Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137342e302f32342d3234203d3e20313335333931.roa
File: 3138352e3137322e3137342e302f32342d3234203d3e20313335333931.roa (raw, json)
Hash identifier: wr0t2Bi3lOlD04ZyEaNKfLgUTe6RdUGATDCXaKVMGIA=
Subject key identifier: 5E:A4:E3:0F:13:9C:33:83:43:87:04:E8:AB:86:91:28:62:97:54:6A
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 73BE3B15558540C152FC853669899E00B918864E
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137342e302f32342d3234203d3e20313335333931.roa
Signing time: Wed 19 Jun 2024 10:49:46 +0000
ROA not before: Wed 19 Jun 2024 10:44:46 +0000
ROA not after: Wed 18 Jun 2025 10:49:46 +0000
asID: 135391
IP address blocks: 185.172.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:be:3b:15:55:85:40:c1:52:fc:85:36:69:89:9e:00:b9:18:86:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 19 10:44:46 2024 GMT
Not After : Jun 18 10:49:46 2025 GMT
Subject: CN=5EA4E30F139C3383438704E8AB8691286297546A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:49:05:35:96:2b:a8:4f:3c:5e:99:65:4b:30:
ed:fd:d8:9d:46:2d:c5:d8:2e:32:42:45:36:ca:24:
2f:9d:75:7f:57:87:ba:22:38:d0:fd:7f:97:dd:a4:
87:41:27:91:e6:ad:8f:40:6a:4f:3f:90:03:ea:1e:
e6:e2:46:58:3a:4c:82:7d:15:e4:eb:c8:3b:2e:69:
14:44:b5:04:c3:fc:64:fc:c2:18:cf:3b:64:6a:61:
f2:69:69:76:d5:96:12:73:14:e2:7e:96:3a:4f:67:
6f:74:72:23:a3:c0:6f:1d:2f:38:23:66:42:62:31:
d1:ac:b3:e0:3f:b5:69:7f:56:d8:76:dc:2c:bd:71:
08:ed:17:03:cb:7c:4e:15:6c:d0:36:23:43:28:ee:
70:4a:81:ae:01:60:67:2c:6a:ef:a7:52:14:ad:45:
dc:68:0d:0b:9e:a6:a2:1c:65:eb:c5:f6:81:9c:93:
4f:6d:ce:35:8f:1a:4d:56:14:a3:ad:db:24:24:c2:
44:5b:8d:8d:45:df:e3:a3:53:e7:21:cb:87:5f:9d:
ac:07:38:d1:c7:f8:b2:49:0b:c9:3f:4c:09:e7:f8:
f9:62:b5:39:d4:7b:2f:56:96:9d:51:b9:75:e6:78:
f8:ec:4d:13:25:a1:c9:51:2f:34:36:48:7b:fc:a1:
36:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:A4:E3:0F:13:9C:33:83:43:87:04:E8:AB:86:91:28:62:97:54:6A
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137342e302f32342d3234203d3e20313335333931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.174.0/24
Signature Algorithm: sha256WithRSAEncryption
05:3b:66:22:22:5d:b8:18:e6:df:9f:bb:45:30:c0:c5:08:fe:
cd:d3:5f:52:26:ab:24:02:b2:74:ec:91:51:d1:e4:41:60:eb:
08:e9:21:1b:97:80:56:10:6b:2d:62:3f:c4:ea:3a:4f:34:b6:
f8:25:d6:f5:10:63:6e:40:1d:14:c6:b3:bc:f6:95:7a:46:67:
fd:7c:f1:a6:c4:c3:c0:00:5b:b0:ba:2b:0a:77:a4:90:eb:33:
fc:a1:26:2b:10:15:2b:cb:8e:ed:3d:a4:87:79:d3:93:8b:76:
23:0c:6d:7c:d0:12:53:24:e4:48:2e:28:bf:5c:54:1b:24:1e:
27:fd:35:b8:17:d2:ee:ba:d2:21:88:b6:c8:6b:8e:76:3b:c2:
3d:ff:71:4d:1f:77:1e:28:d0:ab:24:82:9f:0f:e0:34:7f:0e:
83:e9:42:fe:92:da:21:2c:77:9b:21:65:2b:55:a7:cb:6d:3d:
46:e8:aa:9e:21:26:b2:2e:eb:22:39:3e:e2:8b:69:d6:e9:96:
e3:7a:87:4c:8c:42:24:ee:49:25:53:ad:37:95:9a:62:51:5c:
c1:57:36:04:b1:11:e3:02:5e:a6:84:c1:54:ca:4c:58:73:57:
d1:90:fa:88:34:6d:e2:d3:5e:b7:8f:1c:04:b0:7b:6a:5e:1b:
e6:04:a7:79
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUc747FVWFQMFS/IU2aYmeALkYhk4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA2MTkxMDQ0NDZaFw0yNTA2MTgxMDQ5NDZaMDMxMTAvBgNV
BAMTKDVFQTRFMzBGMTM5QzMzODM0Mzg3MDRFOEFCODY5MTI4NjI5NzU0NkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzSQU1liuoTzxemWVLMO392J1G
LcXYLjJCRTbKJC+ddX9Xh7oiOND9f5fdpIdBJ5HmrY9Aak8/kAPqHubiRlg6TIJ9
FeTryDsuaRREtQTD/GT8whjPO2RqYfJpaXbVlhJzFOJ+ljpPZ290ciOjwG8dLzgj
ZkJiMdGss+A/tWl/Vth23Cy9cQjtFwPLfE4VbNA2I0Mo7nBKga4BYGcsau+nUhSt
RdxoDQuepqIcZevF9oGck09tzjWPGk1WFKOt2yQkwkRbjY1F3+OjU+chy4dfnawH
ONHH+LJJC8k/TAnn+PlitTnUey9Wlp1RuXXmePjsTRMloclRLzQ2SHv8oTanAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUXqTjDxOcM4NDhwToq4aRKGKXVGowHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzODM1MmUzMTM3MzIyZTMx
MzczNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNTMzMzkzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmsrjANBgkqhkiG9w0BAQsFAAOCAQEABTtmIiJduBjm35+7RTDAxQj+zdNf
UiarJAKydOyRUdHkQWDrCOkhG5eAVhBrLWI/xOo6TzS2+CXW9RBjbkAdFMazvPaV
ekZn/XzxpsTDwABbsLorCnekkOsz/KEmKxAVK8uO7T2kh3nTk4t2IwxtfNASUyTk
SC4ov1xUGyQeJ/01uBfS7rrSIYi2yGuOdjvCPf9xTR93HijQqySCnw/gNH8Og+lC
/pLaISx3myFlK1Wny209RuiqniEmsi7rIjk+4otp1umW43qHTIxCJO5JJVOtN5Wa
YlFcwVc2BLER4wJepoTBVMpMWHNX0ZD6iDRt4tNet48cBLB7al4b5gSneQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:43 2024 by rpki-client on console-ams.rpki-client.org