Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3232392e302f32342d3234203d3e203630343538.roa
File: 3138352e33372e3232392e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: 3CDHVjkG77lS5G2b6DT2m/fnsghT5i2zxREcxj+wBJM=
Subject key identifier: 3F:4A:CA:EE:50:EF:B7:26:CC:69:93:C2:99:5A:CB:31:A0:59:05:CC
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 7CFAA224CBEF0174A6B8F65CC4003BB6670A81FC
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3232392e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:17 +0000
ROA not before: Mon 03 Jun 2024 06:00:17 +0000
ROA not after: Mon 02 Jun 2025 06:05:17 +0000
asID: 60458
IP address blocks: 185.37.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:fa:a2:24:cb:ef:01:74:a6:b8:f6:5c:c4:00:3b:b6:67:0a:81:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:17 2024 GMT
Not After : Jun 2 06:05:17 2025 GMT
Subject: CN=3F4ACAEE50EFB726CC6993C2995ACB31A05905CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8e:6b:1b:6d:c0:7a:b1:91:db:20:fc:d5:04:
b1:58:9b:1c:be:30:fa:eb:68:ed:1f:a0:9b:be:c4:
01:47:a3:8c:1f:e6:08:b2:ed:7b:c9:c9:63:80:55:
60:2a:44:f8:b6:a4:d6:d4:24:47:ab:5f:53:79:aa:
ff:5c:da:46:de:b8:82:07:c5:ca:d4:ea:ec:8b:f8:
cd:14:5b:eb:c4:08:b4:16:c0:60:88:e3:81:e0:27:
8f:a5:eb:40:6b:9e:5d:4e:85:4a:70:72:64:bc:2a:
ad:39:0e:a6:ef:65:ee:e4:db:44:e9:61:9e:1a:5d:
1b:c0:74:57:82:0e:eb:5e:a1:ed:42:b2:98:53:bb:
7f:6e:6c:2f:5d:ae:f4:1b:85:42:72:1c:51:86:51:
df:4a:0a:5c:7f:20:59:ce:26:b4:c0:5b:cd:1e:6f:
8a:07:47:cb:ae:d7:9e:6d:6c:7f:33:d9:78:c8:1a:
fc:7b:88:a6:e0:9e:87:8c:d4:31:8b:cd:9f:be:5f:
fb:13:47:8b:70:79:b9:d0:90:11:2d:96:ce:1f:13:
cf:ac:3e:43:d7:b5:e1:1c:e7:c6:ef:62:f0:d0:74:
11:95:42:ae:75:99:6b:1a:76:31:75:ca:5e:c9:10:
7d:43:15:11:7a:c6:b9:f9:c2:36:eb:14:06:83:68:
36:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:4A:CA:EE:50:EF:B7:26:CC:69:93:C2:99:5A:CB:31:A0:59:05:CC
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3232392e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.229.0/24
Signature Algorithm: sha256WithRSAEncryption
13:39:84:67:d7:f4:a9:f2:da:92:90:2c:6e:5f:f3:52:7c:e9:
3c:58:42:54:0d:a5:ea:ce:19:86:34:a3:8a:20:ce:9e:79:bd:
36:7f:09:5a:6d:ff:88:8b:89:7b:0b:1a:30:ed:8b:f7:3e:49:
e2:ee:6e:46:56:b3:28:1e:10:80:0f:b7:9a:c3:1c:71:7c:1b:
6a:c0:f0:8b:d0:a8:da:43:e5:7d:40:27:a6:99:8d:11:d1:9e:
ff:0b:cd:21:b0:4e:d0:2b:31:5d:9b:7b:a6:95:a2:c8:7e:ad:
c8:e4:36:62:1b:02:bc:56:4f:0d:f8:f8:0c:01:76:e0:9c:aa:
31:f5:66:e4:09:17:97:72:ed:55:d9:95:1d:36:a4:f4:18:22:
18:25:aa:26:e7:d8:d6:8f:2b:3b:a0:72:88:4b:9a:42:bb:ee:
10:7e:a5:be:25:85:2b:84:3a:ac:7d:6e:3f:a3:2a:65:af:ff:
f4:d1:6b:a4:65:12:80:b3:89:f2:b3:6d:fe:8e:95:25:15:6c:
3a:8a:cb:f3:2f:07:83:50:e2:82:9f:9a:2c:fc:aa:a9:ba:37:
ef:6f:48:74:5f:d6:47:18:d7:71:9a:ad:01:76:70:1b:7c:47:
03:1b:c1:10:e2:38:46:40:7f:db:2f:df:7d:fb:b2:c0:38:69:
ab:c9:a4:ee
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfPqiJMvvAXSmuPZcxAA7tmcKgfwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTdaFw0yNTA2MDIwNjA1MTdaMDMxMTAvBgNV
BAMTKDNGNEFDQUVFNTBFRkI3MjZDQzY5OTNDMjk5NUFDQjMxQTA1OTA1Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsjmsbbcB6sZHbIPzVBLFYmxy+
MPrraO0foJu+xAFHo4wf5giy7XvJyWOAVWAqRPi2pNbUJEerX1N5qv9c2kbeuIIH
xcrU6uyL+M0UW+vECLQWwGCI44HgJ4+l60Brnl1OhUpwcmS8Kq05DqbvZe7k20Tp
YZ4aXRvAdFeCDuteoe1CsphTu39ubC9drvQbhUJyHFGGUd9KClx/IFnOJrTAW80e
b4oHR8uu155tbH8z2XjIGvx7iKbgnoeM1DGLzZ++X/sTR4twebnQkBEtls4fE8+s
PkPXteEc58bvYvDQdBGVQq51mWsadjF1yl7JEH1DFRF6xrn5wjbrFAaDaDavAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUP0rK7lDvtybMaZPCmVrLMaBZBcwwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMzM3MmUzMjMy
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uSXlMA0GCSqGSIb3DQEBCwUAA4IBAQATOYRn1/Sp8tqSkCxuX/NSfOk8WEJUDaXq
zhmGNKOKIM6eeb02fwlabf+Ii4l7Cxow7Yv3Pkni7m5GVrMoHhCAD7eawxxxfBtq
wPCL0KjaQ+V9QCemmY0R0Z7/C80hsE7QKzFdm3umlaLIfq3I5DZiGwK8Vk8N+PgM
AXbgnKox9WbkCReXcu1V2ZUdNqT0GCIYJaom59jWjys7oHKIS5pCu+4QfqW+JYUr
hDqsfW4/oyplr//00WukZRKAs4nys23+jpUlFWw6isvzLweDUOKCn5os/Kqpujfv
b0h0X9ZHGNdxmq0BdnAbfEcDG8EQ4jhGQH/bL999+7LAOGmryaTu
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org