Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3233302e302f32332d3233203d3e20323031333431.roa
File: 37372e3233372e3233302e302f32332d3233203d3e20323031333431.roa (raw, json)
Hash identifier: Zm9niIF5ScmcWU8naMt2BqCFiUBC8kQYYqV1WxF2jsI=
Subject key identifier: B0:E0:75:CA:79:F2:C6:9D:A6:6A:4B:59:63:14:89:42:0F:90:85:5E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 097D74D46AACAB23C0610FBD4858D656AD01A9D1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3233302e302f32332d3233203d3e20323031333431.roa
Signing time: Mon 26 Feb 2024 08:52:59 +0000
ROA not before: Mon 26 Feb 2024 08:47:59 +0000
ROA not after: Mon 24 Feb 2025 08:52:59 +0000
asID: 201341
IP address blocks: 77.237.230.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 16:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:7d:74:d4:6a:ac:ab:23:c0:61:0f:bd:48:58:d6:56:ad:01:a9:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:47:59 2024 GMT
Not After : Feb 24 08:52:59 2025 GMT
Subject: CN=B0E075CA79F2C69DA66A4B59631489420F90855E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:64:69:87:dd:d8:52:b6:6a:c6:e5:4a:3f:a1:
4a:f7:fd:d5:14:1d:52:3c:a6:f7:dd:2d:29:9d:59:
0b:33:5a:16:8e:95:1a:39:7f:d5:b9:89:6d:eb:31:
ae:bd:39:88:9d:d5:9b:4d:69:4f:1f:2f:4c:84:9f:
28:04:96:12:dd:48:fc:a4:4c:1c:47:61:13:08:60:
5f:84:0d:ca:ed:ee:80:d3:d1:b9:1a:20:80:5f:9a:
45:93:bb:ce:63:5e:af:e5:46:93:44:7e:2b:fb:fc:
d7:d9:ee:9f:f8:57:da:55:3a:87:99:39:30:72:91:
e5:ed:5a:48:b0:ca:b5:5b:6f:58:ab:79:6e:b1:fb:
9a:d5:92:75:43:6e:a6:fe:77:a6:f5:3e:4b:3c:64:
96:36:3b:f9:38:ed:8e:3d:d2:5c:ea:09:34:62:ae:
a1:c5:9a:90:40:1e:da:4e:03:4e:99:24:aa:b4:6a:
79:ac:3a:ec:06:b9:ad:07:5d:2d:a2:8b:09:51:d8:
13:41:b6:5f:3a:cd:81:44:9a:9b:6a:20:ef:c9:5b:
fc:8d:8d:f5:d7:fb:c8:bb:a3:b8:3f:57:9d:84:89:
e6:5b:72:ff:0e:c1:c2:9c:bf:38:fb:d7:6e:e9:d0:
77:d9:a3:17:67:b0:e5:91:21:4c:93:da:d0:0e:e5:
c4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:E0:75:CA:79:F2:C6:9D:A6:6A:4B:59:63:14:89:42:0F:90:85:5E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3233302e302f32332d3233203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.237.230.0/23
Signature Algorithm: sha256WithRSAEncryption
31:7f:dd:36:62:79:4f:a7:b2:e9:05:57:48:af:c6:25:9f:44:
c4:d8:33:b3:f1:35:a9:13:37:0b:91:39:d5:79:5e:2e:4a:4e:
33:d0:f4:db:2d:a8:54:c7:59:15:74:62:54:85:d2:75:5a:85:
1d:1a:7a:ae:15:6f:e8:dc:aa:a7:60:97:39:10:0c:3a:64:18:
b6:e1:72:c1:ff:44:19:d3:bf:8e:28:f8:e5:17:ec:6c:cc:37:
7b:49:82:7d:53:33:82:46:b8:20:51:c9:87:ca:a7:6d:5f:d8:
a6:4a:16:30:b6:85:38:e5:63:77:df:37:09:10:41:bf:e0:22:
f3:5b:96:f2:dc:37:c2:77:7a:97:5f:a4:d3:95:08:fc:8f:46:
4d:a0:6f:99:d9:18:d2:c6:91:29:cf:1d:05:4b:af:fe:c9:8f:
38:06:4c:d3:96:0b:5b:9e:71:bc:23:22:2a:4b:9a:5d:d8:ec:
53:6b:7e:d3:bb:70:7e:ad:c8:20:77:71:e0:eb:a8:c0:c1:15:
cb:a4:82:2e:04:9e:dc:8d:e9:25:89:75:b8:fd:ac:13:3e:ba:
55:7f:49:b2:48:67:a5:b7:80:31:14:41:d2:97:17:a7:1a:63:
15:e0:be:97:b9:13:4c:9a:bd:50:71:15:43:09:ed:82:43:3c:
28:66:9f:dd
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCX101GqsqyPAYQ+9SFjWVq0BqdEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ3NTlaFw0yNTAyMjQwODUyNTlaMDMxMTAvBgNV
BAMTKEIwRTA3NUNBNzlGMkM2OURBNjZBNEI1OTYzMTQ4OTQyMEY5MDg1NUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChZGmH3dhStmrG5Uo/oUr3/dUU
HVI8pvfdLSmdWQszWhaOlRo5f9W5iW3rMa69OYid1ZtNaU8fL0yEnygElhLdSPyk
TBxHYRMIYF+EDcrt7oDT0bkaIIBfmkWTu85jXq/lRpNEfiv7/NfZ7p/4V9pVOoeZ
OTBykeXtWkiwyrVbb1ireW6x+5rVknVDbqb+d6b1Pks8ZJY2O/k47Y490lzqCTRi
rqHFmpBAHtpOA06ZJKq0anmsOuwGua0HXS2iiwlR2BNBtl86zYFEmptqIO/JW/yN
jfXX+8i7o7g/V52EieZbcv8OwcKcvzj7127p0HfZoxdnsOWRIUyT2tAO5cQxAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUsOB1ynnyxp2maktZYxSJQg+QhV4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzczNzJlMzIzMzM3MmUzMjMz
MzAyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFN7eYwDQYJKoZIhvcNAQELBQADggEBADF/3TZieU+nsukFV0ivxiWfRMTYM7Px
NakTNwuROdV5Xi5KTjPQ9NstqFTHWRV0YlSF0nVahR0aeq4Vb+jcqqdglzkQDDpk
GLbhcsH/RBnTv44o+OUX7GzMN3tJgn1TM4JGuCBRyYfKp21f2KZKFjC2hTjlY3ff
NwkQQb/gIvNblvLcN8J3epdfpNOVCPyPRk2gb5nZGNLGkSnPHQVLr/7JjzgGTNOW
C1uecbwjIipLml3Y7FNrftO7cH6tyCB3ceDrqMDBFcukgi4EntyN6SWJdbj9rBM+
ulV/SbJIZ6W3gDEUQdKXF6caYxXgvpe5E0yavVBxFUMJ7YJDPChmn90=
-----END CERTIFICATE-----
Generated at Mon May 20 20:18:10 2024 by rpki-client on console-ams.rpki-client.org