Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/39312e3139392e3130382e302f32342d3234203d3e203630343538.roa
File: 39312e3139392e3130382e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: +53q9egaNQe3ojh80prLCjLmWi/eWJixICgQMa0yoqo=
Subject key identifier: 16:C3:7C:9C:EA:FF:FB:7B:0D:E4:D7:6D:1D:EC:EC:29:F6:7F:4A:AA
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 450BE64671B79E32B6C421A12C19034B5CADB373
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/39312e3139392e3130382e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jul 2023 05:42:00 +0000
ROA not before: Mon 03 Jul 2023 05:37:00 +0000
ROA not after: Mon 01 Jul 2024 05:42:00 +0000
asID: 60458
IP address blocks: 91.199.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:0b:e6:46:71:b7:9e:32:b6:c4:21:a1:2c:19:03:4b:5c:ad:b3:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jul 3 05:37:00 2023 GMT
Not After : Jul 1 05:42:00 2024 GMT
Subject: CN=16C37C9CEAFFFB7B0DE4D76D1DECEC29F67F4AAA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3a:b8:39:59:f1:18:80:27:83:1f:c6:e6:1f:
72:11:c1:cc:89:5d:4d:7b:bf:ba:f8:47:58:10:9d:
8e:a7:c4:af:0b:66:1d:03:f9:e4:45:a7:7f:fc:14:
ba:69:9f:99:e8:8b:77:b1:f4:21:71:05:72:92:e7:
ba:46:ba:4c:4a:c6:81:e0:0d:68:2d:d9:d3:60:0f:
19:f9:9d:86:05:26:22:9c:c0:9b:df:fb:10:03:c1:
7f:5d:26:87:17:23:ab:53:a5:01:c8:b9:a0:db:c5:
7c:9a:79:26:98:47:05:3f:8b:e8:76:a2:02:e1:c7:
12:e8:4d:08:dd:dc:5d:8d:aa:8f:fe:47:d7:63:6e:
eb:93:d0:b2:10:06:b0:55:23:5c:99:28:df:51:ab:
8f:57:62:9e:fc:7a:f1:d7:05:19:78:7b:00:da:8b:
46:60:0f:ca:e1:5f:ff:5b:38:e5:fa:de:e7:ff:93:
70:c6:31:c4:11:6a:b9:fe:b4:9f:f2:b9:e6:a4:46:
d7:84:d5:ee:18:61:6d:5e:98:01:9e:4c:cd:0b:02:
c4:91:cf:5d:15:98:a3:84:86:a8:d1:61:98:c1:b8:
64:e8:15:98:48:6a:68:89:4a:8e:9a:17:bd:d6:25:
5d:f0:64:85:87:dc:77:33:d4:57:45:10:9a:59:59:
47:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:C3:7C:9C:EA:FF:FB:7B:0D:E4:D7:6D:1D:EC:EC:29:F6:7F:4A:AA
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/39312e3139392e3130382e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.108.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:df:0a:7c:50:18:fe:d7:81:1e:30:fd:3a:6d:1e:6b:cc:25:
1f:d3:08:e7:75:c9:61:6d:c7:21:b8:c6:ba:c4:1f:c6:9b:0d:
2a:e3:77:2e:38:3b:41:fb:a3:4e:49:a6:c2:20:85:a9:26:da:
d3:0e:8e:a8:00:30:cf:4a:9f:42:42:b7:7c:f4:aa:0e:3d:fb:
98:14:58:6e:cb:7b:f9:0e:b9:04:e4:a8:e5:24:fb:93:43:52:
1b:cf:bd:fc:df:04:7f:69:42:57:26:94:7c:91:83:a9:6b:27:
ec:8a:ce:c5:37:3f:38:fd:cd:32:38:95:93:74:4c:81:43:2e:
1e:69:08:cf:4a:ff:38:76:f5:9d:63:13:f9:f0:ae:8c:83:9b:
a6:6f:3a:8f:3f:8f:28:df:b8:49:5c:17:b3:ec:76:69:21:c3:
15:d2:90:8a:9f:d8:6e:1a:a4:f4:d9:f0:6e:5a:9a:d0:91:0d:
a5:46:e0:cc:18:16:2b:0a:4f:13:54:53:30:59:5d:9d:17:bd:
ed:59:1c:c3:87:92:8e:ff:45:55:97:15:25:fb:1c:de:b2:bc:
a1:6a:4a:ad:b3:d1:e1:95:8d:a7:a7:1f:38:76:1b:80:42:f3:
de:f6:23:28:73:8f:38:d9:3d:68:d5:57:72:3d:b6:2b:36:84:
16:f7:37:6c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURQvmRnG3njK2xCGhLBkDS1yts3MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yMzA3MDMwNTM3MDBaFw0yNDA3MDEwNTQyMDBaMDMxMTAvBgNV
BAMTKDE2QzM3QzlDRUFGRkZCN0IwREU0RDc2RDFERUNFQzI5RjY3RjRBQUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXOrg5WfEYgCeDH8bmH3IRwcyJ
XU17v7r4R1gQnY6nxK8LZh0D+eRFp3/8FLppn5noi3ex9CFxBXKS57pGukxKxoHg
DWgt2dNgDxn5nYYFJiKcwJvf+xADwX9dJocXI6tTpQHIuaDbxXyaeSaYRwU/i+h2
ogLhxxLoTQjd3F2Nqo/+R9djbuuT0LIQBrBVI1yZKN9Rq49XYp78evHXBRl4ewDa
i0ZgD8rhX/9bOOX63uf/k3DGMcQRarn+tJ/yueakRteE1e4YYW1emAGeTM0LAsSR
z10VmKOEhqjRYZjBuGToFZhIamiJSo6aF73WJV3wZIWH3Hcz1FdFEJpZWUftAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUFsN8nOr/+3sN5NdtHezsKfZ/SqowHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzkzMTJlMzEzOTM5MmUzMTMw
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
W8dsMA0GCSqGSIb3DQEBCwUAA4IBAQDX3wp8UBj+14EeMP06bR5rzCUf0wjndclh
bcchuMa6xB/Gmw0q43cuODtB+6NOSabCIIWpJtrTDo6oADDPSp9CQrd89KoOPfuY
FFhuy3v5DrkE5KjlJPuTQ1Ibz7383wR/aUJXJpR8kYOpayfsis7FNz84/c0yOJWT
dEyBQy4eaQjPSv84dvWdYxP58K6Mg5umbzqPP48o37hJXBez7HZpIcMV0pCKn9hu
GqT02fBuWprQkQ2lRuDMGBYrCk8TVFMwWV2dF73tWRzDh5KO/0VVlxUl+xzesryh
akqts9HhlY2npx84dhuAQvPe9iMoc4842T1o1VdyPbYrNoQW9zds
-----END CERTIFICATE-----
Generated at Mon May 6 01:08:53 2024 by rpki-client on console-fra.rpki-client.org