Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/39312e3139392e3130322e302f32342d3234203d3e203630343538.roa
File: 39312e3139392e3130322e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: hoVGz6we0idfmbwuMYKFqPErm+0++GkzBotqgp1S6/c=
Subject key identifier: F8:C5:8D:26:DD:C4:4F:07:62:73:F2:33:5C:A3:16:07:3E:F8:98:16
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 52F18B988B669704284E6780AAAA4B3A6A6068A3
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/39312e3139392e3130322e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:18 +0000
ROA not before: Mon 03 Jun 2024 06:00:18 +0000
ROA not after: Mon 02 Jun 2025 06:05:18 +0000
asID: 60458
IP address blocks: 91.199.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:f1:8b:98:8b:66:97:04:28:4e:67:80:aa:aa:4b:3a:6a:60:68:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:18 2024 GMT
Not After : Jun 2 06:05:18 2025 GMT
Subject: CN=F8C58D26DDC44F076273F2335CA316073EF89816
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cf:18:b9:4d:47:c2:17:ca:c1:9c:92:80:90:
47:3a:70:29:7f:4d:e6:0e:b0:2e:cd:fd:08:99:a2:
b8:fa:40:f1:6a:6e:cb:87:81:32:83:98:b3:13:ee:
a1:65:51:89:88:66:26:69:5f:8c:44:a0:90:99:19:
80:4a:ec:44:ce:7c:08:dc:02:e1:dc:b6:90:1f:83:
1c:25:01:6d:e2:ef:ae:2a:fd:73:ba:4c:c7:35:cd:
95:7c:25:63:67:3d:47:79:af:59:72:a8:b1:5a:6e:
cc:42:d2:da:d9:ee:a5:cb:17:39:e4:39:9b:5e:07:
07:fc:cb:26:7b:10:10:90:c5:c3:b4:b3:e5:6c:0e:
69:a5:d8:db:db:38:dd:80:a0:27:b0:1d:0d:fe:c7:
b9:ec:4f:d1:da:bf:62:7a:82:6c:9a:77:d6:65:ce:
49:44:b5:d3:f6:76:06:8a:8f:55:a9:37:92:b1:59:
ab:99:60:5f:0f:69:1d:8d:53:bc:2b:00:f6:bc:c2:
3f:50:89:db:a8:91:84:c8:91:28:b0:ee:7d:b4:bb:
9d:9d:c6:8a:61:11:b4:f3:c9:fe:e2:89:b4:4e:ba:
9d:67:7a:4c:67:b7:b3:71:2e:c0:0d:45:91:09:71:
4a:b8:fc:a0:8d:75:eb:0f:0a:de:5f:a9:af:6d:44:
16:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:C5:8D:26:DD:C4:4F:07:62:73:F2:33:5C:A3:16:07:3E:F8:98:16
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/39312e3139392e3130322e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.102.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:c0:52:82:47:f7:13:a3:16:c2:ee:df:bf:84:fe:8d:0d:3f:
5e:b9:6d:43:4d:19:ad:e3:d4:10:54:a8:15:0f:4a:dd:30:e2:
26:5e:2e:f4:1c:f6:b2:4b:f3:84:9d:5a:79:33:69:83:87:6a:
4c:7e:53:28:21:4f:bd:45:64:3f:52:ae:4b:d6:dc:43:a9:5e:
22:f7:19:a9:b6:a2:65:ca:f7:dc:d3:05:fd:a5:a4:08:d8:0f:
1b:91:f8:85:d7:2e:87:18:28:51:37:78:c2:f7:e5:7b:f2:50:
64:b3:25:a3:9c:1c:96:64:47:eb:fd:66:3a:2d:a7:02:e2:88:
ca:9b:bb:db:90:21:9a:c1:6e:89:06:0f:ce:4f:aa:8c:cb:a8:
68:b2:2d:94:01:80:a9:0c:9c:09:c6:b9:fe:13:81:f6:6e:b0:
63:6c:bd:ba:07:ef:02:8e:8d:81:82:d8:b1:93:f7:a6:23:d5:
1b:1e:fc:b3:a0:48:2b:e2:67:b4:aa:70:f1:94:d6:e0:26:67:
75:d9:40:a7:ca:d1:73:28:a4:f3:de:d5:a0:0a:69:11:96:77:
c1:fe:5e:82:f2:ca:0b:0e:78:88:fe:d3:3c:ea:ad:88:47:cf:
49:91:58:57:19:11:ec:ec:8e:72:1a:9d:ab:0b:04:39:6d:e5:
9c:2f:7f:9c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUvGLmItmlwQoTmeAqqpLOmpgaKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMThaFw0yNTA2MDIwNjA1MThaMDMxMTAvBgNV
BAMTKEY4QzU4RDI2RERDNDRGMDc2MjczRjIzMzVDQTMxNjA3M0VGODk4MTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzzxi5TUfCF8rBnJKAkEc6cCl/
TeYOsC7N/QiZorj6QPFqbsuHgTKDmLMT7qFlUYmIZiZpX4xEoJCZGYBK7ETOfAjc
AuHctpAfgxwlAW3i764q/XO6TMc1zZV8JWNnPUd5r1lyqLFabsxC0trZ7qXLFznk
OZteBwf8yyZ7EBCQxcO0s+VsDmml2NvbON2AoCewHQ3+x7nsT9Hav2J6gmyad9Zl
zklEtdP2dgaKj1WpN5KxWauZYF8PaR2NU7wrAPa8wj9QiduokYTIkSiw7n20u52d
xophEbTzyf7iibROup1nekxnt7NxLsANRZEJcUq4/KCNdesPCt5fqa9tRBZRAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU+MWNJt3ETwdic/IzXKMWBz74mBYwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzkzMTJlMzEzOTM5MmUzMTMw
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
W8dmMA0GCSqGSIb3DQEBCwUAA4IBAQDTwFKCR/cToxbC7t+/hP6NDT9euW1DTRmt
49QQVKgVD0rdMOImXi70HPayS/OEnVp5M2mDh2pMflMoIU+9RWQ/Uq5L1txDqV4i
9xmptqJlyvfc0wX9paQI2A8bkfiF1y6HGChRN3jC9+V78lBksyWjnByWZEfr/WY6
LacC4ojKm7vbkCGawW6JBg/OT6qMy6hosi2UAYCpDJwJxrn+E4H2brBjbL26B+8C
jo2Bgtixk/emI9UbHvyzoEgr4me0qnDxlNbgJmd12UCnytFzKKTz3tWgCmkRlnfB
/l6C8soLDniI/tM86q2IR89JkVhXGRHs7I5yGp2rCwQ5beWcL3+c
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org