Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137342e302f32342d3234203d3e203439393831.roa
File: 3138352e3137322e3137342e302f32342d3234203d3e203439393831.roa (raw, json)
Hash identifier: tQpmomGohzWOGIQWvHaLPGfDQ6JjLsG+6XQCV8bZ3ks=
Subject key identifier: FF:A0:B0:3C:62:11:0F:8C:B2:12:3A:ED:88:A9:F4:78:96:2F:7F:CB
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 2A57BD9CED482134753E1FE233165450EAA1858B
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137342e302f32342d3234203d3e203439393831.roa
Signing time: Mon 22 Apr 2024 14:05:16 +0000
ROA not before: Mon 22 Apr 2024 14:00:16 +0000
ROA not after: Mon 21 Apr 2025 14:05:16 +0000
asID: 49981
IP address blocks: 185.172.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:57:bd:9c:ed:48:21:34:75:3e:1f:e2:33:16:54:50:ea:a1:85:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Apr 22 14:00:16 2024 GMT
Not After : Apr 21 14:05:16 2025 GMT
Subject: CN=FFA0B03C62110F8CB2123AED88A9F478962F7FCB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:fc:cc:7a:66:88:5f:74:53:a7:69:72:9e:88:
3c:ca:11:a1:b5:64:34:bd:55:30:f2:49:3e:36:47:
d1:a4:92:55:db:f5:fe:b6:4f:bd:5c:d0:bf:5a:3f:
12:e2:32:40:e3:dd:24:07:98:c4:20:ba:c4:19:2c:
d5:f4:28:cf:f4:1c:ed:37:2e:b0:95:88:95:65:3c:
a5:bb:bb:7d:2b:b0:a5:78:20:59:cf:e8:6e:ad:d3:
91:2c:80:eb:9a:b0:2e:39:50:a7:46:67:08:93:5a:
80:c0:82:ce:dd:be:13:e9:5c:de:01:fa:bd:ff:e7:
19:bb:bb:69:f2:fe:c0:ae:b4:b5:c3:1f:92:10:c4:
87:fd:ad:d2:b9:ba:09:6d:9f:d8:a9:b6:68:33:d4:
27:ec:1d:3b:15:50:cf:e1:db:57:be:41:61:f8:c2:
dc:8c:f3:93:5d:21:3e:1e:da:97:a5:0a:76:85:07:
db:42:bb:76:b4:5e:33:32:13:57:d3:36:45:8e:fb:
a3:6a:19:4b:d5:a0:1e:16:2c:fc:ae:9b:e6:ee:7d:
09:12:7c:05:eb:ce:d0:60:44:53:6e:5c:1b:67:c2:
90:e1:0a:4e:71:aa:c1:00:06:71:3e:32:9b:66:88:
dc:39:61:d2:9b:92:00:c1:32:76:db:08:06:ce:bf:
73:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:A0:B0:3C:62:11:0F:8C:B2:12:3A:ED:88:A9:F4:78:96:2F:7F:CB
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137342e302f32342d3234203d3e203439393831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.174.0/24
Signature Algorithm: sha256WithRSAEncryption
65:5d:d1:50:a3:8e:89:a7:19:33:cb:a8:3d:e0:e9:a9:b9:b3:
c7:b1:74:ee:cd:63:e2:64:f6:87:43:dd:61:43:55:87:3a:05:
b8:0f:90:11:b4:f9:15:13:c3:3f:e0:da:b0:94:2b:c2:46:25:
7f:1b:3b:fd:a5:a4:55:90:69:4f:5c:55:32:f6:fa:41:b2:e2:
91:ae:ed:b8:eb:6c:92:f2:63:ff:e4:b8:45:ea:0d:12:6c:eb:
37:fb:b1:c6:ea:31:c9:a4:d4:50:35:33:b8:ca:d8:c1:bb:bc:
0b:3f:a1:1e:81:5a:14:8c:93:70:e0:68:03:2a:bb:29:cf:24:
fe:42:21:27:a9:57:7b:26:f5:19:a6:3f:4e:fa:ea:a7:a9:60:
4e:03:4f:5c:e5:a7:b1:ea:17:f5:98:90:0a:4c:b8:fe:fe:92:
09:ce:02:d0:8a:62:e5:5b:e7:42:af:bc:42:99:3d:b7:84:c3:
28:82:6e:c1:1c:ce:d2:0c:7b:d3:ff:d2:28:23:9b:ec:93:82:
2b:78:ef:0d:3c:eb:db:07:9e:55:8f:c7:1f:9b:27:7d:15:6a:
25:d2:f5:29:ab:2f:2d:2e:9c:ec:0d:7b:14:bc:14:b7:d6:37:
9c:97:5f:f8:03:29:1e:57:97:dd:5d:04:f7:dd:57:7c:0e:5e:
78:75:34:b9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKle9nO1IITR1Ph/iMxZUUOqhhYswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA0MjIxNDAwMTZaFw0yNTA0MjExNDA1MTZaMDMxMTAvBgNV
BAMTKEZGQTBCMDNDNjIxMTBGOENCMjEyM0FFRDg4QTlGNDc4OTYyRjdGQ0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDk/Mx6ZohfdFOnaXKeiDzKEaG1
ZDS9VTDyST42R9GkklXb9f62T71c0L9aPxLiMkDj3SQHmMQgusQZLNX0KM/0HO03
LrCViJVlPKW7u30rsKV4IFnP6G6t05EsgOuasC45UKdGZwiTWoDAgs7dvhPpXN4B
+r3/5xm7u2ny/sCutLXDH5IQxIf9rdK5ugltn9iptmgz1CfsHTsVUM/h21e+QWH4
wtyM85NdIT4e2pelCnaFB9tCu3a0XjMyE1fTNkWO+6NqGUvVoB4WLPyum+bufQkS
fAXrztBgRFNuXBtnwpDhCk5xqsEABnE+MptmiNw5YdKbkgDBMnbbCAbOv3PzAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU/6CwPGIRD4yyEjrtiKn0eJYvf8swHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzODM1MmUzMTM3MzIyZTMx
MzczNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzkzOTM4MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5rK4wDQYJKoZIhvcNAQELBQADggEBAGVd0VCjjomnGTPLqD3g6am5s8exdO7N
Y+Jk9odD3WFDVYc6BbgPkBG0+RUTwz/g2rCUK8JGJX8bO/2lpFWQaU9cVTL2+kGy
4pGu7bjrbJLyY//kuEXqDRJs6zf7scbqMcmk1FA1M7jK2MG7vAs/oR6BWhSMk3Dg
aAMquynPJP5CISepV3sm9RmmP0766qepYE4DT1zlp7HqF/WYkApMuP7+kgnOAtCK
YuVb50KvvEKZPbeEwyiCbsEcztIMe9P/0igjm+yTgit47w0869sHnlWPxx+bJ30V
aiXS9SmrLy0unOwNexS8FLfWN5yXX/gDKR5Xl91dBPfdV3wOXnh1NLk=
-----END CERTIFICATE-----
Generated at Tue May 7 20:08:18 2024 by rpki-client on console-fra.rpki-client.org