Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3233312e302f32342d3234203d3e203630343538.roa
File: 3138352e33372e3233312e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: YhHcJrKwdtxqzEGziKIgiMAQpXC/Au8g9vKgKlaLYwQ=
Subject key identifier: EF:D4:B8:B1:C0:A8:37:6F:98:68:68:1E:63:23:16:9A:F9:3D:11:0F
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 5C181A7C4A0909581782AAE04BC3FF327EC31E27
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3233312e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jul 2023 05:42:06 +0000
ROA not before: Mon 03 Jul 2023 05:37:06 +0000
ROA not after: Mon 01 Jul 2024 05:42:06 +0000
asID: 60458
IP address blocks: 185.37.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:18:1a:7c:4a:09:09:58:17:82:aa:e0:4b:c3:ff:32:7e:c3:1e:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jul 3 05:37:06 2023 GMT
Not After : Jul 1 05:42:06 2024 GMT
Subject: CN=EFD4B8B1C0A8376F9868681E6323169AF93D110F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:07:95:9b:d2:b7:4a:c7:c2:be:e0:19:78:bc:
72:9c:8a:51:72:87:74:bf:b1:0f:ba:8e:b1:40:6e:
53:65:c2:89:9b:a7:d8:2e:b2:8c:3b:2e:11:69:5a:
7f:10:86:d2:0c:47:18:cc:ab:42:55:18:35:60:b4:
60:f9:6f:a4:d9:2b:63:14:24:cd:a4:5a:bb:ef:b5:
1c:19:fc:0b:00:2b:93:11:76:f8:4c:5d:77:56:54:
7c:c6:5e:cc:a6:05:04:d2:9d:29:00:11:67:21:ee:
7d:2b:18:20:c6:b6:d6:58:9e:88:58:a6:85:33:ec:
92:bb:3f:9d:40:c7:17:77:2a:51:b3:76:f8:b9:80:
20:d2:b6:07:9e:91:02:2f:f3:1a:d6:c8:a0:2f:ab:
11:b5:93:ce:a5:5e:2f:f6:a2:2e:6b:37:6f:6c:65:
41:c3:21:f4:79:ae:b9:79:c7:89:0a:09:4a:b9:d0:
ae:9d:7b:e6:4e:f9:9d:bf:22:0d:7f:f3:a7:49:d9:
d0:60:fd:52:55:c9:8c:5a:83:88:e3:6f:a9:5e:2b:
5d:8d:c1:07:91:de:78:eb:06:5a:e9:90:99:67:a6:
c2:9d:63:68:c0:f8:b1:6f:b8:e4:e0:35:31:af:78:
59:da:46:0f:53:7c:f8:68:2f:ec:72:2f:cb:c9:3a:
b3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:D4:B8:B1:C0:A8:37:6F:98:68:68:1E:63:23:16:9A:F9:3D:11:0F
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3233312e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.231.0/24
Signature Algorithm: sha256WithRSAEncryption
65:61:6f:47:1a:c3:02:8c:8b:45:ac:0b:48:9f:f0:df:66:b5:
56:15:81:74:f7:3d:e2:25:57:1e:8c:c4:ae:21:88:ff:a0:53:
73:80:be:1a:ec:24:9d:48:1c:7f:62:7c:b9:39:71:63:e2:b8:
ef:d9:c3:51:02:5c:26:a8:50:cf:d9:b2:8a:8e:61:3e:ff:b0:
f6:9a:7c:5d:27:e0:a5:0d:3d:65:e4:43:2b:c4:f8:6a:2c:7b:
59:6d:26:f4:f5:09:d8:a4:3c:88:a8:5e:b2:62:b9:e3:2d:1c:
02:70:c3:6c:cf:a5:5c:dc:e8:78:29:d5:ef:d7:87:80:cb:2d:
d3:94:02:a4:e6:d4:77:f9:05:be:6a:f3:82:34:9d:94:da:5f:
4f:02:11:62:fd:9b:29:09:d9:e6:72:cf:4a:77:bc:ae:ce:9a:
f4:6f:e2:5b:92:34:c0:f3:09:17:49:e5:99:91:ea:6b:6e:6b:
cd:16:24:1e:2c:93:e3:45:38:f5:ac:0a:c5:60:2c:06:71:5a:
55:ac:80:1a:eb:4c:27:8f:64:4a:2e:00:cd:45:ad:18:59:36:
c5:5b:62:34:e2:e5:b1:6b:8f:46:df:08:36:4b:1c:0d:03:a0:
e6:67:6c:9c:e8:b8:dc:fb:23:ff:89:52:2d:6b:33:ca:de:9e:
66:b4:07:17
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXBgafEoJCVgXgqrgS8P/Mn7DHicwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yMzA3MDMwNTM3MDZaFw0yNDA3MDEwNTQyMDZaMDMxMTAvBgNV
BAMTKEVGRDRCOEIxQzBBODM3NkY5ODY4NjgxRTYzMjMxNjlBRjkzRDExMEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfB5Wb0rdKx8K+4Bl4vHKcilFy
h3S/sQ+6jrFAblNlwombp9gusow7LhFpWn8QhtIMRxjMq0JVGDVgtGD5b6TZK2MU
JM2kWrvvtRwZ/AsAK5MRdvhMXXdWVHzGXsymBQTSnSkAEWch7n0rGCDGttZYnohY
poUz7JK7P51Axxd3KlGzdvi5gCDStgeekQIv8xrWyKAvqxG1k86lXi/2oi5rN29s
ZUHDIfR5rrl5x4kKCUq50K6de+ZO+Z2/Ig1/86dJ2dBg/VJVyYxag4jjb6leK12N
wQeR3njrBlrpkJlnpsKdY2jA+LFvuOTgNTGveFnaRg9TfPhoL+xyL8vJOrOfAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU79S4scCoN2+YaGgeYyMWmvk9EQ8wHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMzM3MmUzMjMz
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uSXnMA0GCSqGSIb3DQEBCwUAA4IBAQBlYW9HGsMCjItFrAtIn/DfZrVWFYF09z3i
JVcejMSuIYj/oFNzgL4a7CSdSBx/Yny5OXFj4rjv2cNRAlwmqFDP2bKKjmE+/7D2
mnxdJ+ClDT1l5EMrxPhqLHtZbSb09QnYpDyIqF6yYrnjLRwCcMNsz6Vc3Oh4KdXv
14eAyy3TlAKk5tR3+QW+avOCNJ2U2l9PAhFi/ZspCdnmcs9Kd7yuzpr0b+JbkjTA
8wkXSeWZkeprbmvNFiQeLJPjRTj1rArFYCwGcVpVrIAa60wnj2RKLgDNRa0YWTbF
W2I04uWxa49G3wg2SxwNA6DmZ2yc6Ljc+yP/iVItazPK3p5mtAcX
-----END CERTIFICATE-----
Generated at Mon May 6 01:02:59 2024 by rpki-client on console-ams.rpki-client.org