Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33372e3233392e302f32342d3234203d3e20323036353035.roa
File: 3139332e33372e3233392e302f32342d3234203d3e20323036353035.roa (raw, json)
Hash identifier: Yy12JJjY90pkNcYNfiQ+EW7F0PMjTrs2EFyXhDDTsrM=
Subject key identifier: AD:E1:F8:D5:B6:41:F1:B8:38:CA:AD:09:26:DC:79:3F:A6:84:88:47
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 7AA6AC5FEC3704BD446C519CEFFA0426B1B9196A
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33372e3233392e302f32342d3234203d3e20323036353035.roa
Signing time: Sat 08 Jun 2024 09:05:18 +0000
ROA not before: Sat 08 Jun 2024 09:00:18 +0000
ROA not after: Sat 07 Jun 2025 09:05:18 +0000
asID: 206505
IP address blocks: 193.37.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 05:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:a6:ac:5f:ec:37:04:bd:44:6c:51:9c:ef:fa:04:26:b1:b9:19:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 8 09:00:18 2024 GMT
Not After : Jun 7 09:05:18 2025 GMT
Subject: CN=ADE1F8D5B641F1B838CAAD0926DC793FA6848847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:08:36:7f:b5:b5:ca:9c:0f:bc:9d:39:98:a0:
f9:e6:98:73:df:45:ed:b0:0b:df:30:ae:c8:d1:4b:
a2:ed:f6:90:65:b3:c9:f0:d1:a6:4d:23:35:6f:c3:
e0:6f:65:d0:9c:a3:7f:7f:c8:aa:a3:ca:9f:3f:90:
17:51:35:68:91:a8:95:34:5c:11:d4:1d:3f:57:1b:
e0:9a:b0:8a:03:71:64:ff:11:8f:f2:15:06:73:7e:
37:9e:f0:d2:72:aa:8e:19:f9:e8:64:d0:c6:5c:a5:
c4:1b:ec:30:96:1e:65:13:a8:44:69:69:cb:f3:5c:
8c:1c:c2:2e:8f:e3:b3:49:d8:e6:eb:e8:db:29:b9:
b6:eb:f6:2a:2b:06:68:2e:a0:c7:62:26:a0:71:f1:
c4:59:df:aa:dc:bc:97:b6:7f:d9:5e:47:d0:d6:f6:
e8:01:f0:47:9c:7f:cc:3a:b7:33:1b:79:63:dd:c6:
07:67:72:7e:84:82:3f:da:2f:31:de:4c:44:5f:e0:
a8:da:ce:1f:29:38:db:74:2d:a5:c9:33:67:41:02:
7a:50:a3:7f:56:3b:05:a2:2e:01:88:ee:3f:b0:80:
bb:54:8d:08:05:fe:c7:fb:fb:10:6a:0a:27:73:62:
dd:6d:95:37:2f:55:5b:c2:6a:11:56:f2:45:ea:f6:
26:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:E1:F8:D5:B6:41:F1:B8:38:CA:AD:09:26:DC:79:3F:A6:84:88:47
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33372e3233392e302f32342d3234203d3e20323036353035.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.239.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:68:8f:33:13:c6:47:b4:02:3a:a7:c1:be:19:73:36:63:d5:
de:6b:a6:e1:75:1f:49:18:a1:72:8c:16:65:3d:e4:ba:c6:5b:
47:2e:b1:25:11:8b:0c:02:c6:f2:e5:65:bf:fd:1f:77:df:44:
06:56:13:80:ae:5c:c1:16:7c:bf:f2:56:b0:c7:c3:81:69:33:
ba:3c:a9:5c:9f:c4:7c:ca:18:35:99:60:7c:77:4e:43:dc:2d:
ed:99:07:48:d9:8b:8a:b5:b1:d9:c2:ca:6d:a8:d8:91:e2:51:
14:41:75:6c:0f:12:4a:9b:8c:7a:11:8e:8a:82:33:c9:1f:f0:
2e:c3:01:b9:fb:7d:43:46:96:2d:5e:10:e4:10:42:8a:77:7d:
cd:0c:8b:68:85:cb:b5:17:41:16:df:b6:dd:9c:5b:a3:e5:9f:
92:e9:56:6c:d6:2d:a6:c2:cf:6c:da:d3:2e:27:ac:9c:f4:52:
34:59:93:b6:3b:e7:9b:a8:10:4d:f6:12:f0:8c:ec:61:15:1d:
f4:6c:98:24:ab:03:59:45:18:f4:17:56:4f:67:c6:f6:f9:fb:
2f:25:eb:8a:d3:d6:5f:1d:21:82:ae:01:a5:b6:59:84:8a:29:
9b:c5:3e:33:ba:ce:a0:28:aa:cb:8c:3c:f9:df:4c:e8:fe:07:
bb:c5:b1:f2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeqasX+w3BL1EbFGc7/oEJrG5GWowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA2MDgwOTAwMThaFw0yNTA2MDcwOTA1MThaMDMxMTAvBgNV
BAMTKEFERTFGOEQ1QjY0MUYxQjgzOENBQUQwOTI2REM3OTNGQTY4NDg4NDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKCDZ/tbXKnA+8nTmYoPnmmHPf
Re2wC98wrsjRS6Lt9pBls8nw0aZNIzVvw+BvZdCco39/yKqjyp8/kBdRNWiRqJU0
XBHUHT9XG+CasIoDcWT/EY/yFQZzfjee8NJyqo4Z+ehk0MZcpcQb7DCWHmUTqERp
acvzXIwcwi6P47NJ2Obr6Nspubbr9iorBmguoMdiJqBx8cRZ36rcvJe2f9leR9DW
9ugB8Eecf8w6tzMbeWPdxgdncn6Egj/aLzHeTERf4Kjazh8pONt0LaXJM2dBAnpQ
o39WOwWiLgGI7j+wgLtUjQgF/sf7+xBqCidzYt1tlTcvVVvCahFW8kXq9ibvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUreH41bZB8bg4yq0JJtx5P6aEiEcwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzOTMzMmUzMzM3MmUzMjMz
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzNTMwMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBJe8wDQYJKoZIhvcNAQELBQADggEBAGtojzMTxke0Ajqnwb4ZczZj1d5rpuF1
H0kYoXKMFmU95LrGW0cusSURiwwCxvLlZb/9H3ffRAZWE4CuXMEWfL/yVrDHw4Fp
M7o8qVyfxHzKGDWZYHx3TkPcLe2ZB0jZi4q1sdnCym2o2JHiURRBdWwPEkqbjHoR
joqCM8kf8C7DAbn7fUNGli1eEOQQQop3fc0Mi2iFy7UXQRbftt2cW6Pln5LpVmzW
LabCz2za0y4nrJz0UjRZk7Y755uoEE32EvCM7GEVHfRsmCSrA1lFGPQXVk9nxvb5
+y8l64rT1l8dIYKuAaW2WYSKKZvFPjO6zqAoqsuMPPnfTOj+B7vFsfI=
-----END CERTIFICATE-----
Generated at Sat Jun 15 13:43:33 2024 by rpki-client on console-fra.rpki-client.org