Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137332e302f32342d3234203d3e20323132303530.roa
File: 3138352e3137322e3137332e302f32342d3234203d3e20323132303530.roa (raw, json)
Hash identifier: YSsdI2dWKwwph36u8EZ1FoCN2hi3aZ7RsOMj3dtSlmM=
Subject key identifier: 29:E3:88:12:D4:1E:33:5F:D7:DC:DB:75:87:93:14:6B:D8:6D:C7:4A
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 53E8A83FF136E4DF0F5E7E2F193BB81C4D620E9C
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137332e302f32342d3234203d3e20323132303530.roa
Signing time: Fri 26 Apr 2024 13:05:16 +0000
ROA not before: Fri 26 Apr 2024 13:00:16 +0000
ROA not after: Fri 25 Apr 2025 13:05:16 +0000
asID: 212050
IP address blocks: 185.172.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:e8:a8:3f:f1:36:e4:df:0f:5e:7e:2f:19:3b:b8:1c:4d:62:0e:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Apr 26 13:00:16 2024 GMT
Not After : Apr 25 13:05:16 2025 GMT
Subject: CN=29E38812D41E335FD7DCDB758793146BD86DC74A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:80:a8:89:1c:d3:89:23:7f:72:fc:c7:96:cc:
2e:45:3c:e5:b1:af:10:5c:ff:b1:07:8f:8b:1c:8b:
01:54:46:d4:dc:f5:d8:a4:4e:08:3e:16:e8:46:f1:
d0:09:d9:e9:72:b8:71:a4:e6:8a:19:ca:d1:bc:16:
8a:d8:f0:7f:a9:a2:a7:b5:8a:25:03:23:64:e9:05:
d8:7b:d5:6a:f4:52:97:be:b8:c7:c7:04:31:23:24:
e5:45:a5:8c:e3:97:82:2a:ea:cd:62:73:ef:b2:db:
38:7e:de:46:23:42:86:4f:61:d5:ca:d8:a5:34:8c:
df:f8:99:1b:4a:6b:14:1a:99:65:69:81:f1:6d:75:
70:19:19:06:76:06:66:a7:46:32:9e:cd:59:f0:cd:
0c:c0:e2:d3:ab:05:51:8f:c0:fa:fe:f2:2f:bd:e2:
f9:06:b0:22:88:7c:4c:32:1c:04:87:2d:53:89:9a:
a0:a2:47:9c:9a:ea:79:16:b3:ed:95:09:87:c8:27:
01:c1:40:70:5c:b2:d9:5a:76:25:64:87:be:46:a7:
4c:8d:c1:f5:fe:29:f8:45:91:92:32:6c:65:76:93:
f6:d4:2b:fe:9d:f0:91:fc:c2:c1:40:8c:e7:92:05:
6f:b4:56:ac:1e:57:f5:47:56:48:2c:bc:01:f7:15:
f4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E3:88:12:D4:1E:33:5F:D7:DC:DB:75:87:93:14:6B:D8:6D:C7:4A
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137332e302f32342d3234203d3e20323132303530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.173.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:67:87:bc:20:b1:cb:77:55:d6:1e:d9:9c:25:a3:18:69:31:
6d:8d:cc:80:cc:44:1b:cf:4c:60:fa:9b:e4:5a:37:f9:2a:6f:
56:fd:66:1f:2e:9f:24:21:44:50:a7:0f:d8:9d:fb:f2:f0:38:
39:75:6e:a0:52:98:ac:1b:6f:aa:ae:f1:6f:c7:fd:18:9e:ef:
f5:95:26:9c:e9:2c:3e:36:d7:87:54:dd:b5:bb:3b:53:d8:0c:
b7:b8:aa:8c:60:4b:70:be:9a:0a:ea:ef:ae:3a:3c:d4:bb:71:
2b:ff:b1:bc:2d:bc:2c:a9:4a:eb:b2:aa:ca:8c:4d:6e:d3:90:
99:48:61:47:74:3e:ab:13:5d:ee:91:47:fd:02:29:da:3f:e5:
56:00:6f:24:09:e5:8c:bf:6e:c3:63:1a:d3:7e:9c:e7:36:5c:
e0:dc:d2:58:61:f6:22:90:41:ca:6f:4f:ff:46:2e:61:37:6f:
88:36:02:f9:1e:2c:0d:7f:f1:7c:be:25:ed:e3:dd:ae:58:49:
f4:c2:9c:3e:18:da:6b:01:9c:65:0a:29:4b:6b:90:41:2f:1d:
33:be:01:f6:b8:a9:02:ad:80:56:21:ea:b8:06:e9:05:87:b8:
f8:ee:20:48:ff:96:f8:98:fd:94:7a:43:5f:e8:a4:16:c3:91:
1d:94:a8:60
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUU+ioP/E25N8PXn4vGTu4HE1iDpwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA0MjYxMzAwMTZaFw0yNTA0MjUxMzA1MTZaMDMxMTAvBgNV
BAMTKDI5RTM4ODEyRDQxRTMzNUZEN0RDREI3NTg3OTMxNDZCRDg2REM3NEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRgKiJHNOJI39y/MeWzC5FPOWx
rxBc/7EHj4sciwFURtTc9dikTgg+FuhG8dAJ2elyuHGk5ooZytG8ForY8H+poqe1
iiUDI2TpBdh71Wr0Upe+uMfHBDEjJOVFpYzjl4Iq6s1ic++y2zh+3kYjQoZPYdXK
2KU0jN/4mRtKaxQamWVpgfFtdXAZGQZ2BmanRjKezVnwzQzA4tOrBVGPwPr+8i+9
4vkGsCKIfEwyHASHLVOJmqCiR5ya6nkWs+2VCYfIJwHBQHBcstladiVkh75Gp0yN
wfX+KfhFkZIybGV2k/bUK/6d8JH8wsFAjOeSBW+0VqweV/VHVkgsvAH3FfQnAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUKeOIEtQeM1/X3Nt1h5MUa9htx0owHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzODM1MmUzMTM3MzIyZTMx
MzczMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMwMzUzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmsrTANBgkqhkiG9w0BAQsFAAOCAQEAX2eHvCCxy3dV1h7ZnCWjGGkxbY3M
gMxEG89MYPqb5Fo3+SpvVv1mHy6fJCFEUKcP2J378vA4OXVuoFKYrBtvqq7xb8f9
GJ7v9ZUmnOksPjbXh1Tdtbs7U9gMt7iqjGBLcL6aCurvrjo81LtxK/+xvC28LKlK
67KqyoxNbtOQmUhhR3Q+qxNd7pFH/QIp2j/lVgBvJAnljL9uw2Ma036c5zZc4NzS
WGH2IpBBym9P/0YuYTdviDYC+R4sDX/xfL4l7ePdrlhJ9MKcPhjaawGcZQopS2uQ
QS8dM74B9ripAq2AViHquAbpBYe4+O4gSP+W+Jj9lHpDX+ikFsORHZSoYA==
-----END CERTIFICATE-----
Generated at Fri May 10 19:33:50 2024 by rpki-client on console-ams.rpki-client.org