Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/39312e3139392e3130322e302f32342d3234203d3e203630343538.roa
File: 39312e3139392e3130322e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: pZYe+Icr14zX8GPR5SEM0hurzdvHBtgRw9dAOnXGFtw=
Subject key identifier: 0B:78:20:DA:97:E6:33:C4:82:53:B1:B2:9D:85:F8:99:2E:3D:7F:FF
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 1E7FF7D30C2BC5E72CD6F362563D398C852D530A
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/39312e3139392e3130322e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jul 2023 05:42:07 +0000
ROA not before: Mon 03 Jul 2023 05:37:07 +0000
ROA not after: Mon 01 Jul 2024 05:42:07 +0000
asID: 60458
IP address blocks: 91.199.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:7f:f7:d3:0c:2b:c5:e7:2c:d6:f3:62:56:3d:39:8c:85:2d:53:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jul 3 05:37:07 2023 GMT
Not After : Jul 1 05:42:07 2024 GMT
Subject: CN=0B7820DA97E633C48253B1B29D85F8992E3D7FFF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:15:bb:6b:81:1c:08:82:10:e4:38:0d:6a:53:
c2:1a:75:49:f6:e3:3a:8e:97:fa:76:73:a0:c3:cf:
78:35:bf:90:27:61:9c:28:15:b9:67:66:fa:07:80:
0d:06:97:f5:23:d7:ee:57:a6:ae:1d:ae:24:18:1e:
e1:76:22:b1:67:d7:b4:2e:bd:de:03:bb:be:1a:8d:
52:10:58:50:bd:b7:af:33:fa:b6:75:2f:34:84:24:
21:cc:d7:c7:a9:5b:61:34:bb:42:c9:d7:94:65:33:
3c:74:0a:4d:e4:3e:8d:ad:a4:d1:d0:5b:bd:fb:73:
d7:73:95:67:cb:a1:46:76:da:26:b9:98:cd:b2:83:
13:ee:ae:08:de:d6:03:32:5e:21:e6:ac:a7:9f:da:
9d:1f:1e:18:0e:f4:2f:b2:7d:57:7c:28:d2:35:97:
28:3a:ee:81:b5:d3:dd:fb:79:35:59:c4:bd:37:aa:
73:d6:d0:65:ed:cf:28:63:2a:5b:33:6b:59:e8:fd:
e3:55:c5:12:c9:5a:4d:8d:02:7b:c6:b6:d6:b2:a7:
e9:f9:ce:38:70:83:ca:86:da:49:5f:6f:da:63:0a:
0b:b7:ef:28:4f:e6:f9:28:e3:b0:e6:c0:39:d1:18:
64:e1:0e:96:5c:49:6f:11:01:02:9f:a3:a9:74:3a:
8a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:78:20:DA:97:E6:33:C4:82:53:B1:B2:9D:85:F8:99:2E:3D:7F:FF
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/39312e3139392e3130322e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.102.0/24
Signature Algorithm: sha256WithRSAEncryption
82:81:fa:6d:ea:a9:64:5e:b2:a9:6e:58:f2:e4:61:ac:1c:95:
79:a6:b1:4d:c7:50:bd:46:91:48:fc:14:36:a3:f5:9c:b1:9a:
35:78:3d:0e:8f:cc:c2:9e:aa:0a:12:78:ac:b4:3d:d4:8a:f3:
7a:f5:25:f3:d5:e1:05:60:35:8c:5f:2e:ea:b7:d4:2f:83:57:
6e:d0:cf:5e:fb:3c:a5:4b:32:ef:cd:cf:d5:75:85:2c:5b:dd:
f5:94:7f:95:12:30:5e:f9:9c:fb:4d:f4:0f:d7:84:1b:98:5e:
65:71:f6:b8:b2:77:53:23:cb:c1:27:5b:0e:4e:d7:de:ed:cc:
57:7e:48:d1:f1:cf:98:eb:75:a7:15:69:99:5c:fc:81:fb:4a:
32:d9:20:9d:ba:e8:d9:49:2f:4c:d8:7b:e4:4c:63:fe:a8:52:
9f:da:fb:d0:16:55:ce:d2:70:cf:6f:b4:63:62:7e:aa:05:cf:
b1:88:ac:11:7e:60:59:67:f0:a0:64:cb:9d:06:56:8b:8b:ab:
0a:a3:e5:50:c2:61:b1:bc:80:87:4c:15:c8:05:5b:d8:e0:65:
a7:23:63:a1:61:ac:85:ab:61:4a:65:26:a0:f8:17:30:4d:55:
6b:63:dc:ce:f9:1d:30:f9:d5:39:c9:0f:7c:17:dd:4e:e7:74:
51:77:a9:ad
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHn/30wwrxecs1vNiVj05jIUtUwowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yMzA3MDMwNTM3MDdaFw0yNDA3MDEwNTQyMDdaMDMxMTAvBgNV
BAMTKDBCNzgyMERBOTdFNjMzQzQ4MjUzQjFCMjlEODVGODk5MkUzRDdGRkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXFbtrgRwIghDkOA1qU8IadUn2
4zqOl/p2c6DDz3g1v5AnYZwoFblnZvoHgA0Gl/Uj1+5Xpq4driQYHuF2IrFn17Qu
vd4Du74ajVIQWFC9t68z+rZ1LzSEJCHM18epW2E0u0LJ15RlMzx0Ck3kPo2tpNHQ
W737c9dzlWfLoUZ22ia5mM2ygxPurgje1gMyXiHmrKef2p0fHhgO9C+yfVd8KNI1
lyg67oG10937eTVZxL03qnPW0GXtzyhjKlsza1no/eNVxRLJWk2NAnvGttayp+n5
zjhwg8qG2klfb9pjCgu37yhP5vko47DmwDnRGGThDpZcSW8RAQKfo6l0Oor3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUC3gg2pfmM8SCU7GynYX4mS49f/8wHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzkzMTJlMzEzOTM5MmUzMTMw
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
W8dmMA0GCSqGSIb3DQEBCwUAA4IBAQCCgfpt6qlkXrKpbljy5GGsHJV5prFNx1C9
RpFI/BQ2o/WcsZo1eD0Oj8zCnqoKEnistD3UivN69SXz1eEFYDWMXy7qt9Qvg1du
0M9e+zylSzLvzc/VdYUsW931lH+VEjBe+Zz7TfQP14QbmF5lcfa4sndTI8vBJ1sO
Ttfe7cxXfkjR8c+Y63WnFWmZXPyB+0oy2SCduujZSS9M2HvkTGP+qFKf2vvQFlXO
0nDPb7RjYn6qBc+xiKwRfmBZZ/CgZMudBlaLi6sKo+VQwmGxvICHTBXIBVvY4GWn
I2OhYayFq2FKZSag+BcwTVVrY9zO+R0w+dU5yQ98F91O53RRd6mt
-----END CERTIFICATE-----
Generated at Sun May 5 05:22:02 2024 by rpki-client on console-fra.rpki-client.org