Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3137382e302f32332d3233203d3e20343030393039.roa
File: 3137382e3230382e3137382e302f32332d3233203d3e20343030393039.roa (raw, json)
Hash identifier: m23B5LLjvbaDpUyx48QI1dE9Pkyz4srWFxVoEvv2B54=
Subject key identifier: 0B:DB:AA:97:D4:83:A0:B7:79:3B:42:83:2F:B0:80:8B:BA:0F:BA:1D
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 5D0F68071E74E3ED4A6C639A5A8EBC2319C39199
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3137382e302f32332d3233203d3e20343030393039.roa
Signing time: Thu 21 Dec 2023 14:22:22 +0000
ROA not before: Thu 21 Dec 2023 14:17:22 +0000
ROA not after: Thu 19 Dec 2024 14:22:22 +0000
asID: 400909
IP address blocks: 178.208.178.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 19:51:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:0f:68:07:1e:74:e3:ed:4a:6c:63:9a:5a:8e:bc:23:19:c3:91:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Dec 21 14:17:22 2023 GMT
Not After : Dec 19 14:22:22 2024 GMT
Subject: CN=0BDBAA97D483A0B7793B42832FB0808BBA0FBA1D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:34:db:b3:01:70:c2:2a:ad:a8:41:c5:da:0b:
e6:8a:6a:63:50:ea:6a:08:56:bf:3e:20:6d:e3:13:
62:f4:e5:42:91:22:43:15:60:e9:cd:c2:8c:e4:97:
d4:60:13:21:ed:87:87:4d:b3:da:8c:48:08:19:b5:
56:40:14:9e:28:91:5a:63:59:67:87:07:1e:70:ec:
c5:7e:66:81:79:89:cc:d2:2e:3e:91:85:b5:48:bd:
37:22:b1:71:3c:61:93:36:03:55:73:c1:da:f4:8d:
ac:a2:d7:30:5b:02:10:57:dc:68:53:3e:1a:dd:3c:
fa:67:eb:7b:c4:62:5c:78:92:3c:d6:25:70:96:fb:
3f:eb:b9:ee:d7:5b:36:34:19:85:f3:3f:9e:a9:28:
44:4b:c9:fd:76:5b:81:d3:92:79:51:a3:0a:b8:20:
51:e8:60:eb:76:32:8e:15:f2:09:ec:89:77:32:91:
fb:fb:aa:66:5e:90:30:c6:3d:f1:8e:62:40:1a:d3:
29:27:3c:c4:9d:b0:5b:85:1e:34:22:55:99:75:c6:
b8:f9:41:1e:d6:9e:cc:a4:94:b2:41:52:6b:c0:8a:
f0:eb:24:7b:1f:11:8d:76:0c:4d:f7:82:3c:8b:32:
d4:4d:d0:df:db:12:35:57:9f:78:7c:63:e0:38:68:
3d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:DB:AA:97:D4:83:A0:B7:79:3B:42:83:2F:B0:80:8B:BA:0F:BA:1D
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3137382e302f32332d3233203d3e20343030393039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.208.178.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:74:b1:79:c3:ab:02:38:f7:a6:3b:a7:b8:23:30:c7:4b:f5:
25:3b:40:54:33:d4:21:d2:fb:53:4d:89:80:23:67:eb:fa:dc:
b1:14:03:71:23:e0:93:bb:1b:7d:ba:4d:92:2f:3d:33:8d:2d:
5b:29:e3:cc:be:b6:21:3b:3c:5c:6d:55:96:db:2c:e9:3a:d8:
03:01:e7:f8:d7:60:9e:42:4e:ad:cc:2b:31:48:63:52:10:3c:
18:e8:c5:fb:6c:ba:96:7d:6c:b6:22:9e:e6:13:4f:a7:b4:02:
16:73:5d:99:f8:09:8a:b3:fd:2b:66:38:9c:49:d2:68:16:7c:
39:7a:81:bb:53:36:c0:d1:8d:d9:76:1f:05:63:b9:38:89:e5:
90:db:cf:8d:36:6d:14:fb:48:08:66:c2:fe:52:27:3a:84:79:
fc:c3:64:92:0e:91:3f:92:d6:07:a3:2d:26:5d:55:91:b3:2e:
6f:ca:57:f8:16:3e:82:1f:00:95:dc:48:e6:b1:3e:19:09:87:
63:1d:34:fd:ba:8d:1e:91:02:2e:da:06:9f:ca:90:50:66:94:
a6:b5:2d:a1:d4:96:51:1b:d8:02:bf:f4:70:e6:cb:28:42:e6:
14:1c:cc:82:c5:32:60:e9:f5:fe:ac:01:2b:56:f0:9d:33:87:
cc:02:e1:47
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUXQ9oBx504+1KbGOaWo68IxnDkZkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yMzEyMjExNDE3MjJaFw0yNDEyMTkxNDIyMjJaMDMxMTAvBgNV
BAMTKDBCREJBQTk3RDQ4M0EwQjc3OTNCNDI4MzJGQjA4MDhCQkEwRkJBMUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKNNuzAXDCKq2oQcXaC+aKamNQ
6moIVr8+IG3jE2L05UKRIkMVYOnNwozkl9RgEyHth4dNs9qMSAgZtVZAFJ4okVpj
WWeHBx5w7MV+ZoF5iczSLj6RhbVIvTcisXE8YZM2A1Vzwdr0jayi1zBbAhBX3GhT
PhrdPPpn63vEYlx4kjzWJXCW+z/rue7XWzY0GYXzP56pKERLyf12W4HTknlRowq4
IFHoYOt2Mo4V8gnsiXcykfv7qmZekDDGPfGOYkAa0yknPMSdsFuFHjQiVZl1xrj5
QR7WnsyklLJBUmvAivDrJHsfEY12DE33gjyLMtRN0N/bEjVXn3h8Y+A4aD0/AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUC9uql9SDoLd5O0KDL7CAi7oPuh0wHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzEzNzM4MmUzMjMwMzgyZTMx
MzczODJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM0MzAzMDM5MzAzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAbLQsjANBgkqhkiG9w0BAQsFAAOCAQEAPXSxecOrAjj3pjunuCMwx0v1JTtA
VDPUIdL7U02JgCNn6/rcsRQDcSPgk7sbfbpNki89M40tWynjzL62ITs8XG1Vltss
6TrYAwHn+NdgnkJOrcwrMUhjUhA8GOjF+2y6ln1stiKe5hNPp7QCFnNdmfgJirP9
K2Y4nEnSaBZ8OXqBu1M2wNGN2XYfBWO5OInlkNvPjTZtFPtICGbC/lInOoR5/MNk
kg6RP5LWB6MtJl1VkbMub8pX+BY+gh8AldxI5rE+GQmHYx00/bqNHpECLtoGn8qQ
UGaUprUtodSWURvYAr/0cObLKELmFBzMgsUyYOn1/qwBK1bwnTOHzALhRw==
-----END CERTIFICATE-----
Generated at Mon May 20 03:55:49 2024 by rpki-client on console-fra.rpki-client.org