Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/39312e3232382e3136382e302f32342d3234203d3e203230343733.roa
File: 39312e3232382e3136382e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: YLf+Gqeh3snt1luhkgp+G0PRSfkwxshzMVkZDp22DcY=
Subject key identifier: 38:FC:BB:7A:59:DD:0F:35:BB:60:25:D6:FA:44:5B:E8:15:F0:34:4A
Certificate issuer: /CN=06da19f4285eb04d0310733f4ac00107b73337ad
Certificate serial: 2DBF94CA34FC59EB87B9A48FF4FFC3A041CAE30B
Authority key identifier: 06:DA:19:F4:28:5E:B0:4D:03:10:73:3F:4A:C0:01:07:B7:33:37:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BtoZ9ChesE0DEHM_SsABB7czN60.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/39312e3232382e3136382e302f32342d3234203d3e203230343733.roa
Signing time: Mon 11 Dec 2023 10:12:36 +0000
ROA not before: Mon 11 Dec 2023 10:07:36 +0000
ROA not after: Mon 09 Dec 2024 10:12:36 +0000
asID: 20473
IP address blocks: 91.228.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/06DA19F4285EB04D0310733F4AC00107B73337AD.crl
rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/06DA19F4285EB04D0310733F4AC00107B73337AD.mft
rsync://rpki.ripe.net/repository/DEFAULT/BtoZ9ChesE0DEHM_SsABB7czN60.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:bf:94:ca:34:fc:59:eb:87:b9:a4:8f:f4:ff:c3:a0:41:ca:e3:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06da19f4285eb04d0310733f4ac00107b73337ad
Validity
Not Before: Dec 11 10:07:36 2023 GMT
Not After : Dec 9 10:12:36 2024 GMT
Subject: CN=38FCBB7A59DD0F35BB6025D6FA445BE815F0344A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:74:80:be:0e:18:57:16:18:a4:66:b5:71:e3:
64:00:5c:fb:e5:48:65:53:14:f5:90:c1:94:d3:8a:
4b:e8:00:d8:90:47:1a:be:ef:ae:c3:86:87:9c:4c:
2a:d6:2e:54:50:80:96:eb:6d:35:b9:7e:7e:60:5f:
53:ef:17:0c:ef:37:20:87:1c:c9:62:f1:13:d0:05:
a2:15:91:bb:de:b1:62:43:ea:10:9e:15:de:08:31:
43:55:39:2c:05:c0:24:cf:59:90:65:9a:e1:b1:39:
ad:b4:5c:07:ae:eb:11:cc:7e:8e:66:02:37:c6:2f:
4b:53:81:8b:e6:d8:62:86:6b:44:e3:5d:88:38:bb:
a5:9b:20:22:cf:13:b7:81:66:b1:e0:ed:2e:c8:ff:
86:35:f7:ba:3f:98:81:8f:56:89:f5:cf:5d:96:d1:
fe:69:3d:eb:40:1b:8c:9a:d0:0f:91:43:08:83:42:
8e:64:54:61:77:f3:7e:89:6d:c2:b9:ba:0b:42:8a:
f2:c8:e1:11:72:97:5d:54:51:fe:ab:a8:f4:b3:fe:
d6:19:23:bd:9e:3e:39:dd:81:ea:a9:3a:47:00:b4:
68:4b:97:c6:a3:93:04:71:4b:08:1d:6a:bc:bd:bb:
98:5b:e7:6a:8e:36:41:a7:72:51:0d:89:f6:0e:bd:
4c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:FC:BB:7A:59:DD:0F:35:BB:60:25:D6:FA:44:5B:E8:15:F0:34:4A
X509v3 Authority Key Identifier:
keyid:06:DA:19:F4:28:5E:B0:4D:03:10:73:3F:4A:C0:01:07:B7:33:37:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/06DA19F4285EB04D0310733F4AC00107B73337AD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BtoZ9ChesE0DEHM_SsABB7czN60.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/39312e3232382e3136382e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.168.0/24
