Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3232392e302f32342d3234203d3e203630343538.roa
File: 3138352e33372e3232392e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: kRJPSeYDDhP3JanX0LXdTZbvcZjkV7vJ+MORq8jG+GE=
Subject key identifier: 98:C9:BF:A5:06:DA:5D:73:29:56:41:34:0F:80:D1:90:B1:1A:79:79
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 717059B1E5769FD8DBC9658B68216654DE19D9BF
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3232392e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jul 2023 05:42:01 +0000
ROA not before: Mon 03 Jul 2023 05:37:01 +0000
ROA not after: Mon 01 Jul 2024 05:42:01 +0000
asID: 60458
IP address blocks: 185.37.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:70:59:b1:e5:76:9f:d8:db:c9:65:8b:68:21:66:54:de:19:d9:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jul 3 05:37:01 2023 GMT
Not After : Jul 1 05:42:01 2024 GMT
Subject: CN=98C9BFA506DA5D73295641340F80D190B11A7979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:83:af:0d:ea:51:3b:1c:3d:91:f0:b3:4f:7c:
d2:8a:e6:6d:17:4b:51:21:f5:00:c3:30:27:b6:15:
77:6d:56:ba:a4:ec:d9:62:3d:33:07:00:71:7f:d8:
a0:a1:b2:f2:da:f7:7d:8d:e6:85:d0:59:93:40:ce:
ec:96:50:f4:cf:e5:cf:af:e5:b4:c2:14:58:df:c4:
35:5a:23:c8:6a:2b:b5:7b:7d:b9:40:0a:58:ba:3d:
91:ec:cd:35:2f:23:a3:71:01:24:af:31:9a:f0:af:
72:30:3f:89:84:32:5b:79:68:85:a1:8a:e7:9d:ec:
6f:e5:75:86:2a:78:88:ba:54:6c:8e:aa:d3:22:ea:
01:74:b3:c3:81:31:7e:eb:ea:21:ed:61:f6:00:22:
1e:6f:b2:6d:11:f3:a7:1c:c5:08:5d:32:b3:13:05:
9f:58:8d:59:99:18:6a:60:17:7c:c1:b1:3b:3b:a5:
9d:4a:33:b2:68:6b:40:d5:bf:01:32:86:de:17:7d:
c2:8b:92:65:ab:ee:54:12:bc:67:6b:ce:c1:1d:49:
28:ca:3d:44:6a:fc:a1:9e:54:55:41:1a:d9:0b:bb:
6e:22:e6:01:12:6c:ca:63:55:25:ad:88:5e:61:09:
8e:f4:38:88:9a:51:5d:c2:52:e6:52:fa:44:b6:5c:
4c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C9:BF:A5:06:DA:5D:73:29:56:41:34:0F:80:D1:90:B1:1A:79:79
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3232392e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.229.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:be:c0:92:12:c8:9e:b9:dd:9e:7d:2d:5b:42:9f:a1:0a:e4:
eb:99:15:9f:43:85:ea:3e:cd:b3:40:6a:08:7a:24:94:8a:c9:
02:d2:43:de:0d:82:e9:84:8e:99:fc:cd:ca:f5:8f:86:04:0a:
f5:8c:38:e2:fe:31:ec:78:3d:29:cc:6f:2e:46:05:4a:77:75:
99:c4:7b:ab:d8:53:a4:3a:f1:67:14:68:e1:c9:23:85:52:08:
35:78:c2:4e:01:9b:7d:b8:a0:a2:b1:29:14:b8:f6:3c:5f:67:
59:99:fd:13:ca:d9:76:1b:de:77:ca:99:e3:11:8f:76:c3:61:
ba:f8:39:44:35:a3:25:16:26:98:10:e8:4d:16:26:9b:1e:90:
c6:09:8c:6d:d1:3d:d3:39:d3:16:fb:02:d5:a6:a6:6e:ff:cb:
79:02:75:d1:fc:7b:e0:ee:7d:b4:6e:d6:de:34:0c:b7:d7:dc:
9a:da:b3:63:06:d3:58:aa:0b:7f:d9:0c:8c:9d:2d:bd:c6:0f:
e7:6e:af:73:2f:d0:0d:86:be:92:d9:98:9c:ab:3f:87:d2:f8:
68:bb:fe:9a:6e:62:eb:86:ab:34:c2:c7:9c:84:d9:d0:2f:18:
4b:a2:73:80:a5:ef:43:b3:6d:6b:f6:aa:25:b2:d1:81:9a:d7:
aa:1c:69:69
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUcXBZseV2n9jbyWWLaCFmVN4Z2b8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yMzA3MDMwNTM3MDFaFw0yNDA3MDEwNTQyMDFaMDMxMTAvBgNV
BAMTKDk4QzlCRkE1MDZEQTVENzMyOTU2NDEzNDBGODBEMTkwQjExQTc5NzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzg68N6lE7HD2R8LNPfNKK5m0X
S1Eh9QDDMCe2FXdtVrqk7NliPTMHAHF/2KChsvLa932N5oXQWZNAzuyWUPTP5c+v
5bTCFFjfxDVaI8hqK7V7fblACli6PZHszTUvI6NxASSvMZrwr3IwP4mEMlt5aIWh
iued7G/ldYYqeIi6VGyOqtMi6gF0s8OBMX7r6iHtYfYAIh5vsm0R86ccxQhdMrMT
BZ9YjVmZGGpgF3zBsTs7pZ1KM7Joa0DVvwEyht4XfcKLkmWr7lQSvGdrzsEdSSjK
PURq/KGeVFVBGtkLu24i5gESbMpjVSWtiF5hCY70OIiaUV3CUuZS+kS2XEzDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUmMm/pQbaXXMpVkE0D4DRkLEaeXkwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMzM3MmUzMjMy
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uSXlMA0GCSqGSIb3DQEBCwUAA4IBAQCxvsCSEsieud2efS1bQp+hCuTrmRWfQ4Xq
Ps2zQGoIeiSUiskC0kPeDYLphI6Z/M3K9Y+GBAr1jDji/jHseD0pzG8uRgVKd3WZ
xHur2FOkOvFnFGjhySOFUgg1eMJOAZt9uKCisSkUuPY8X2dZmf0Tytl2G953ypnj
EY92w2G6+DlENaMlFiaYEOhNFiabHpDGCYxt0T3TOdMW+wLVpqZu/8t5AnXR/Hvg
7n20btbeNAy319ya2rNjBtNYqgt/2QyMnS29xg/nbq9zL9ANhr6S2Zicqz+H0vho
u/6abmLrhqs0wsechNnQLxhLonOApe9Ds21r9qolstGBmteqHGlp
-----END CERTIFICATE-----
Generated at Sun May 5 05:22:02 2024 by rpki-client on console-fra.rpki-client.org