Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137332e302f32342d3234203d3e20323135303532.roa
File: 3138352e3137322e3137332e302f32342d3234203d3e20323135303532.roa (raw, json)
Hash identifier: mLwkBoTige+gg67QujtWF3GEoueb5XMnlRmaLizXYWA=
Subject key identifier: 43:6D:66:78:2A:B4:90:AA:97:19:4B:F0:4A:7A:34:BE:86:28:E0:39
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 293A73BC4B9FFDCBC7FDDBDF001EDCD50DBEA69E
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137332e302f32342d3234203d3e20323135303532.roa
Signing time: Fri 21 Jun 2024 08:58:34 +0000
ROA not before: Fri 21 Jun 2024 08:53:34 +0000
ROA not after: Fri 20 Jun 2025 08:58:34 +0000
asID: 215052
IP address blocks: 185.172.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:3a:73:bc:4b:9f:fd:cb:c7:fd:db:df:00:1e:dc:d5:0d:be:a6:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 21 08:53:34 2024 GMT
Not After : Jun 20 08:58:34 2025 GMT
Subject: CN=436D66782AB490AA97194BF04A7A34BE8628E039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:2c:06:39:87:aa:e8:7b:b8:bd:62:ab:3c:b1:
70:95:cc:0d:5e:16:23:c2:51:5a:e5:3c:28:30:7c:
fb:f5:30:80:f8:f5:b7:6d:86:68:74:2d:b6:25:b4:
f0:be:1b:e7:d8:6c:54:ed:55:db:fe:06:23:ea:b2:
31:d1:61:0c:cb:e2:23:f3:22:78:52:53:51:1d:16:
1f:07:1a:57:31:8f:b6:6f:ff:9e:62:e0:16:16:e1:
14:23:7e:28:8b:ad:16:6d:78:2e:2f:59:70:69:b1:
a6:60:e9:e9:12:90:07:68:d8:fe:4a:9a:fb:de:18:
71:d2:be:83:85:2b:d2:32:d2:5e:15:8c:12:22:76:
1b:b3:fe:ea:f0:20:38:81:61:61:cf:0d:e0:3b:9c:
a9:79:69:06:67:d9:ca:fe:57:13:94:0f:aa:f3:96:
d0:20:82:81:97:2c:ec:68:cc:69:24:79:cd:56:f5:
88:71:55:13:e2:e3:82:bd:ba:7c:ab:5d:0f:28:9b:
72:c0:aa:43:e3:66:67:42:2a:b7:06:c8:8a:4b:10:
5f:09:80:d2:b4:7d:49:7f:94:64:72:e7:9f:61:5a:
62:70:7f:9e:bd:a4:4e:b6:f1:81:0e:8c:90:ea:ba:
49:0b:2b:72:77:f8:d2:f2:3d:08:e5:51:83:32:e4:
a2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:6D:66:78:2A:B4:90:AA:97:19:4B:F0:4A:7A:34:BE:86:28:E0:39
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137332e302f32342d3234203d3e20323135303532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.173.0/24
Signature Algorithm: sha256WithRSAEncryption
74:a9:2f:46:6a:02:2d:d8:33:da:77:01:50:e5:ca:bc:43:0c:
7b:a2:c5:64:6f:03:4a:e1:44:5b:3c:3b:25:6a:60:ab:08:ec:
65:85:46:e3:6e:6b:b0:4a:a6:d3:f8:29:4b:55:34:bc:09:a4:
aa:b3:c0:44:85:69:43:9b:97:aa:89:ac:64:8b:1c:07:cd:fe:
e4:10:1c:ec:84:af:11:a5:f9:46:7b:45:4b:99:01:ba:00:96:
cf:e1:e2:6c:a5:d7:0e:6a:9e:cd:35:90:73:c1:a8:2a:be:aa:
7f:22:e4:30:c9:55:3f:da:d8:90:29:16:cc:3f:03:e9:a9:31:
19:ae:b6:e1:16:6f:e0:8e:4c:b2:f6:c5:02:e7:d9:8b:84:7a:
ab:ef:82:22:94:99:7c:81:81:b1:cd:bf:c3:95:ae:55:1f:f9:
03:2b:d6:cc:17:29:0e:54:74:9d:91:30:48:40:fd:a3:3e:40:
79:a4:71:f7:e2:65:91:62:b6:e4:02:ed:ff:89:30:04:32:81:
a3:3b:0e:97:aa:de:6a:f8:54:fa:40:05:f6:61:c0:74:2f:52:
66:c2:f4:30:bb:39:0f:cb:02:20:d1:31:c4:85:9a:51:be:59:
c3:c8:87:4b:5b:4a:0d:6c:d7:46:3f:b5:61:cd:72:10:bb:ad:
52:79:48:2d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUKTpzvEuf/cvH/dvfAB7c1Q2+pp4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA2MjEwODUzMzRaFw0yNTA2MjAwODU4MzRaMDMxMTAvBgNV
BAMTKDQzNkQ2Njc4MkFCNDkwQUE5NzE5NEJGMDRBN0EzNEJFODYyOEUwMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbLAY5h6roe7i9Yqs8sXCVzA1e
FiPCUVrlPCgwfPv1MID49bdthmh0LbYltPC+G+fYbFTtVdv+BiPqsjHRYQzL4iPz
InhSU1EdFh8HGlcxj7Zv/55i4BYW4RQjfiiLrRZteC4vWXBpsaZg6ekSkAdo2P5K
mvveGHHSvoOFK9Iy0l4VjBIidhuz/urwIDiBYWHPDeA7nKl5aQZn2cr+VxOUD6rz
ltAggoGXLOxozGkkec1W9YhxVRPi44K9unyrXQ8om3LAqkPjZmdCKrcGyIpLEF8J
gNK0fUl/lGRy559hWmJwf569pE628YEOjJDqukkLK3J3+NLyPQjlUYMy5KJhAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUQ21meCq0kKqXGUvwSno0voYo4DkwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzODM1MmUzMTM3MzIyZTMx
MzczMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTMwMzUzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmsrTANBgkqhkiG9w0BAQsFAAOCAQEAdKkvRmoCLdgz2ncBUOXKvEMMe6LF
ZG8DSuFEWzw7JWpgqwjsZYVG425rsEqm0/gpS1U0vAmkqrPARIVpQ5uXqomsZIsc
B83+5BAc7ISvEaX5RntFS5kBugCWz+HibKXXDmqezTWQc8GoKr6qfyLkMMlVP9rY
kCkWzD8D6akxGa624RZv4I5MsvbFAufZi4R6q++CIpSZfIGBsc2/w5WuVR/5AyvW
zBcpDlR0nZEwSED9oz5AeaRx9+JlkWK25ALt/4kwBDKBozsOl6reavhU+kAF9mHA
dC9SZsL0MLs5D8sCINExxIWaUb5Zw8iHS1tKDWzXRj+1Yc1yELutUnlILQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:01 2024 by rpki-client on console-fra.rpki-client.org