Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS3170.roa
File: AS3170.roa (raw, json)
Hash identifier: J/lItQfqvjGzajcRI3CCZwyHYtpco3Q6DFPAQmRhFMo=
Subject key identifier: DA:CD:E5:A8:16:14:34:33:B4:BF:0E:CD:2C:D0:83:84:B4:C8:B0:86
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 6829474B5B344C46DB7DECC3217D784CA78996B0
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS3170.roa
Signing time: Sat 10 Jun 2023 22:16:03 +0000
ROA not before: Sat 10 Jun 2023 22:11:03 +0000
ROA not after: Sat 08 Jun 2024 22:16:03 +0000
asID: 3170
IP address blocks: 45.149.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:29:47:4b:5b:34:4c:46:db:7d:ec:c3:21:7d:78:4c:a7:89:96:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Jun 10 22:11:03 2023 GMT
Not After : Jun 8 22:16:03 2024 GMT
Subject: CN=DACDE5A816143433B4BF0ECD2CD08384B4C8B086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:b5:0f:84:73:af:f8:e5:f4:ca:bb:d1:e5:86:
91:b5:69:cd:e9:02:fe:1b:e9:02:ca:b8:68:5c:60:
b1:04:e1:67:7e:b4:27:23:80:8b:c6:65:46:92:b3:
ba:be:97:73:34:8c:d4:f5:58:bd:1b:3f:7d:60:4f:
87:3c:aa:fa:14:02:21:4c:4c:33:f5:5d:df:a4:17:
31:28:ef:51:14:4e:fa:b8:73:91:d3:d3:33:6b:37:
d2:3b:e2:a1:42:cc:eb:e0:ce:d5:15:81:6b:7a:93:
b3:1a:20:2c:46:66:a1:ad:39:51:9d:6b:dd:8c:6f:
7d:8d:39:c8:f8:2e:0f:8e:0d:62:ea:6c:25:20:35:
e7:c6:9a:95:c7:f0:9f:e6:0f:68:99:e2:dd:81:23:
b3:74:bf:ab:96:44:01:dc:eb:51:fd:57:80:6a:8a:
c3:aa:e1:5d:90:08:ad:a0:0a:ca:da:32:70:b6:aa:
a4:94:44:f1:f6:3e:61:d8:7e:85:8e:bc:06:ed:9a:
2a:7b:88:d7:37:85:ec:ec:33:3a:6f:d5:69:01:26:
fc:e6:d8:72:d6:b1:b4:ff:fd:2c:98:0c:0d:0b:68:
54:bb:17:fc:fe:1b:68:47:ed:84:5d:3d:84:f2:4e:
fc:ff:70:6e:6f:58:39:b1:fe:41:ce:66:c5:57:43:
9d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:CD:E5:A8:16:14:34:33:B4:BF:0E:CD:2C:D0:83:84:B4:C8:B0:86
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS3170.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.184.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:12:0d:40:17:04:cd:d0:74:63:fe:10:d0:f8:16:91:9a:88:
5c:ac:21:70:99:7e:a7:93:9d:4f:a4:36:9d:a6:17:05:2c:19:
89:12:e9:a8:79:00:d9:c7:82:8e:88:8e:06:5f:db:68:4c:73:
c1:67:c4:3d:03:cf:a2:c5:de:19:7d:62:4b:02:17:e3:e9:08:
57:5d:bf:6f:62:68:1c:2f:1b:0f:2c:38:69:9f:72:9e:ff:e0:
cb:0a:26:9b:c7:ca:e0:fd:c2:9f:e2:f0:15:59:77:54:94:ae:
14:40:1e:ff:6e:b6:4b:0c:8a:95:01:ec:91:56:77:1d:f1:60:
30:31:9a:b3:70:f5:53:1b:4b:9b:15:05:30:98:1a:af:2e:66:
c8:a5:24:9c:a9:c5:00:bd:7a:0e:26:8e:55:80:71:98:09:b2:
5b:5d:28:33:e5:6b:59:af:e2:9f:51:9b:9f:d3:c6:2b:3d:c1:
a5:42:bc:2e:a6:3a:f7:22:de:37:ca:7a:6b:e5:50:ad:e3:17:
73:b6:9c:b8:f5:27:b5:3d:2e:09:f8:44:4b:b1:bb:95:48:9d:
d8:08:b9:ff:73:fe:00:5d:9f:95:40:3d:ec:58:a1:03:b8:c6:
3e:1c:a9:68:1e:0c:61:a0:7f:38:54:76:2a:be:ab:f8:08:00:
a2:fd:e0:42
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUaClHS1s0TEbbfezDIX14TKeJlrAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yMzA2MTAyMjExMDNaFw0yNDA2MDgyMjE2MDNaMDMxMTAvBgNV
BAMTKERBQ0RFNUE4MTYxNDM0MzNCNEJGMEVDRDJDRDA4Mzg0QjRDOEIwODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgtQ+Ec6/45fTKu9HlhpG1ac3p
Av4b6QLKuGhcYLEE4Wd+tCcjgIvGZUaSs7q+l3M0jNT1WL0bP31gT4c8qvoUAiFM
TDP1Xd+kFzEo71EUTvq4c5HT0zNrN9I74qFCzOvgztUVgWt6k7MaICxGZqGtOVGd
a92Mb32NOcj4Lg+ODWLqbCUgNefGmpXH8J/mD2iZ4t2BI7N0v6uWRAHc61H9V4Bq
isOq4V2QCK2gCsraMnC2qqSURPH2PmHYfoWOvAbtmip7iNc3hezsMzpv1WkBJvzm
2HLWsbT//SyYDA0LaFS7F/z+G2hH7YRdPYTyTvz/cG5vWDmx/kHOZsVXQ517AgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQU2s3lqBYUNDO0vw7NLNCDhLTIsIYwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMzE3MC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2VuDAN
BgkqhkiG9w0BAQsFAAOCAQEADBINQBcEzdB0Y/4Q0PgWkZqIXKwhcJl+p5OdT6Q2
naYXBSwZiRLpqHkA2ceCjoiOBl/baExzwWfEPQPPosXeGX1iSwIX4+kIV12/b2Jo
HC8bDyw4aZ9ynv/gywomm8fK4P3Cn+LwFVl3VJSuFEAe/262SwyKlQHskVZ3HfFg
MDGas3D1UxtLmxUFMJgary5myKUknKnFAL16DiaOVYBxmAmyW10oM+VrWa/in1Gb
n9PGKz3BpUK8LqY69yLeN8p6a+VQreMXc7acuPUntT0uCfhES7G7lUid2Ai5/3P+
AF2flUA97FihA7jGPhypaB4MYaB/OFR2Kr6r+AgAov3gQg==
-----END CERTIFICATE-----
Generated at Mon May 6 16:53:15 2024 by rpki-client on console-fra.rpki-client.org