Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36312e302f32342d3234203d3e20383334.roa
File: 3130392e3233362e36312e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: I7/Pv8TmJnaAJJGCNb/yY+u6/iqq6NlPpIJSNwKKZRM=
Subject key identifier: 0C:43:F2:2F:87:28:1D:45:C9:F9:C6:84:8F:DA:50:36:D4:DF:5E:EF
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 4B49AA5CF86468068EE8D16211A72A4BD99529C5
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36312e302f32342d3234203d3e20383334.roa
Signing time: Wed 01 Nov 2023 07:53:32 +0000
ROA not before: Wed 01 Nov 2023 07:48:32 +0000
ROA not after: Wed 30 Oct 2024 07:53:32 +0000
asID: 834
IP address blocks: 109.236.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:49:aa:5c:f8:64:68:06:8e:e8:d1:62:11:a7:2a:4b:d9:95:29:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Nov 1 07:48:32 2023 GMT
Not After : Oct 30 07:53:32 2024 GMT
Subject: CN=0C43F22F87281D45C9F9C6848FDA5036D4DF5EEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:9f:9f:8d:4d:7e:a8:a0:2a:65:d9:3f:6a:a8:
39:b6:88:dc:dc:79:f7:10:c0:22:db:8c:41:c3:85:
4f:90:ab:e6:fb:fe:b4:c7:6b:f0:1c:ca:77:36:67:
99:b4:20:8a:1e:11:13:dc:7e:29:fe:3f:2f:0c:32:
c7:e9:d9:26:3b:16:06:b2:ef:6a:71:cf:d6:db:39:
9c:4e:6e:1e:3e:f0:3c:bd:13:0b:4f:ae:1a:ad:31:
db:37:f9:3d:e9:15:ea:e3:83:84:55:29:f8:23:49:
ec:19:bd:e5:49:1c:da:2a:e2:95:0b:1f:52:26:59:
d4:e6:11:f8:27:37:5a:97:2d:f3:3c:19:f0:78:7f:
b5:8e:42:08:3d:8e:4f:9c:83:b3:92:8d:34:e2:4e:
8f:16:3a:b7:23:c9:55:63:66:62:db:4b:98:d3:c6:
0d:2d:9e:0d:74:3f:a0:69:99:2c:be:26:b5:8b:b8:
b9:66:35:37:88:e2:1c:b5:d7:7c:cf:d4:0e:33:d7:
d1:04:66:c4:cf:c0:23:93:a7:54:12:ac:61:ab:be:
ac:64:a7:5f:aa:0c:14:2c:61:04:7d:54:90:22:08:
9c:b4:a9:8c:00:dc:45:38:45:12:6f:be:12:d5:81:
0f:f8:48:c2:d2:ca:ea:3d:57:48:3d:f9:d4:6c:88:
01:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:43:F2:2F:87:28:1D:45:C9:F9:C6:84:8F:DA:50:36:D4:DF:5E:EF
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36312e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.61.0/24
Signature Algorithm: sha256WithRSAEncryption
93:73:02:a2:3e:f2:ff:4c:2f:38:9f:2e:8b:b8:7e:23:22:24:
62:6c:20:eb:b9:5d:2e:13:7a:92:1d:d2:4a:6e:02:ce:a5:ee:
f8:f9:87:4c:fe:7e:a1:3e:5f:df:8b:c9:ba:ae:1c:72:f8:e4:
c3:1e:07:6e:c6:c1:44:b1:c7:b1:ee:33:71:52:60:7a:85:37:
68:9e:51:ff:a4:ea:f5:af:b8:30:42:fc:ab:3d:76:d2:7f:3b:
fb:1d:19:cb:14:51:9d:c9:1d:38:58:3c:a5:37:75:c6:49:5a:
d2:c4:eb:87:5f:cd:d2:87:20:ef:4e:e5:5e:a3:fa:db:26:b2:
d1:38:08:2e:51:de:bb:83:d9:69:3a:e0:31:74:4f:de:49:29:
4c:69:7e:b9:53:23:f9:27:18:ce:38:85:78:de:65:37:7e:b3:
be:43:de:e7:88:a9:39:f1:2a:d5:cb:56:32:85:cb:fe:05:e9:
b5:c8:47:a7:34:02:f5:3b:6d:a1:13:d9:8b:d3:59:e7:05:23:
b0:94:49:a6:3e:dd:9e:f5:e6:fd:91:02:a4:4d:fc:fe:33:d4:
19:a1:b9:20:10:b4:12:b2:90:27:cf:78:e4:cd:29:bf:e2:d1:
96:73:8f:7d:44:2d:5c:34:f3:c3:6b:a0:e4:a0:3c:26:3e:65:
40:73:10:51
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUS0mqXPhkaAaO6NFiEacqS9mVKcUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzExMDEwNzQ4MzJaFw0yNDEwMzAwNzUzMzJaMDMxMTAvBgNV
BAMTKDBDNDNGMjJGODcyODFENDVDOUY5QzY4NDhGREE1MDM2RDRERjVFRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCen5+NTX6ooCpl2T9qqDm2iNzc
efcQwCLbjEHDhU+Qq+b7/rTHa/Acync2Z5m0IIoeERPcfin+Py8MMsfp2SY7Fgay
72pxz9bbOZxObh4+8Dy9EwtPrhqtMds3+T3pFerjg4RVKfgjSewZveVJHNoq4pUL
H1ImWdTmEfgnN1qXLfM8GfB4f7WOQgg9jk+cg7OSjTTiTo8WOrcjyVVjZmLbS5jT
xg0tng10P6BpmSy+JrWLuLlmNTeI4hy113zP1A4z19EEZsTPwCOTp1QSrGGrvqxk
p1+qDBQsYQR9VJAiCJy0qYwA3EU4RRJvvhLVgQ/4SMLSyuo9V0g9+dRsiAE7AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUDEPyL4coHUXJ+caEj9pQNtTfXu8wHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzMDM5MmUzMjMzMzYyZTM2
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABt7D0w
DQYJKoZIhvcNAQELBQADggEBAJNzAqI+8v9MLzifLou4fiMiJGJsIOu5XS4TepId
0kpuAs6l7vj5h0z+fqE+X9+LybquHHL45MMeB27GwUSxx7HuM3FSYHqFN2ieUf+k
6vWvuDBC/Ks9dtJ/O/sdGcsUUZ3JHThYPKU3dcZJWtLE64dfzdKHIO9O5V6j+tsm
stE4CC5R3ruD2Wk64DF0T95JKUxpfrlTI/knGM44hXjeZTd+s75D3ueIqTnxKtXL
VjKFy/4F6bXIR6c0AvU7baET2YvTWecFI7CUSaY+3Z715v2RAqRN/P4z1BmhuSAQ
tBKykCfPeOTNKb/i0ZZzj31ELVw088NroOSgPCY+ZUBzEFE=
-----END CERTIFICATE-----
Generated at Thu May 2 10:53:05 2024 by rpki-client on console-fra.rpki-client.org