Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/322e35392e36322e302f32342d3234203d3e203633303233.roa
File: 322e35392e36322e302f32342d3234203d3e203633303233.roa (raw, json)
Hash identifier: tksU4rsJNNLAbewEIxl9cvqicaoE4XoPbYcSrotThbg=
Subject key identifier: 57:C6:02:66:83:C9:9D:28:5C:9B:F9:99:F1:60:7F:B1:0D:BA:D2:2F
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 3CA35D834E28148B2F8BF1BC2EA6DEE58DF61D2D
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/322e35392e36322e302f32342d3234203d3e203633303233.roa
Signing time: Fri 22 Dec 2023 08:05:08 +0000
ROA not before: Fri 22 Dec 2023 08:00:08 +0000
ROA not after: Fri 20 Dec 2024 08:05:08 +0000
asID: 63023
IP address blocks: 2.59.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:a3:5d:83:4e:28:14:8b:2f:8b:f1:bc:2e:a6:de:e5:8d:f6:1d:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Dec 22 08:00:08 2023 GMT
Not After : Dec 20 08:05:08 2024 GMT
Subject: CN=57C6026683C99D285C9BF999F1607FB10DBAD22F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d5:55:c0:3a:97:7f:06:73:eb:bd:55:fe:f1:
18:18:ed:10:5d:04:6d:9e:48:62:95:1b:32:ca:a2:
f2:ee:75:f1:fc:34:02:a6:2a:de:82:99:fc:9f:eb:
11:18:fc:b2:b7:74:60:db:7d:69:2c:2d:44:c5:ad:
8d:d2:b6:35:5d:b7:07:54:d4:16:89:04:6f:c2:f1:
95:b0:d8:43:bf:39:5f:2d:4c:b3:ee:a7:29:6d:fe:
be:b9:b8:0c:9f:c4:62:f0:65:8d:60:06:4e:45:6a:
e8:3f:19:f4:2e:b7:e5:b9:0e:9d:4d:74:c9:24:b3:
fb:51:4c:ed:81:e5:0f:7b:cb:80:c8:a9:83:d5:9f:
84:65:7f:34:b0:c4:2c:e6:4f:33:d4:7d:5b:65:04:
0c:de:ec:89:f3:fa:4c:82:28:0a:a8:71:6a:a9:2a:
da:89:e7:2a:46:36:a8:13:6a:0e:fe:d5:7a:60:1d:
b0:1a:c2:8c:a9:39:fa:1e:48:10:07:f1:a4:78:21:
fd:d0:61:d1:59:76:c4:ef:de:0f:37:59:62:2a:82:
16:61:ad:7e:3f:40:5c:8c:af:00:3e:20:bc:f6:2a:
04:db:8d:92:bb:bf:dc:80:1e:18:43:05:33:cf:37:
de:c1:a8:d4:33:2d:08:01:df:56:83:08:11:69:02:
a0:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:C6:02:66:83:C9:9D:28:5C:9B:F9:99:F1:60:7F:B1:0D:BA:D2:2F
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/322e35392e36322e302f32342d3234203d3e203633303233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.62.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:db:bd:e9:37:b1:f8:31:50:bc:e2:b5:c0:98:68:93:8b:12:
0d:eb:b3:0e:0a:8d:e3:56:e4:d1:97:c5:f3:28:16:56:73:bf:
8f:e9:45:c8:d6:30:4a:dd:60:d1:ed:8b:59:82:26:74:de:a4:
20:f8:af:4c:d4:bf:8f:9f:7c:4f:d5:be:9f:23:6e:43:be:21:
2b:c0:f6:c4:bf:d0:a7:b2:11:88:f3:93:36:99:44:8a:31:7e:
a8:50:6c:81:8c:12:ed:66:2f:08:c2:ab:f3:1f:d6:61:f9:62:
9e:17:00:58:d9:b4:5c:e4:49:d5:92:40:35:58:42:95:c4:5d:
31:1e:5a:b6:72:ef:14:a7:3a:08:bd:7c:1a:7d:34:f8:a7:4e:
ca:23:31:31:65:fc:a2:44:4f:b8:0e:5d:c5:2c:0f:71:3c:a6:
c9:6b:9c:22:78:4d:ca:a3:81:67:e8:fa:84:3b:cf:e0:ca:9d:
da:ad:1e:10:f6:29:50:15:b2:94:66:68:b8:12:93:b6:11:f3:
77:6f:aa:91:b6:db:4f:ed:eb:d7:6a:56:52:4e:87:7e:27:b5:
8d:04:7e:42:43:8f:77:78:eb:fe:4f:80:b5:3f:dd:10:8e:89:
55:8a:77:b5:7d:3a:b7:5f:48:53:13:13:fc:d2:18:48:4e:3e:
6e:bb:be:2d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUPKNdg04oFIsvi/G8Lqbe5Y32HS0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzEyMjIwODAwMDhaFw0yNDEyMjAwODA1MDhaMDMxMTAvBgNV
BAMTKDU3QzYwMjY2ODNDOTlEMjg1QzlCRjk5OUYxNjA3RkIxMERCQUQyMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD1VXAOpd/BnPrvVX+8RgY7RBd
BG2eSGKVGzLKovLudfH8NAKmKt6Cmfyf6xEY/LK3dGDbfWksLUTFrY3StjVdtwdU
1BaJBG/C8ZWw2EO/OV8tTLPupylt/r65uAyfxGLwZY1gBk5Faug/GfQut+W5Dp1N
dMkks/tRTO2B5Q97y4DIqYPVn4RlfzSwxCzmTzPUfVtlBAze7Inz+kyCKAqocWqp
KtqJ5ypGNqgTag7+1XpgHbAawoypOfoeSBAH8aR4If3QYdFZdsTv3g83WWIqghZh
rX4/QFyMrwA+ILz2KgTbjZK7v9yAHhhDBTPPN97BqNQzLQgB31aDCBFpAqB1AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUV8YCZoPJnShcm/mZ8WB/sQ260i8wHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzIyZTM1MzkyZTM2MzIyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzAzMjMzLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjs+MA0G
CSqGSIb3DQEBCwUAA4IBAQCd273pN7H4MVC84rXAmGiTixIN67MOCo3jVuTRl8Xz
KBZWc7+P6UXI1jBK3WDR7YtZgiZ03qQg+K9M1L+Pn3xP1b6fI25DviErwPbEv9Cn
shGI85M2mUSKMX6oUGyBjBLtZi8IwqvzH9Zh+WKeFwBY2bRc5EnVkkA1WEKVxF0x
Hlq2cu8UpzoIvXwafTT4p07KIzExZfyiRE+4Dl3FLA9xPKbJa5wieE3Ko4Fn6PqE
O8/gyp3arR4Q9ilQFbKUZmi4EpO2EfN3b6qRtttP7evXalZSTod+J7WNBH5CQ493
eOv+T4C1P90QjolVine1fTq3X0hTExP80hhITj5uu74t
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:08 2024 by rpki-client on console-fra.rpki-client.org