Signature Algorithm: sha256WithRSAEncryption
73:1e:e4:fe:c3:06:15:01:1a:8a:bb:4b:33:55:a6:e7:f8:00:
a1:e5:df:ad:29:e9:b0:58:71:e7:78:7d:c5:ed:2e:b9:39:65:
a1:02:a2:04:11:56:89:d2:03:91:75:a1:17:71:99:4c:83:70:
40:43:35:44:5c:b3:7d:39:13:91:4d:03:86:74:c5:9e:bf:a8:
e5:27:31:86:76:f1:2f:99:ed:a3:5e:e8:5e:ab:40:ff:50:47:
06:2d:80:48:13:f9:8f:89:39:2b:75:8e:89:de:4b:6a:cc:80:
0a:2b:b8:32:a3:3c:ea:76:e8:83:fe:5b:eb:86:90:fc:c7:cf:
a7:58:ac:b2:93:93:1a:0b:31:2a:34:b3:f5:f4:6a:9e:6f:45:
72:f1:d8:d0:40:a7:83:ff:45:26:45:8d:55:86:67:ea:a8:a2:
fe:14:e1:97:7e:b1:5b:18:31:aa:2e:1b:98:a1:8a:7b:31:09:
1e:6a:a9:04:c8:4c:a6:22:31:2b:b8:3f:a5:08:b1:a1:92:0d:
83:83:b9:b3:ba:2b:f3:d9:bc:10:4c:cb:78:61:52:14:fd:f8:
7c:49:da:17:96:6a:94:02:4e:cf:a4:1c:b5:30:a4:4f:34:47:
41:b1:2a:f7:7b:00:4e:b4:dc:1e:3b:bf:c1:13:1d:3c:f4:e4:
0d:6a:94:5f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULb+UyjT8WeuHuaSP9P/DoEHK4wswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDZkYTE5ZjQyODVlYjA0ZDAzMTA3MzNmNGFjMDAxMDdi
NzMzMzdhZDAeFw0yMzEyMTExMDA3MzZaFw0yNDEyMDkxMDEyMzZaMDMxMTAvBgNV
BAMTKDM4RkNCQjdBNTlERDBGMzVCQjYwMjVENkZBNDQ1QkU4MTVGMDM0NEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCldIC+DhhXFhikZrVx42QAXPvl
SGVTFPWQwZTTikvoANiQRxq+767DhoecTCrWLlRQgJbrbTW5fn5gX1PvFwzvNyCH
HMli8RPQBaIVkbvesWJD6hCeFd4IMUNVOSwFwCTPWZBlmuGxOa20XAeu6xHMfo5m
AjfGL0tTgYvm2GKGa0TjXYg4u6WbICLPE7eBZrHg7S7I/4Y197o/mIGPVon1z12W
0f5pPetAG4ya0A+RQwiDQo5kVGF3836JbcK5ugtCivLI4RFyl11UUf6rqPSz/tYZ
I72ePjndgeqpOkcAtGhLl8ajkwRxSwgdary9u5hb52qONkGnclENifYOvUyDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUOPy7elndDzW7YCXW+kRb6BXwNEowHwYDVR0j
BBgwFoAUBtoZ9ChesE0DEHM/SsABB7czN60wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzcwYmU2Y2QtMjVkMi00ZjhiLTg4YTQtYjUxMDlmNDk0
NjJkLzEvMDZEQTE5RjQyODVFQjA0RDAzMTA3MzNGNEFDMDAxMDdCNzMzMzdBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0J0b1o5Q2hlc0UwREVITV9Tc0FCQjdj
ek42MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzcwYmU2Y2Qt
MjVkMi00ZjhiLTg4YTQtYjUxMDlmNDk0NjJkLzEvMzkzMTJlMzIzMjM4MmUzMTM2
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
W+SoMA0GCSqGSIb3DQEBCwUAA4IBAQBzHuT+wwYVARqKu0szVabn+ACh5d+tKemw
WHHneH3F7S65OWWhAqIEEVaJ0gORdaEXcZlMg3BAQzVEXLN9ORORTQOGdMWev6jl
JzGGdvEvme2jXuheq0D/UEcGLYBIE/mPiTkrdY6J3ktqzIAKK7gyozzqduiD/lvr
hpD8x8+nWKyyk5MaCzEqNLP19Gqeb0Vy8djQQKeD/0UmRY1VhmfqqKL+FOGXfrFb
GDGqLhuYoYp7MQkeaqkEyEymIjEruD+lCLGhkg2Dg7mzuivz2bwQTMt4YVIU/fh8
SdoXlmqUAk7PpBy1MKRPNEdBsSr3ewBOtNweO7/BEx089OQNapRf
-----END CERTIFICATE-----
Generated at Mon May 6 16:53:09 2024 by rpki-client on console-fra.rpki-client.org