:56:
7b:90:b2:92:3f:62:3a:0e:60:38:ab:13:f2:7e:81:
2e:97:de:ce:34:df:bb:42:7a:14:65:b4:6d:b1:f8:
01:a3:05:25:8a:65:78:df:2c:2c:47:80:88:e8:4c:
5b:17:95:fc:54:f7:eb:91:3c:a4:9d:05:ee:9f:37:
d5:05:2f:38:e3:0e:df:f9:5d:06:57:fc:7a:28:87:
09:fb:70:ca:f6:45:aa:39:cb:91:8b:8e:3e:f2:34:
64:e9:e3:80:ce:75:85:28:b3:dd:41:83:12:a4:9b:
a5:86:44:cb:f9:94:05:03:8c:f5:5d:3a:d5:74:47:
d7:a7:9f:6e:24:1b:e3:1c:64:9f:6c:b1:37:68:f9:
45:8d:79:dc:33:2e:97:37:73:65:d0:a9:86:ff:db:
43:ff:d0:24:a9:de:55:6c:f9:45:47:f7:c2:63:79:
5b:b4:00:d2:85:de:d8:a9:f9:3d:ce:05:c4:8c:6d:
fa:61:ae:99:0b:80:30:e8:02:75:1d:42:5b:82:e5:
37:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:6B:1A:75:63:65:1D:91:7B:11:16:7D:02:75:55:B8:55:17:20:43
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3232382e302f32332d3233203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.228.0/23
Signature Algorithm: sha256WithRSAEncryption
81:31:50:4f:b0:ef:b1:18:e8:ba:51:d4:90:81:1a:bd:4e:ae:
94:02:0f:be:95:12:d4:2c:45:35:66:57:b4:97:2c:6e:9e:0c:
82:29:be:00:b8:a4:dc:ae:f4:83:7a:f9:08:14:81:56:a4:16:
d3:16:8d:e5:cb:20:1d:4e:51:96:e2:1a:8f:06:6a:90:da:7c:
74:60:fd:6d:33:6e:0a:ae:2f:10:d5:00:f6:40:25:25:03:fd:
4f:83:6d:9a:9b:65:1c:a2:54:fb:20:1c:c1:df:4f:ba:29:ac:
8d:66:9d:b3:39:7f:48:46:2a:1e:66:83:b0:15:d7:f2:2b:1b:
53:ec:05:4d:fe:6c:75:22:0d:74:96:aa:30:3a:41:61:4f:0d:
eb:8e:0e:92:dc:8e:05:05:99:d3:d8:fe:3f:de:05:55:b5:5c:
dc:32:33:5b:f9:09:35:f0:c4:f1:cc:cc:30:74:e7:e6:9c:52:
68:6d:95:a5:ab:a0:cc:14:0e:fd:8e:f0:10:45:c4:5f:c9:96:
5e:b6:8c:c7:8d:13:bf:48:b9:ab:01:66:9a:15:2e:b6:7f:f8:
68:e0:5f:9e:6b:24:1f:b3:38:37:47:39:c3:f3:9b:70:a1:b0:
2d:9f:e2:29:2a:18:27:4c:df:f8:ef:2c:95:9f:99:4e:4b:75:
b6:ab:83:86
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXyQC+KhvGBNt8KxMNgBdB95tIjowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTdaFw0yNTA2MDIwNjA1MTdaMDMxMTAvBgNV
BAMTKDQzNkIxQTc1NjM2NTFEOTE3QjExMTY3RDAyNzU1NUI4NTUxNzIwNDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDejNiYefSwUyihlM694QNUJZM7
qKEZddOXw6mIvT1V9Ba4vmAcmi/NSSnqfek6+UTKRXROvhjqGWs4VnuQspI/YjoO
YDirE/J+gS6X3s4037tCehRltG2x+AGjBSWKZXjfLCxHgIjoTFsXlfxU9+uRPKSd
Be6fN9UFLzjjDt/5XQZX/Hoohwn7cMr2Rao5y5GLjj7yNGTp44DOdYUos91BgxKk
m6WGRMv5lAUDjPVdOtV0R9enn24kG+McZJ9ssTdo+UWNedwzLpc3c2XQqYb/20P/
0CSp3lVs+UVH98JjeVu0ANKF3tip+T3OBcSMbfphrpkLgDDoAnUdQluC5TdjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUQ2sadWNlHZF7ERZ9AnVVuFUXIEMwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMzM3MmUzMjMy
MzgyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
uSXkMA0GCSqGSIb3DQEBCwUAA4IBAQCBMVBPsO+xGOi6UdSQgRq9Tq6UAg++lRLU
LEU1Zle0lyxungyCKb4AuKTcrvSDevkIFIFWpBbTFo3lyyAdTlGW4hqPBmqQ2nx0
YP1tM24Kri8Q1QD2QCUlA/1Pg22am2UcolT7IBzB30+6KayNZp2zOX9IRioeZoOw
FdfyKxtT7AVN/mx1Ig10lqowOkFhTw3rjg6S3I4FBZnT2P4/3gVVtVzcMjNb+Qk1
8MTxzMwwdOfmnFJobZWlq6DMFA79jvAQRcRfyZZetozHjRO/SLmrAWaaFS62f/ho
4F+eayQfszg3RznD85twobAtn+IpKhgnTN/47yyVn5lOS3W2q4OG
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:50 2024 by rpki-client on console-fra.rpki-client.org