Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232322e302f32342d3234203d3e203631333137.roa
File: 38352e3230392e3232322e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: lW4RtABQ2LeqNBvshN4Csyx0M+bzc0y28SSOXZR9mX4=
Subject key identifier: 75:A6:ED:84:4B:87:5B:70:10:4D:D5:1D:26:64:69:0B:79:FD:E2:6D
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 4A9EDE87B9A6A5D0F6CD078599950DE9FB53E314
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232322e302f32342d3234203d3e203631333137.roa
Signing time: Sun 02 Jul 2023 02:26:45 +0000
ROA not before: Sun 02 Jul 2023 02:21:45 +0000
ROA not after: Sun 30 Jun 2024 02:26:45 +0000
asID: 61317
IP address blocks: 85.209.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 14:41:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:9e:de:87:b9:a6:a5:d0:f6:cd:07:85:99:95:0d:e9:fb:53:e3:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jul 2 02:21:45 2023 GMT
Not After : Jun 30 02:26:45 2024 GMT
Subject: CN=75A6ED844B875B70104DD51D2664690B79FDE26D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:71:25:1c:43:58:37:f5:8e:33:ec:7c:3c:91:
3f:2b:5c:94:36:6b:c6:a6:94:27:7d:b9:0d:5e:de:
e0:7a:8e:94:6f:65:31:9b:21:61:05:f1:ae:45:65:
16:e7:f0:12:e2:84:88:32:5b:52:f6:c2:63:24:44:
72:e9:3c:f9:22:d8:48:ee:60:a0:85:67:de:2a:ac:
52:6a:e9:d9:cd:02:61:c1:96:03:1d:1c:40:69:46:
0b:22:1a:52:1f:3f:72:80:8e:8b:e1:e4:a4:0c:e1:
6a:bf:35:19:0a:40:ce:be:27:ed:a0:86:e2:5e:94:
1f:ae:a7:60:2f:0a:e0:ee:91:08:5f:3f:ed:98:2d:
54:e0:18:1d:1f:e2:eb:74:0e:2e:48:b2:84:ea:15:
5d:09:88:b6:f1:4a:b9:1c:98:4f:29:e5:fe:eb:f9:
f3:6d:9d:b8:02:dd:07:d2:c7:b3:20:43:e7:50:d9:
0a:0a:60:a8:ab:7c:83:21:74:90:ec:df:12:04:09:
aa:5d:0f:02:7a:bd:2e:cb:b5:67:5b:8a:97:de:17:
89:a1:02:6c:46:1f:ec:22:6b:49:69:ca:61:22:ea:
44:1d:e5:af:41:5a:bb:4a:cc:46:47:1d:69:8a:96:
3b:e2:90:36:98:db:8c:02:9a:1e:d2:1f:43:75:8d:
e3:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:A6:ED:84:4B:87:5B:70:10:4D:D5:1D:26:64:69:0B:79:FD:E2:6D
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232322e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.222.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:86:36:97:50:66:2b:9f:c9:f3:bf:bc:41:1c:95:8d:2f:5b:
37:59:d3:c2:51:49:19:b5:0f:c8:c7:03:8c:8d:7b:26:0d:01:
a3:09:5d:82:a8:fd:cf:c5:68:44:15:7d:7c:2b:22:47:04:41:
c1:be:1b:9f:e5:72:c8:46:e7:de:e3:37:2b:33:0c:21:51:4a:
ce:d4:ab:e6:26:1b:df:95:b2:13:bd:82:c3:5a:48:c8:1b:00:
4a:79:a7:64:06:c8:8f:0a:ce:96:57:35:3a:1d:bf:8b:2c:b3:
a7:29:ed:27:66:95:50:a1:d6:99:7c:cf:c1:33:20:cf:8f:ed:
77:4f:9c:80:62:bc:d3:e0:c2:79:34:94:8a:5a:ea:2c:d5:0d:
90:ac:d8:cb:8b:16:89:01:c7:9a:b0:1d:f6:bb:df:e3:3d:34:
80:69:3f:3a:b2:db:fe:73:4f:49:db:80:05:ae:e6:35:10:b9:
a1:a0:31:07:19:22:8c:a4:27:22:cc:63:b4:df:74:19:66:1e:
f5:16:c1:01:32:7e:09:f3:21:22:1d:9f:0d:74:89:32:6f:ec:
f2:5f:d8:03:71:ac:18:6f:f7:4a:f5:d3:ba:03:03:78:04:5b:
4a:ae:f0:c9:31:5b:b4:60:56:1e:d4:79:d3:d2:38:b1:65:97:
ee:8a:ed:88
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSp7eh7mmpdD2zQeFmZUN6ftT4xQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzA3MDIwMjIxNDVaFw0yNDA2MzAwMjI2NDVaMDMxMTAvBgNV
BAMTKDc1QTZFRDg0NEI4NzVCNzAxMDRERDUxRDI2NjQ2OTBCNzlGREUyNkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCycSUcQ1g39Y4z7Hw8kT8rXJQ2
a8amlCd9uQ1e3uB6jpRvZTGbIWEF8a5FZRbn8BLihIgyW1L2wmMkRHLpPPki2Eju
YKCFZ94qrFJq6dnNAmHBlgMdHEBpRgsiGlIfP3KAjovh5KQM4Wq/NRkKQM6+J+2g
huJelB+up2AvCuDukQhfP+2YLVTgGB0f4ut0Di5IsoTqFV0JiLbxSrkcmE8p5f7r
+fNtnbgC3QfSx7MgQ+dQ2QoKYKirfIMhdJDs3xIECapdDwJ6vS7LtWdbipfeF4mh
AmxGH+wia0lpymEi6kQd5a9BWrtKzEZHHWmKljvikDaY24wCmh7SH0N1jeOxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUdabthEuHW3AQTdUdJmRpC3n94m0wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzgzNTJlMzIzMDM5MmUzMjMy
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdHeMA0GCSqGSIb3DQEBCwUAA4IBAQBrhjaXUGYrn8nzv7xBHJWNL1s3WdPCUUkZ
tQ/IxwOMjXsmDQGjCV2CqP3PxWhEFX18KyJHBEHBvhuf5XLIRufe4zcrMwwhUUrO
1KvmJhvflbITvYLDWkjIGwBKeadkBsiPCs6WVzU6Hb+LLLOnKe0nZpVQodaZfM/B
MyDPj+13T5yAYrzT4MJ5NJSKWuos1Q2QrNjLixaJAceasB32u9/jPTSAaT86stv+
c09J24AFruY1ELmhoDEHGSKMpCcizGO033QZZh71FsEBMn4J8yEiHZ8NdIkyb+zy
X9gDcawYb/dK9dO6AwN4BFtKrvDJMVu0YFYe1HnT0jixZZfuiu2I
-----END CERTIFICATE-----
Generated at Fri May 3 22:27:46 2024 by rpki-client on console-ams.rpki-client.org