Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20323032363733.roa
File: 3138352e3137322e3137322e302f32342d3234203d3e20323032363733.roa (raw, json)
Hash identifier: Zu0rTvu1/RMamJx8qDbWSkYn9UxunK58SiIypFQPmnU=
Subject key identifier: F3:EF:93:38:43:AE:17:A4:2E:AA:C9:18:65:51:2A:7A:7F:DC:81:F9
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 32527C55467C203EF8DDC201085F158EECB7AEBB
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20323032363733.roa
Signing time: Fri 10 Nov 2023 10:14:34 +0000
ROA not before: Fri 10 Nov 2023 10:09:34 +0000
ROA not after: Fri 08 Nov 2024 10:14:34 +0000
asID: 202673
IP address blocks: 185.172.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 14:08:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:52:7c:55:46:7c:20:3e:f8:dd:c2:01:08:5f:15:8e:ec:b7:ae:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Nov 10 10:09:34 2023 GMT
Not After : Nov 8 10:14:34 2024 GMT
Subject: CN=F3EF933843AE17A42EAAC91865512A7A7FDC81F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e2:50:cf:57:7a:ee:2c:49:92:0b:da:14:14:
1d:31:f2:a0:7d:87:2d:70:89:e7:3d:04:8d:90:7c:
4e:a2:e2:4c:92:fd:86:69:f1:01:6b:e9:04:44:9b:
92:27:e5:96:e2:3c:ff:af:f8:8c:71:cb:01:cb:9a:
29:bc:a5:9a:02:19:99:c0:51:e3:96:1d:2d:c5:76:
88:a8:97:e9:2b:e3:2d:bd:ef:52:d3:e9:cf:fd:c6:
5d:41:a4:48:af:f1:ae:e5:0e:75:99:e1:fb:da:e2:
db:c9:13:db:54:0b:98:e1:a0:bd:bf:90:27:8b:06:
15:25:3b:39:17:f8:fa:fc:68:03:2f:85:2b:38:4a:
3b:0b:cd:1d:01:dc:33:fd:96:8a:3c:92:00:00:b2:
37:e1:ce:f6:64:7e:8c:0c:23:0f:57:c8:90:39:ac:
2a:e3:2b:d6:55:a3:03:55:d2:64:09:ab:9c:c2:1f:
43:b4:98:04:cb:5e:f6:71:f8:27:32:a2:91:82:2d:
bd:32:38:ee:cb:12:c1:24:61:d9:41:2e:31:9f:c0:
05:73:0f:69:53:98:97:38:65:70:a2:58:43:54:4f:
40:d8:c8:99:88:d4:62:cf:e9:a8:07:a4:d4:25:b6:
f7:a0:d2:6c:1f:71:37:93:e9:bc:b1:15:ec:4c:5b:
09:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:EF:93:38:43:AE:17:A4:2E:AA:C9:18:65:51:2A:7A:7F:DC:81:F9
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20323032363733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.172.0/24
Signature Algorithm: sha256WithRSAEncryption
32:26:d1:f8:b5:27:d4:8f:19:80:f7:80:1a:ca:48:59:d3:19:
a3:1d:04:d2:95:be:62:22:71:a0:ed:2a:ed:37:ef:34:9b:5a:
2a:31:56:79:75:81:ff:51:b3:0f:b0:f0:52:91:01:45:63:80:
59:b3:b4:e1:31:c8:31:d0:59:5d:8a:c7:b3:8d:a4:11:6b:59:
33:a4:1e:68:a0:a8:0d:3d:bc:bc:8a:ec:12:2b:ce:7b:a4:b3:
50:1b:a0:e0:48:6f:5b:28:bf:70:5f:aa:a7:cb:11:e8:cf:75:
68:5f:2f:ba:1d:09:f0:a0:a6:76:2d:c2:8a:11:81:b1:9f:1b:
12:c0:55:c3:29:5d:3c:43:f5:e0:d4:cc:24:b7:04:5c:9b:22:
1f:eb:d6:a8:b4:d6:c5:a2:82:ec:a0:f9:bf:37:41:b7:c8:22:
81:59:8c:c4:6e:49:41:a9:cc:76:d8:12:bf:79:a4:00:83:c6:
f4:6a:68:2c:06:3d:0b:b8:47:47:92:dd:4d:f8:4b:8c:30:3a:
4e:34:e8:98:25:ad:df:dd:67:9c:b6:37:b3:88:9e:42:17:68:
42:71:26:a9:74:37:ef:3e:f7:f9:e8:59:37:f5:03:3a:a4:b9:
08:8d:c1:ec:ba:e1:90:44:4a:59:6b:d4:b9:cd:e9:75:e2:54:
56:20:86:a4
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUMlJ8VUZ8ID743cIBCF8Vjuy3rrswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzExMTAxMDA5MzRaFw0yNDExMDgxMDE0MzRaMDMxMTAvBgNV
BAMTKEYzRUY5MzM4NDNBRTE3QTQyRUFBQzkxODY1NTEyQTdBN0ZEQzgxRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn4lDPV3ruLEmSC9oUFB0x8qB9
hy1wiec9BI2QfE6i4kyS/YZp8QFr6QREm5In5ZbiPP+v+IxxywHLmim8pZoCGZnA
UeOWHS3Fdoiol+kr4y2971LT6c/9xl1BpEiv8a7lDnWZ4fva4tvJE9tUC5jhoL2/
kCeLBhUlOzkX+Pr8aAMvhSs4SjsLzR0B3DP9loo8kgAAsjfhzvZkfowMIw9XyJA5
rCrjK9ZVowNV0mQJq5zCH0O0mATLXvZx+CcyopGCLb0yOO7LEsEkYdlBLjGfwAVz
D2lTmJc4ZXCiWENUT0DYyJmI1GLP6agHpNQltveg0mwfcTeT6byxFexMWwmvAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU8++TOEOuF6QuqskYZVEqen/cgfkwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzODM1MmUzMTM3MzIyZTMx
MzczMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMjM2MzczMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmsrDANBgkqhkiG9w0BAQsFAAOCAQEAMibR+LUn1I8ZgPeAGspIWdMZox0E
0pW+YiJxoO0q7TfvNJtaKjFWeXWB/1GzD7DwUpEBRWOAWbO04THIMdBZXYrHs42k
EWtZM6QeaKCoDT28vIrsEivOe6SzUBug4EhvWyi/cF+qp8sR6M91aF8vuh0J8KCm
di3CihGBsZ8bEsBVwyldPEP14NTMJLcEXJsiH+vWqLTWxaKC7KD5vzdBt8gigVmM
xG5JQanMdtgSv3mkAIPG9GpoLAY9C7hHR5LdTfhLjDA6TjTomCWt391nnLY3s4ie
QhdoQnEmqXQ37z73+ehZN/UDOqS5CI3B7LrhkERKWWvUuc3pdeJUViCGpA==
-----END CERTIFICATE-----
Generated at Sat May 11 18:18:50 2024 by rpki-client on console-ams.rpki-client.org