Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/56ae2182-288d-4ffb-8af9-8c2bcac1979a/0/37392e39392e32342e302f32322d3233203d3e203232373831.roa
File: 37392e39392e32342e302f32322d3233203d3e203232373831.roa (raw, json)
Hash identifier: 4Ktbj5SztfEsL71dp37p3H1Z6Fya0yT2ZD5LMSBbcCU=
Subject key identifier: 88:0F:3D:6B:8F:E5:12:14:01:6D:4A:9A:EC:49:94:CD:98:46:6F:47
Certificate issuer: /CN=d7be9d3520750ef280e734f41346d051c8b2f524
Certificate serial: 7053B6720C4D2FB39F08B2D9E51D4AD34139D078
Authority key identifier: D7:BE:9D:35:20:75:0E:F2:80:E7:34:F4:13:46:D0:51:C8:B2:F5:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/176dNSB1DvKA5zT0E0bQUciy9SQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/56ae2182-288d-4ffb-8af9-8c2bcac1979a/0/37392e39392e32342e302f32322d3233203d3e203232373831.roa
Signing time: Mon 11 Dec 2023 22:47:05 +0000
ROA not before: Mon 11 Dec 2023 22:42:05 +0000
ROA not after: Mon 09 Dec 2024 22:47:05 +0000
asID: 22781
IP address blocks: 79.99.24.0/22 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/56ae2182-288d-4ffb-8af9-8c2bcac1979a/0/D7BE9D3520750EF280E734F41346D051C8B2F524.crl
rsync://rsync.paas.rpki.ripe.net/repository/56ae2182-288d-4ffb-8af9-8c2bcac1979a/0/D7BE9D3520750EF280E734F41346D051C8B2F524.mft
rsync://rpki.ripe.net/repository/DEFAULT/176dNSB1DvKA5zT0E0bQUciy9SQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:53:b6:72:0c:4d:2f:b3:9f:08:b2:d9:e5:1d:4a:d3:41:39:d0:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7be9d3520750ef280e734f41346d051c8b2f524
Validity
Not Before: Dec 11 22:42:05 2023 GMT
Not After : Dec 9 22:47:05 2024 GMT
Subject: CN=880F3D6B8FE51214016D4A9AEC4994CD98466F47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ca:aa:5a:07:cd:9b:f0:c5:03:8b:fd:4c:6b:
29:7f:5b:71:10:7f:b6:1c:60:77:ac:09:b7:71:88:
b1:31:e9:4b:2b:4d:1d:d4:6b:ed:7c:05:48:ae:7e:
d3:7a:3f:d5:21:4b:7a:ae:d2:42:66:d8:e3:9e:e2:
0d:87:a4:12:86:e7:23:49:3c:51:ca:5e:71:c0:d7:
c5:fb:f1:c3:75:e4:fa:3b:d2:4b:54:10:b3:64:6f:
e2:bb:49:70:15:89:a1:91:42:38:8f:ef:59:30:a5:
13:06:0b:40:d7:3e:2b:3a:6f:83:1a:81:d4:04:a1:
a9:97:f6:1e:70:22:05:69:c8:92:c2:f8:7d:7a:1e:
ae:98:f9:0b:f6:e5:26:3c:c6:d8:de:dd:5a:19:90:
93:3e:8c:65:df:84:86:dc:41:f1:b2:67:74:61:ef:
1f:2b:06:45:67:47:56:fa:12:8b:92:25:60:22:34:
65:d2:e2:f2:90:5d:13:fb:8b:1e:40:a4:25:ba:85:
84:25:90:c8:17:a8:e5:7a:1e:73:fb:41:cf:32:67:
43:35:fd:6a:f7:8b:76:c9:e9:a7:23:12:9a:6c:00:
05:ae:da:d1:c3:76:c8:d8:33:20:8d:fe:a4:e8:3f:
98:84:90:90:a9:92:c0:5c:02:42:4c:79:68:45:33:
fa:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:0F:3D:6B:8F:E5:12:14:01:6D:4A:9A:EC:49:94:CD:98:46:6F:47
X509v3 Authority Key Identifier:
