Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3233312e302f32342d3234203d3e203630343538.roa
File: 3138352e33372e3233312e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: WFSRZuechNzxJnaZPrUrgZDg9C0etUbZt9I5ZFL6HD4=
Subject key identifier: 8E:1A:B6:0F:C8:3D:E6:CA:C3:21:E8:5C:A1:3D:68:EC:5F:20:F7:8E
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 45F7ADEC79BFFD60CD98048BE2979A0E6DCCD894
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3233312e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:16 +0000
ROA not before: Mon 03 Jun 2024 06:00:16 +0000
ROA not after: Mon 02 Jun 2025 06:05:16 +0000
asID: 60458
IP address blocks: 185.37.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:f7:ad:ec:79:bf:fd:60:cd:98:04:8b:e2:97:9a:0e:6d:cc:d8:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:16 2024 GMT
Not After : Jun 2 06:05:16 2025 GMT
Subject: CN=8E1AB60FC83DE6CAC321E85CA13D68EC5F20F78E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4d:5f:11:8b:a8:74:4c:a9:18:64:fc:62:b0:
87:ed:51:4d:f7:a6:47:34:2e:b4:02:5c:97:ff:1c:
1d:3f:b6:b6:33:e1:ca:e2:a7:06:5f:0e:68:ca:ef:
e4:03:99:04:1a:29:48:0b:44:92:fe:bb:8f:98:18:
a9:85:f8:11:ea:a1:8b:7c:c4:7f:04:9b:3a:6e:5e:
27:fd:bd:c4:16:7a:b4:4f:49:25:a3:4a:f8:13:37:
71:fb:bc:34:b7:3d:ea:b7:34:14:17:db:c9:cf:ea:
96:35:e7:1a:60:80:6e:1b:02:a3:b6:e0:93:b9:b4:
42:49:c1:a8:9f:00:94:c3:b6:54:77:56:0d:48:49:
e2:a5:af:00:94:71:11:b8:22:2b:a0:8a:ef:10:29:
54:df:3f:33:8a:75:88:54:46:48:0a:1c:8a:4f:80:
16:de:8a:c7:06:4c:9b:08:6a:6f:02:36:cb:3e:47:
d5:f4:25:05:31:4f:bd:7d:a5:41:56:39:96:46:ed:
44:5d:a5:fa:28:ea:9e:9b:fb:a6:83:9e:8f:c8:82:
38:3c:ae:48:95:16:0e:34:2b:46:f7:b9:07:88:f4:
d5:c3:28:af:b6:d5:29:c0:dc:90:6d:b6:1f:57:b9:
0e:5c:94:b4:84:f4:f6:70:d8:7c:56:c0:d6:f6:17:
72:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:1A:B6:0F:C8:3D:E6:CA:C3:21:E8:5C:A1:3D:68:EC:5F:20:F7:8E
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3233312e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.231.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:6c:77:e4:27:80:9a:d5:ba:d0:bb:46:23:94:bc:60:20:bd:
42:68:6d:50:53:63:4c:7f:6b:c3:63:97:71:e6:7a:27:e3:02:
8a:2c:18:6c:6d:b0:85:af:f3:2c:8b:12:4c:09:f0:a3:53:05:
ee:75:f4:a6:33:10:89:a3:d5:cb:01:a2:0d:c6:6c:d3:98:08:
cc:a0:0d:75:f8:cf:45:8d:2a:a9:87:f7:8f:81:02:c0:de:d7:
d3:43:a5:52:f1:49:96:5f:46:36:41:a8:83:67:cc:26:d7:ab:
56:8e:92:96:e9:1d:33:00:4a:5c:b6:4c:90:f9:93:41:a5:a1:
76:be:2e:80:24:06:3a:61:06:a8:fa:db:f6:84:f5:8c:fe:a4:
2a:6e:68:8c:25:49:c0:7b:ba:82:57:9b:e3:3e:b6:cb:af:b2:
eb:9d:19:97:cb:4d:04:5a:9e:b1:d8:8c:b2:b7:02:5f:b3:7b:
05:8b:2e:9b:cc:d9:3f:66:d1:c7:e9:d9:76:8b:dc:93:49:05:
2e:ec:40:10:ce:28:8b:2a:e2:1b:8d:0e:50:0f:80:cc:59:ec:
d4:83:66:7e:fb:ba:c1:f8:ed:be:79:17:4f:0c:8b:92:46:e5:
ee:63:d1:49:b9:f7:b3:9d:27:36:16:64:96:95:42:5b:60:a6:
91:14:04:d6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURfet7Hm//WDNmASL4peaDm3M2JQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTZaFw0yNTA2MDIwNjA1MTZaMDMxMTAvBgNV
BAMTKDhFMUFCNjBGQzgzREU2Q0FDMzIxRTg1Q0ExM0Q2OEVDNUYyMEY3OEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpTV8Ri6h0TKkYZPxisIftUU33
pkc0LrQCXJf/HB0/trYz4cripwZfDmjK7+QDmQQaKUgLRJL+u4+YGKmF+BHqoYt8
xH8EmzpuXif9vcQWerRPSSWjSvgTN3H7vDS3Peq3NBQX28nP6pY15xpggG4bAqO2
4JO5tEJJwaifAJTDtlR3Vg1ISeKlrwCUcRG4Iiugiu8QKVTfPzOKdYhURkgKHIpP
gBbeiscGTJsIam8CNss+R9X0JQUxT719pUFWOZZG7URdpfoo6p6b+6aDno/Igjg8
rkiVFg40K0b3uQeI9NXDKK+21SnA3JBtth9XuQ5clLSE9PZw2HxWwNb2F3LLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUjhq2D8g95srDIehcoT1o7F8g944wHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMzM3MmUzMjMz
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uSXnMA0GCSqGSIb3DQEBCwUAA4IBAQAubHfkJ4Ca1brQu0YjlLxgIL1CaG1QU2NM
f2vDY5dx5non4wKKLBhsbbCFr/MsixJMCfCjUwXudfSmMxCJo9XLAaINxmzTmAjM
oA11+M9FjSqph/ePgQLA3tfTQ6VS8UmWX0Y2QaiDZ8wm16tWjpKW6R0zAEpctkyQ
+ZNBpaF2vi6AJAY6YQao+tv2hPWM/qQqbmiMJUnAe7qCV5vjPrbLr7LrnRmXy00E
Wp6x2IyytwJfs3sFiy6bzNk/ZtHH6dl2i9yTSQUu7EAQziiLKuIbjQ5QD4DMWezU
g2Z++7rB+O2+eRdPDIuSRuXuY9FJufeznSc2FmSWlUJbYKaRFATW
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:50 2024 by rpki-client on console-fra.rpki-client.org