Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3138352e33312e3136382e302f32322d3232203d3e203432363839.roa
File: 3138352e33312e3136382e302f32322d3232203d3e203432363839.roa (raw, json)
Hash identifier: /1EMd3OD9PKzfoDbHJu7oFFuENjXpH1cvZ5b6Ia0Jwk=
Subject key identifier: D2:72:C6:BB:D4:75:9E:56:49:84:20:F4:FA:CD:05:18:CE:B0:A7:65
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 0BC1B40AA61D69BFA119C35F92F8814305AFFDF5
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3138352e33312e3136382e302f32322d3232203d3e203432363839.roa
Signing time: Tue 19 Mar 2024 10:26:34 +0000
ROA not before: Tue 19 Mar 2024 10:21:34 +0000
ROA not after: Tue 18 Mar 2025 10:26:34 +0000
asID: 42689
IP address blocks: 185.31.168.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:c1:b4:0a:a6:1d:69:bf:a1:19:c3:5f:92:f8:81:43:05:af:fd:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Mar 19 10:21:34 2024 GMT
Not After : Mar 18 10:26:34 2025 GMT
Subject: CN=D272C6BBD4759E56498420F4FACD0518CEB0A765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b7:b1:29:74:67:ca:94:1f:06:d2:2e:8c:c3:
e0:7f:ae:59:4b:2d:fa:8d:5d:8f:20:ae:a5:cd:60:
e8:60:93:f2:fc:cd:c8:eb:f5:2e:f4:73:3b:71:10:
41:39:8a:7a:09:4b:92:a1:af:91:cb:b1:71:42:6a:
b8:bb:b8:f9:f1:e6:8c:96:ed:62:8f:ce:e3:d4:e9:
07:5a:f5:1a:6a:65:37:24:ca:d7:03:47:16:0f:fe:
d0:c2:a3:d8:b2:37:ba:27:dd:5a:1b:bd:72:77:6c:
53:85:f3:15:d9:ff:57:f8:ea:fe:e8:0d:20:71:55:
53:57:99:eb:b9:7d:f3:0b:7e:3d:49:d2:05:67:71:
ab:6d:a2:f6:ab:f6:29:98:eb:6f:0f:f8:5d:9e:4f:
80:30:f4:c2:3a:d8:1a:db:64:ca:77:bb:41:e1:c6:
62:5a:06:8d:eb:92:80:b9:24:79:69:48:ce:6d:a3:
38:97:a5:83:79:e7:5c:9a:c0:36:15:06:37:5d:fd:
68:e8:8f:d6:99:d7:b6:a6:c3:44:a9:e3:5d:1e:05:
5d:8e:27:61:b9:d6:64:55:86:16:45:48:16:28:9b:
5c:25:70:82:17:81:87:34:89:c8:09:d1:7e:45:b7:
20:b7:84:92:08:71:7c:44:76:63:2b:ca:3c:c6:b3:
7e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:72:C6:BB:D4:75:9E:56:49:84:20:F4:FA:CD:05:18:CE:B0:A7:65
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3138352e33312e3136382e302f32322d3232203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.168.0/22
Signature Algorithm: sha256WithRSAEncryption
75:4c:19:da:6a:2a:74:03:11:b7:61:64:36:2a:fa:09:41:cc:
9a:70:49:ea:44:c2:3d:1b:f0:51:41:61:7e:9f:4d:be:ed:36:
79:df:f1:09:65:ae:75:d1:a1:cb:cf:41:95:af:58:71:46:ad:
4c:23:54:b4:37:3f:9d:c1:95:6b:50:b8:01:63:9f:cd:25:4b:
f4:21:0b:6f:3d:6e:99:67:83:1d:56:91:8b:13:b4:83:24:79:
ca:a6:b4:f8:03:fb:35:f3:c7:7a:cf:bb:33:53:98:5f:f1:c7:
8b:aa:dc:e7:0b:39:29:b8:70:1a:1b:33:3c:02:d5:94:fe:6f:
3f:92:c1:a5:1c:5c:6d:dd:be:8b:23:c0:9f:41:15:3f:78:d0:
96:4a:0b:6e:d5:da:88:e6:2a:94:16:cc:f8:23:46:fd:26:1c:
0b:37:11:63:59:32:d6:ab:87:ee:e6:8f:ab:56:42:14:95:7c:
99:ff:4d:c3:db:cc:45:46:da:56:ff:da:df:89:dd:6c:b0:52:
0e:0c:52:7e:73:2a:71:9a:2b:05:16:f5:82:79:78:00:1c:c0:
90:a4:b5:60:fb:7e:13:33:c5:b9:38:59:e0:b8:3c:62:46:41:
73:05:86:93:12:c8:0c:2b:59:04:5a:79:d2:be:d6:6e:b9:74:
0c:f1:36:07
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUC8G0CqYdab+hGcNfkviBQwWv/fUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDAzMTkxMDIxMzRaFw0yNTAzMTgxMDI2MzRaMDMxMTAvBgNV
BAMTKEQyNzJDNkJCRDQ3NTlFNTY0OTg0MjBGNEZBQ0QwNTE4Q0VCMEE3NjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9t7EpdGfKlB8G0i6Mw+B/rllL
LfqNXY8grqXNYOhgk/L8zcjr9S70cztxEEE5inoJS5Khr5HLsXFCari7uPnx5oyW
7WKPzuPU6Qda9RpqZTckytcDRxYP/tDCo9iyN7on3VobvXJ3bFOF8xXZ/1f46v7o
DSBxVVNXmeu5ffMLfj1J0gVncattovar9imY628P+F2eT4Aw9MI62BrbZMp3u0Hh
xmJaBo3rkoC5JHlpSM5toziXpYN551yawDYVBjdd/Wjoj9aZ17amw0Sp410eBV2O
J2G51mRVhhZFSBYom1wlcIIXgYc0icgJ0X5FtyC3hJIIcXxEdmMryjzGs35RAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU0nLGu9R1nlZJhCD0+s0FGM6wp2UwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzODM1MmUzMzMxMmUzMTM2
MzgyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
uR+oMA0GCSqGSIb3DQEBCwUAA4IBAQB1TBnaaip0AxG3YWQ2KvoJQcyacEnqRMI9
G/BRQWF+n02+7TZ53/EJZa510aHLz0GVr1hxRq1MI1S0Nz+dwZVrULgBY5/NJUv0
IQtvPW6ZZ4MdVpGLE7SDJHnKprT4A/s188d6z7szU5hf8ceLqtznCzkpuHAaGzM8
AtWU/m8/ksGlHFxt3b6LI8CfQRU/eNCWSgtu1dqI5iqUFsz4I0b9JhwLNxFjWTLW
q4fu5o+rVkIUlXyZ/03D28xFRtpW/9rfid1ssFIODFJ+cypxmisFFvWCeXgAHMCQ
pLVg+34TM8W5OFnguDxiRkFzBYaTEsgMK1kEWnnSvtZuuXQM8TYH
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org