keyid:D7:BE:9D:35:20:75:0E:F2:80:E7:34:F4:13:46:D0:51:C8:B2:F5:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/56ae2182-288d-4ffb-8af9-8c2bcac1979a/0/D7BE9D3520750EF280E734F41346D051C8B2F524.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/176dNSB1DvKA5zT0E0bQUciy9SQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/56ae2182-288d-4ffb-8af9-8c2bcac1979a/0/37392e39392e32342e302f32322d3233203d3e203232373831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.99.24.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:89:f9:49:45:d4:77:f7:68:99:06:ed:bb:9f:5c:96:58:40:
c0:db:a3:bf:92:a4:92:7a:d5:8e:17:0a:67:c9:20:57:f1:3a:
e3:31:d8:2f:21:f1:b7:ee:9d:86:69:44:bb:d0:6c:d6:ee:0d:
29:73:1b:04:61:ea:69:a4:65:f0:eb:12:75:db:a2:d5:15:99:
25:fa:6d:ec:c4:8f:e1:52:0e:30:76:8e:c4:80:dd:73:b1:d7:
cc:9b:47:ea:94:ff:47:b2:7b:63:e9:74:38:aa:45:07:cf:05:
17:d9:f0:74:1c:88:d6:2f:48:da:ea:bb:a6:12:39:57:60:fe:
f2:a4:90:c0:27:19:f4:25:11:09:2d:c4:ca:b8:b6:22:9c:b0:
1d:f3:6f:1d:81:c5:ed:aa:cd:ba:5f:a6:46:a6:93:24:31:16:
28:3e:3b:a6:44:a9:6d:93:b4:cb:cb:f3:ef:5d:c6:a9:eb:1d:
11:0e:6c:a6:15:d2:dd:d8:7f:d4:9f:43:19:f7:31:00:04:61:
5e:87:cc:87:36:e2:7a:75:e4:3c:d4:d6:a1:e6:c2:03:66:a8:
78:aa:2a:2e:15:0d:80:21:f0:8a:fe:fe:82:a2:c1:46:e3:e3:
6e:b5:b0:92:79:36:fd:cd:ad:65:f2:3a:47:65:f0:90:63:7c:
fb:7b:05:83
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUcFO2cgxNL7OfCLLZ5R1K00E50HgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDdiZTlkMzUyMDc1MGVmMjgwZTczNGY0MTM0NmQwNTFj
OGIyZjUyNDAeFw0yMzEyMTEyMjQyMDVaFw0yNDEyMDkyMjQ3MDVaMDMxMTAvBgNV
BAMTKDg4MEYzRDZCOEZFNTEyMTQwMTZENEE5QUVDNDk5NENEOTg0NjZGNDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQyqpaB82b8MUDi/1Mayl/W3EQ
f7YcYHesCbdxiLEx6UsrTR3Ua+18BUiuftN6P9UhS3qu0kJm2OOe4g2HpBKG5yNJ
PFHKXnHA18X78cN15Po70ktUELNkb+K7SXAViaGRQjiP71kwpRMGC0DXPis6b4Ma
gdQEoamX9h5wIgVpyJLC+H16Hq6Y+Qv25SY8xtje3VoZkJM+jGXfhIbcQfGyZ3Rh
7x8rBkVnR1b6EouSJWAiNGXS4vKQXRP7ix5ApCW6hYQlkMgXqOV6HnP7Qc8yZ0M1
/Wr3i3bJ6acjEppsAAWu2tHDdsjYMyCN/qToP5iEkJCpksBcAkJMeWhFM/rvAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUiA89a4/lEhQBbUqa7EmUzZhGb0cwHwYDVR0j
BBgwFoAU176dNSB1DvKA5zT0E0bQUciy9SQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTZhZTIxODItMjg4ZC00ZmZiLThhZjktOGMyYmNhYzE5
NzlhLzAvRDdCRTlEMzUyMDc1MEVGMjgwRTczNEY0MTM0NkQwNTFDOEIyRjUyNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE3NmROU0IxRHZLQTV6VDBFMGJRVWNp
eTlTUS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNTZhZTIxODIt
Mjg4ZC00ZmZiLThhZjktOGMyYmNhYzE5NzlhLzAvMzczOTJlMzkzOTJlMzIzNDJl
MzAyZjMyMzIyZDMyMzMyMDNkM2UyMDMyMzIzNzM4MzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJPYxgw
DQYJKoZIhvcNAQELBQADggEBALiJ+UlF1Hf3aJkG7bufXJZYQMDbo7+SpJJ61Y4X
CmfJIFfxOuMx2C8h8bfunYZpRLvQbNbuDSlzGwRh6mmkZfDrEnXbotUVmSX6bezE
j+FSDjB2jsSA3XOx18ybR+qU/0eye2PpdDiqRQfPBRfZ8HQciNYvSNrqu6YSOVdg
/vKkkMAnGfQlEQktxMq4tiKcsB3zbx2Bxe2qzbpfpkamkyQxFig+O6ZEqW2TtMvL
8+9dxqnrHREObKYV0t3Yf9SfQxn3MQAEYV6HzIc24np15DzU1qHmwgNmqHiqKi4V
DYAh8Ir+/oKiwUbj4261sJJ5Nv3NrWXyOkdl8JBjfPt7BYM=
-----END CERTIFICATE-----
Generated at Sun May 19 04:22:22 2024 by rpki-client on console-fra.rpki-client.org