Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20323135303135.roa
File: 3138352e3137322e3137322e302f32342d3234203d3e20323135303135.roa (raw, json)
Hash identifier: 91/h4f4bKrpi2WLd+lwdP6b9EIlR2Wk4CiDzoO9Pphc=
Subject key identifier: BC:44:D1:A4:7D:3A:34:57:57:03:DA:A1:84:DE:A6:14:59:BC:77:34
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 155F0E9758A3F8A598F608D5A13FDDEAE99F4D23
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20323135303135.roa
Signing time: Fri 11 Oct 2024 14:20:42 +0000
ROA not before: Fri 11 Oct 2024 14:15:42 +0000
ROA not after: Fri 10 Oct 2025 14:20:42 +0000
asID: 215015
IP address blocks: 185.172.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:5f:0e:97:58:a3:f8:a5:98:f6:08:d5:a1:3f:dd:ea:e9:9f:4d:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Oct 11 14:15:42 2024 GMT
Not After : Oct 10 14:20:42 2025 GMT
Subject: CN=BC44D1A47D3A34575703DAA184DEA61459BC7734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b2:93:74:fb:d3:ea:6e:7a:98:67:6a:df:7f:
d6:6e:9f:92:ab:98:3d:33:f2:37:6d:ff:0f:47:06:
f8:49:eb:83:38:4f:d2:23:59:b7:c0:df:6f:c4:cd:
7c:cb:a5:16:ed:db:6e:0d:4d:3e:0c:ff:26:59:10:
3c:16:71:d3:c7:c8:8a:ca:f7:e5:bc:59:b6:66:e8:
b3:1b:41:a6:82:bb:63:44:f8:7b:f7:a5:f5:c7:1e:
1a:fc:c6:3d:57:8f:39:3a:f9:13:a7:1a:a8:b2:40:
f0:44:bf:ed:65:cd:14:fe:53:fa:ff:6e:fc:3b:33:
d9:8c:61:46:e6:69:e2:de:cf:3b:76:18:1e:5b:05:
f9:7e:16:d7:0d:23:54:5a:06:c7:00:14:54:6e:93:
7a:cf:3f:cd:9d:6c:a2:62:c5:63:52:90:77:0e:5a:
aa:03:65:78:3d:c6:68:fb:b2:eb:0a:c1:82:dc:9c:
9a:41:62:8a:af:06:83:78:f7:52:5d:68:dd:96:d5:
fd:87:7f:85:3e:bc:7f:f7:23:fe:f3:42:79:d8:ee:
59:04:1a:18:fe:c9:03:ca:70:fa:78:85:b4:9c:e0:
39:81:a4:20:db:4c:60:6c:cf:74:97:29:fd:92:14:
9c:af:7e:c6:ae:c8:21:de:d4:bd:ce:62:3d:8f:f3:
d1:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:44:D1:A4:7D:3A:34:57:57:03:DA:A1:84:DE:A6:14:59:BC:77:34
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20323135303135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.172.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:0e:1d:c6:87:58:69:f8:d6:ca:2e:dd:b6:5b:32:a4:fc:a5:
c6:94:57:f6:06:81:a1:2f:bf:6e:31:ff:e6:bf:90:d3:47:a7:
4a:07:76:c6:25:ff:06:70:11:4a:39:3d:3f:30:f7:e4:b5:59:
1f:e0:3d:93:18:1f:b9:16:6e:9b:b7:43:2c:e6:1c:ca:87:cc:
c7:e2:23:0f:94:68:39:ff:d5:4b:35:c8:85:96:69:60:b7:a2:
4f:c4:10:36:84:67:18:29:7d:1d:57:b3:8e:c9:df:a5:9a:bd:
96:0b:90:14:2e:e7:dd:6c:5d:1d:75:99:62:03:41:5d:c1:24:
0d:64:85:15:1d:fd:da:7a:a3:03:b8:79:fc:11:a6:7f:07:73:
f5:3d:8b:0e:4b:07:03:89:9a:30:5f:fa:d0:73:8e:3d:99:5c:
0e:8f:ab:a7:89:f7:d3:59:89:4a:b2:d8:a2:b6:5e:2f:3d:d0:
38:a6:90:fd:bb:05:54:ab:39:9d:a8:eb:80:30:f3:3f:b1:da:
4f:54:37:3f:b7:bb:6f:93:97:cb:ba:e1:48:07:b5:61:87:5d:
6c:e4:5b:1d:12:dd:0f:1b:b7:da:0a:a0:99:cf:4d:96:c1:14:
82:6d:46:b7:e2:fc:e6:9f:b6:09:48:57:77:7a:3f:ae:c0:e2:
b6:7c:c5:44
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUFV8Ol1ij+KWY9gjVoT/d6umfTSMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDEwMTExNDE1NDJaFw0yNTEwMTAxNDIwNDJaMDMxMTAvBgNV
BAMTKEJDNDREMUE0N0QzQTM0NTc1NzAzREFBMTg0REVBNjE0NTlCQzc3MzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8spN0+9PqbnqYZ2rff9Zun5Kr
mD0z8jdt/w9HBvhJ64M4T9IjWbfA32/EzXzLpRbt224NTT4M/yZZEDwWcdPHyIrK
9+W8WbZm6LMbQaaCu2NE+Hv3pfXHHhr8xj1Xjzk6+ROnGqiyQPBEv+1lzRT+U/r/
bvw7M9mMYUbmaeLezzt2GB5bBfl+FtcNI1RaBscAFFRuk3rPP82dbKJixWNSkHcO
WqoDZXg9xmj7susKwYLcnJpBYoqvBoN491JdaN2W1f2Hf4U+vH/3I/7zQnnY7lkE
Ghj+yQPKcPp4hbSc4DmBpCDbTGBsz3SXKf2SFJyvfsauyCHe1L3OYj2P89G5AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUvETRpH06NFdXA9qhhN6mFFm8dzQwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzODM1MmUzMTM3MzIyZTMx
MzczMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTMwMzEzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmsrDANBgkqhkiG9w0BAQsFAAOCAQEAtA4dxodYafjWyi7dtlsypPylxpRX
9gaBoS+/bjH/5r+Q00enSgd2xiX/BnARSjk9PzD35LVZH+A9kxgfuRZum7dDLOYc
yofMx+IjD5RoOf/VSzXIhZZpYLeiT8QQNoRnGCl9HVezjsnfpZq9lguQFC7n3Wxd
HXWZYgNBXcEkDWSFFR392nqjA7h5/BGmfwdz9T2LDksHA4maMF/60HOOPZlcDo+r
p4n301mJSrLYorZeLz3QOKaQ/bsFVKs5najrgDDzP7HaT1Q3P7e7b5OXy7rhSAe1
YYddbORbHRLdDxu32gqgmc9NlsEUgm1Gt+L85p+2CUhXd3o/rsDitnzFRA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:43 2024 by rpki-client on console-ams.rpki-client.org