Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3232382e302f32342d3234203d3e203630343538.roa
File: 3138352e33372e3232382e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: JEjxeirDyInWN3pEZSMIMLur5fLEwJSrirEqd4Kbniw=
Subject key identifier: 56:AC:B6:CB:46:A3:FA:C6:3F:15:BA:CF:BE:2D:E7:41:ED:0A:49:D7
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 4B5CBBC6570DC6DB63A2090DA6145E029EEBBB3E
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3232382e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:16 +0000
ROA not before: Mon 03 Jun 2024 06:00:16 +0000
ROA not after: Mon 02 Jun 2025 06:05:16 +0000
asID: 60458
IP address blocks: 185.37.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:5c:bb:c6:57:0d:c6:db:63:a2:09:0d:a6:14:5e:02:9e:eb:bb:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:16 2024 GMT
Not After : Jun 2 06:05:16 2025 GMT
Subject: CN=56ACB6CB46A3FAC63F15BACFBE2DE741ED0A49D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1d:de:da:5b:8c:d4:9b:f3:d0:5b:a4:5d:13:
c0:a5:2a:8a:14:f6:00:16:57:ca:0a:7f:33:a9:d6:
b4:66:31:a1:fb:3f:04:60:b6:aa:4b:08:e9:29:67:
51:47:73:72:36:75:34:ef:5a:d8:8d:36:79:cc:e2:
ca:9d:cf:c2:d4:3e:af:4a:69:d7:5f:17:95:9f:9e:
c8:b8:15:b9:cd:0a:4c:0a:15:16:2d:9b:5c:39:44:
73:e7:9d:76:18:32:5f:c1:f4:66:e3:6a:03:8c:ec:
45:46:9f:4b:b1:13:8c:8f:5d:00:0c:28:9d:e9:79:
4e:12:9e:9c:aa:f5:1f:b2:4c:93:98:00:de:b1:b1:
39:39:56:7a:71:74:f6:bb:fc:8f:58:ce:ab:39:ae:
ce:1e:1b:7d:47:bd:aa:44:7b:f1:db:bd:37:3f:bb:
71:21:62:d6:d0:b4:75:4a:03:ab:13:03:53:f1:ac:
55:94:86:c1:2b:ec:b8:61:11:6a:82:c4:10:82:9d:
f7:2b:01:99:c9:ba:81:3f:3a:f9:12:be:0e:57:25:
73:ba:c0:34:68:a4:be:e1:c6:f8:c3:31:d0:ec:18:
6f:00:73:2b:db:08:77:bd:a1:f8:1f:be:a8:7d:ba:
83:87:7a:98:dd:a5:cb:d7:11:a2:15:50:65:d9:b8:
3c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:AC:B6:CB:46:A3:FA:C6:3F:15:BA:CF:BE:2D:E7:41:ED:0A:49:D7
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3232382e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.228.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:40:eb:3c:ab:e1:44:fe:44:34:ff:44:99:61:ac:68:49:9f:
6e:e0:37:f8:24:fc:40:73:07:5e:39:99:d2:89:82:a1:13:c6:
fd:7f:52:bc:b7:82:19:fe:b2:71:60:54:bf:63:80:61:15:ed:
42:fd:b9:4d:8a:5f:0d:60:28:1e:f8:5b:d4:c6:87:d2:6d:fe:
3d:3e:c6:f4:ef:d5:27:ba:e1:89:18:fa:a8:a7:28:4a:e3:f0:
3b:7f:bc:90:30:07:0f:c6:0e:16:13:47:58:3d:3c:7e:88:d0:
7b:ec:3e:b6:a1:7c:54:3e:18:d2:a5:82:6f:74:06:c4:49:87:
0c:cc:42:15:f0:72:56:2e:74:ce:ea:13:e5:e7:58:ac:16:4e:
68:88:25:92:18:37:87:bc:47:bf:6c:de:74:2a:3a:75:fa:a1:
ce:8c:18:c2:b5:67:62:44:8b:4a:ab:c9:78:32:3f:a7:5e:f5:
ea:e5:85:82:26:9e:ed:74:9a:12:92:7d:9f:51:7c:43:3f:53:
97:a3:29:51:cb:6b:32:79:8e:c4:b1:13:86:54:bd:20:11:d3:
4e:7f:f1:c1:6f:8f:54:89:88:7c:c4:42:7f:e3:b1:83:a4:de:
ad:49:39:4e:ed:89:66:1e:a0:93:15:9c:2a:a0:3a:55:2a:39:
bf:c5:a4:bd
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUS1y7xlcNxttjogkNphReAp7ruz4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTZaFw0yNTA2MDIwNjA1MTZaMDMxMTAvBgNV
BAMTKDU2QUNCNkNCNDZBM0ZBQzYzRjE1QkFDRkJFMkRFNzQxRUQwQTQ5RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeHd7aW4zUm/PQW6RdE8ClKooU
9gAWV8oKfzOp1rRmMaH7PwRgtqpLCOkpZ1FHc3I2dTTvWtiNNnnM4sqdz8LUPq9K
addfF5Wfnsi4FbnNCkwKFRYtm1w5RHPnnXYYMl/B9GbjagOM7EVGn0uxE4yPXQAM
KJ3peU4Snpyq9R+yTJOYAN6xsTk5VnpxdPa7/I9Yzqs5rs4eG31HvapEe/HbvTc/
u3EhYtbQtHVKA6sTA1PxrFWUhsEr7LhhEWqCxBCCnfcrAZnJuoE/OvkSvg5XJXO6
wDRopL7hxvjDMdDsGG8AcyvbCHe9ofgfvqh9uoOHepjdpcvXEaIVUGXZuDzhAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUVqy2y0aj+sY/FbrPvi3nQe0KSdcwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMzM3MmUzMjMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uSXkMA0GCSqGSIb3DQEBCwUAA4IBAQC5QOs8q+FE/kQ0/0SZYaxoSZ9u4Df4JPxA
cwdeOZnSiYKhE8b9f1K8t4IZ/rJxYFS/Y4BhFe1C/blNil8NYCge+FvUxofSbf49
Psb079UnuuGJGPqopyhK4/A7f7yQMAcPxg4WE0dYPTx+iNB77D62oXxUPhjSpYJv
dAbESYcMzEIV8HJWLnTO6hPl51isFk5oiCWSGDeHvEe/bN50Kjp1+qHOjBjCtWdi
RItKq8l4Mj+nXvXq5YWCJp7tdJoSkn2fUXxDP1OXoylRy2syeY7EsROGVL0gEdNO
f/HBb49UiYh8xEJ/47GDpN6tSTlO7YlmHqCTFZwqoDpVKjm/xaS9
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org