Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS3170.roa
File: AS3170.roa (raw, json)
Hash identifier: vND/NWShmn3FtPQ58+rnhkulzhafPezQLgme7P11lXk=
Subject key identifier: 92:AE:CE:B1:DA:AC:DC:36:13:F3:E3:47:DA:01:9C:49:07:28:A9:CE
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 5DEE8211FAF97FA8861118950DFEBFE749A98823
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS3170.roa
Signing time: Sat 11 May 2024 23:05:16 +0000
ROA not before: Sat 11 May 2024 23:00:16 +0000
ROA not after: Sat 10 May 2025 23:05:16 +0000
asID: 3170
IP address blocks: 45.149.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:ee:82:11:fa:f9:7f:a8:86:11:18:95:0d:fe:bf:e7:49:a9:88:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: May 11 23:00:16 2024 GMT
Not After : May 10 23:05:16 2025 GMT
Subject: CN=92AECEB1DAACDC3613F3E347DA019C490728A9CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:9d:f3:43:95:19:3e:66:89:cf:3c:fe:35:70:
a1:b6:b8:16:74:af:19:eb:27:c6:25:6f:56:54:1d:
67:02:7c:c7:db:c6:8d:6b:5d:aa:56:41:7b:b5:1c:
62:2d:b4:ec:23:88:29:29:cd:89:f2:e0:5b:4f:83:
3c:63:9e:65:47:c5:3c:21:14:04:91:bb:73:e7:92:
89:bb:fe:bf:ab:44:c0:19:3f:11:9a:85:99:0a:d3:
07:eb:97:89:f8:6e:58:db:cf:c3:cb:09:80:b7:a2:
1c:b6:c9:45:81:c7:1d:94:72:e5:f6:5b:61:0d:ba:
ff:72:48:38:f7:f8:f0:87:c5:d8:e8:57:9d:12:78:
4c:7a:cc:85:06:a2:ff:84:e5:eb:bb:02:75:8a:1f:
fd:6d:07:4a:3c:14:87:58:47:a8:cc:87:41:fb:78:
f4:8b:ed:b8:ed:1f:60:8b:79:dd:0a:02:7f:2a:2e:
a7:d5:40:cf:43:89:8f:cd:e4:de:35:9e:03:92:0d:
21:d1:ed:0c:86:70:35:78:93:7b:76:62:84:9b:42:
ee:b5:82:9b:8d:2c:04:20:07:69:7a:2d:f3:cc:12:
cb:97:05:b4:47:e1:47:25:99:ef:81:9a:1c:6f:5a:
b0:de:9d:02:a1:bd:7e:76:4a:7e:82:34:c9:3c:e6:
e8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:AE:CE:B1:DA:AC:DC:36:13:F3:E3:47:DA:01:9C:49:07:28:A9:CE
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS3170.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.184.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:41:3b:93:98:aa:32:5b:09:1f:07:6d:65:9d:8a:18:84:69:
ce:c5:b9:a2:a9:2b:81:bb:26:a8:27:df:5f:40:51:f4:93:2a:
5b:23:89:31:da:4c:96:b8:a4:8f:e3:d4:dc:79:82:cf:2b:4f:
12:9b:c7:17:86:32:f5:b4:b4:ed:35:06:6a:09:09:45:f5:14:
73:f8:b6:44:71:6b:34:5b:1e:30:8b:0e:f9:e4:43:2c:81:75:
df:2f:58:2a:aa:2b:ce:e0:02:17:5c:2c:85:68:13:c0:77:9f:
1b:88:ea:46:77:e8:aa:f7:9b:c6:20:c7:67:a3:72:b0:39:15:
34:4a:54:65:4e:6d:ca:b3:96:ab:4e:d1:6e:57:e0:39:63:57:
67:15:59:06:b7:9e:1a:9d:ad:bb:89:0a:ac:99:ee:80:fd:7d:
c8:48:df:48:f0:91:b5:78:6a:46:36:c7:63:57:a0:1c:b9:7f:
32:ea:42:c3:5b:dc:a9:6c:39:24:3e:ed:ea:92:c4:3d:16:85:
60:6e:41:97:fa:07:0f:ea:48:79:96:94:e0:c8:94:5c:f3:d2:
cf:0f:17:90:c7:9a:18:49:92:ff:c9:02:64:91:0e:28:13:70:
b8:f3:63:ca:1f:03:8d:d7:da:ee:ef:a6:f0:66:4b:2e:20:fc:
a2:dc:d3:5d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUXe6CEfr5f6iGERiVDf6/50mpiCMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNDA1MTEyMzAwMTZaFw0yNTA1MTAyMzA1MTZaMDMxMTAvBgNV
BAMTKDkyQUVDRUIxREFBQ0RDMzYxM0YzRTM0N0RBMDE5QzQ5MDcyOEE5Q0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCinfNDlRk+ZonPPP41cKG2uBZ0
rxnrJ8Ylb1ZUHWcCfMfbxo1rXapWQXu1HGIttOwjiCkpzYny4FtPgzxjnmVHxTwh
FASRu3Pnkom7/r+rRMAZPxGahZkK0wfrl4n4bljbz8PLCYC3ohy2yUWBxx2UcuX2
W2ENuv9ySDj3+PCHxdjoV50SeEx6zIUGov+E5eu7AnWKH/1tB0o8FIdYR6jMh0H7
ePSL7bjtH2CLed0KAn8qLqfVQM9DiY/N5N41ngOSDSHR7QyGcDV4k3t2YoSbQu61
gpuNLAQgB2l6LfPMEsuXBbRH4Uclme+BmhxvWrDenQKhvX52Sn6CNMk85ujTAgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQUkq7Osdqs3DYT8+NH2gGcSQcoqc4wHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMzE3MC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2VuDAN
BgkqhkiG9w0BAQsFAAOCAQEAv0E7k5iqMlsJHwdtZZ2KGIRpzsW5oqkrgbsmqCff
X0BR9JMqWyOJMdpMlrikj+PU3HmCzytPEpvHF4Yy9bS07TUGagkJRfUUc/i2RHFr
NFseMIsO+eRDLIF13y9YKqorzuACF1wshWgTwHefG4jqRnfoqvebxiDHZ6NysDkV
NEpUZU5tyrOWq07RblfgOWNXZxVZBreeGp2tu4kKrJnugP19yEjfSPCRtXhqRjbH
Y1egHLl/MupCw1vcqWw5JD7t6pLEPRaFYG5Bl/oHD+pIeZaU4MiUXPPSzw8XkMea
GEmS/8kCZJEOKBNwuPNjyh8Djdfa7u+m8GZLLiD8otzTXQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:15:23 2024 by rpki-client on console-ams.rpki-client.org