Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20323032363733.roa
File: 3138352e3137322e3137322e302f32342d3234203d3e20323032363733.roa (raw, json)
Hash identifier: N2znm4dLSoYSNWCLBgSJKGRLZaR68/0nFvpMPuHcPWU=
Subject key identifier: 6A:57:C3:E0:6F:62:CD:DB:71:3C:A3:19:8D:B5:C9:7D:F2:37:24:A3
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 2346E0C21AD14F97F8A7106D255898164AF21E49
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20323032363733.roa
Signing time: Fri 11 Oct 2024 10:43:25 +0000
ROA not before: Fri 11 Oct 2024 10:38:25 +0000
ROA not after: Fri 10 Oct 2025 10:43:25 +0000
asID: 202673
IP address blocks: 185.172.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:46:e0:c2:1a:d1:4f:97:f8:a7:10:6d:25:58:98:16:4a:f2:1e:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Oct 11 10:38:25 2024 GMT
Not After : Oct 10 10:43:25 2025 GMT
Subject: CN=6A57C3E06F62CDDB713CA3198DB5C97DF23724A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a9:da:c4:fe:19:6e:f1:61:6d:01:bb:5f:7e:
fd:a7:67:f9:90:b4:27:c6:56:46:d0:51:70:98:a1:
42:67:25:99:7e:32:d9:53:a9:76:c0:a8:d4:b9:5b:
06:bd:f2:f9:90:16:ac:3c:bc:12:13:d9:4d:96:a2:
c5:fd:18:d5:d7:9d:2c:18:ef:a5:fd:7c:6d:22:fb:
13:4f:fb:6d:a9:c3:c0:fc:d2:e5:08:a5:7b:6b:92:
46:3b:83:e8:a0:78:97:2d:1a:da:92:bb:6f:9c:3d:
ec:da:9b:01:fa:6b:12:91:57:e4:ab:3d:59:96:f4:
55:c3:16:98:2b:03:c8:2f:95:78:8a:5f:d7:be:ec:
65:e2:a0:29:2f:e5:7e:74:6e:68:8c:2b:1a:8c:10:
00:e6:5f:15:a8:1b:5a:4b:d5:51:7c:69:3e:7f:34:
62:46:0d:dd:9b:3c:81:f9:b9:d6:0a:98:f4:06:35:
ec:92:97:8b:1e:39:47:b3:37:e9:64:32:ff:05:ee:
df:91:30:3f:be:82:3e:63:a8:cc:db:0c:5a:ff:cd:
18:87:bd:b8:27:7b:14:d8:e3:db:38:71:5e:7f:79:
51:74:40:e1:19:a2:6d:4b:6d:5e:ec:72:1a:1b:d8:
c5:86:00:7a:1b:71:31:5b:97:71:b2:3c:ae:24:3b:
39:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:57:C3:E0:6F:62:CD:DB:71:3C:A3:19:8D:B5:C9:7D:F2:37:24:A3
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20323032363733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.172.0/24
Signature Algorithm: sha256WithRSAEncryption
49:5e:30:1f:47:75:62:71:3e:10:37:da:54:1f:e2:a5:06:0a:
e0:61:39:87:43:2b:70:dc:a8:e8:e2:ae:6e:3e:c7:6f:9c:70:
e2:f8:09:be:36:03:77:b8:a6:04:33:f1:62:66:13:7a:75:8a:
59:3d:fd:ed:de:51:36:0d:6f:89:c6:f7:c7:3d:aa:d0:ce:3a:
0f:0f:61:2d:85:1c:69:98:64:d1:7c:dc:e6:c8:5f:7b:17:c8:
1c:31:94:d3:73:6a:5e:21:6c:0d:bb:c9:f2:24:64:82:ea:eb:
cd:52:7d:e6:b8:ea:cf:69:9d:a2:2f:e4:b9:d7:15:ea:c5:52:
59:17:fe:5d:04:61:e7:52:65:1a:43:a5:fb:cd:46:ea:66:7f:
c1:11:29:1c:9c:90:72:70:24:d6:fc:8f:63:fe:5b:0c:6f:c9:
4b:ba:bf:13:51:45:b0:d3:4e:54:10:a5:d4:c0:87:b5:f1:a3:
f2:60:62:97:5d:1e:26:b5:5c:ea:f3:18:e4:16:b9:ec:67:d9:
94:c4:61:54:98:c7:af:f1:b2:75:c3:28:22:f2:a6:4b:b7:81:
1b:42:6e:72:c4:5a:de:93:21:7b:90:af:e3:e0:d1:40:8d:81:
31:ff:f0:46:8b:a3:d2:d7:0d:37:be:5b:01:9e:de:05:4e:80:
70:d8:38:60
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUI0bgwhrRT5f4pxBtJViYFkryHkkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDEwMTExMDM4MjVaFw0yNTEwMTAxMDQzMjVaMDMxMTAvBgNV
BAMTKDZBNTdDM0UwNkY2MkNEREI3MTNDQTMxOThEQjVDOTdERjIzNzI0QTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7qdrE/hlu8WFtAbtffv2nZ/mQ
tCfGVkbQUXCYoUJnJZl+MtlTqXbAqNS5Wwa98vmQFqw8vBIT2U2WosX9GNXXnSwY
76X9fG0i+xNP+22pw8D80uUIpXtrkkY7g+igeJctGtqSu2+cPezamwH6axKRV+Sr
PVmW9FXDFpgrA8gvlXiKX9e+7GXioCkv5X50bmiMKxqMEADmXxWoG1pL1VF8aT5/
NGJGDd2bPIH5udYKmPQGNeySl4seOUezN+lkMv8F7t+RMD++gj5jqMzbDFr/zRiH
vbgnexTY49s4cV5/eVF0QOEZom1LbV7schob2MWGAHobcTFbl3GyPK4kOzkXAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUalfD4G9izdtxPKMZjbXJffI3JKMwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzODM1MmUzMTM3MzIyZTMx
MzczMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMjM2MzczMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmsrDANBgkqhkiG9w0BAQsFAAOCAQEASV4wH0d1YnE+EDfaVB/ipQYK4GE5
h0MrcNyo6OKubj7Hb5xw4vgJvjYDd7imBDPxYmYTenWKWT397d5RNg1vicb3xz2q
0M46Dw9hLYUcaZhk0Xzc5shfexfIHDGU03NqXiFsDbvJ8iRkgurrzVJ95rjqz2md
oi/kudcV6sVSWRf+XQRh51JlGkOl+81G6mZ/wREpHJyQcnAk1vyPY/5bDG/JS7q/
E1FFsNNOVBCl1MCHtfGj8mBil10eJrVc6vMY5Ba57GfZlMRhVJjHr/GydcMoIvKm
S7eBG0JucsRa3pMhe5Cv4+DRQI2BMf/wRouj0tcNN75bAZ7eBU6AcNg4YA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:43 2024 by rpki-client on console-ams.rpki-client.org