Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/39312e3139392e3130382e302f32342d3234203d3e203630343538.roa
File: 39312e3139392e3130382e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: R43tsbjVLczvAv3j/z+nCmDKUWMmLwMhQPzDT12dWfQ=
Subject key identifier: 3A:7A:A9:64:34:4B:12:C3:65:4B:20:76:DD:64:7A:5D:30:DE:5A:5D
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 1A804F70D0D91AAE72C33A16A9EC670D2CB0D8D8
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/39312e3139392e3130382e302f32342d3234203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:17 +0000
ROA not before: Mon 03 Jun 2024 06:00:17 +0000
ROA not after: Mon 02 Jun 2025 06:05:17 +0000
asID: 60458
IP address blocks: 91.199.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:80:4f:70:d0:d9:1a:ae:72:c3:3a:16:a9:ec:67:0d:2c:b0:d8:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:17 2024 GMT
Not After : Jun 2 06:05:17 2025 GMT
Subject: CN=3A7AA964344B12C3654B2076DD647A5D30DE5A5D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ad:d2:12:a1:ed:cc:3e:8d:d9:fe:70:7e:51:
2c:46:f4:fd:2c:2b:21:98:06:b2:37:0b:30:52:7e:
77:8d:f5:85:bf:83:f8:53:ec:ec:7a:ff:16:8e:f7:
65:af:30:04:e5:ef:9d:25:8c:63:00:78:da:c9:66:
37:80:06:3e:c4:f6:26:f7:20:ca:e5:7d:ae:d6:76:
a5:6a:09:b5:88:9b:c7:94:27:8d:9c:88:f3:59:b0:
01:b3:39:5b:a2:11:27:2c:ba:36:24:4b:99:d4:d3:
21:83:13:12:28:21:fa:06:f9:e8:77:be:f8:ea:a5:
82:75:a6:74:7f:b8:ca:9a:37:a1:87:ef:d3:a9:e6:
90:c1:d0:ad:7a:f8:a6:c8:1c:76:af:b6:0f:ba:f4:
c9:f1:5c:be:74:9e:6a:46:a8:ab:00:80:73:9f:29:
3b:3d:3a:1e:08:fe:db:8c:49:87:28:c5:b0:4b:1d:
44:8c:8a:62:ed:da:78:f5:c6:8f:0e:67:50:8b:2a:
63:5e:62:12:9a:59:02:93:cb:93:b5:73:00:52:a1:
c6:71:b0:c9:b9:df:de:dd:ba:d6:0a:e7:e8:de:f5:
8b:40:04:e7:4a:3e:d6:99:13:c4:5f:5e:9d:a9:77:
1e:b9:98:9e:26:a8:da:c9:3e:c2:fc:70:94:63:22:
2a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:7A:A9:64:34:4B:12:C3:65:4B:20:76:DD:64:7A:5D:30:DE:5A:5D
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/39312e3139392e3130382e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.108.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:1f:18:77:e8:d6:d0:f7:88:3b:5e:b5:b0:26:f9:8b:9a:c5:
72:64:19:f1:96:18:fc:09:d8:b5:03:68:55:9b:45:91:42:fd:
94:17:15:3a:31:d3:40:4f:40:04:db:3e:be:32:51:b5:db:2e:
8a:cd:e6:d8:fc:36:5d:6d:03:46:56:a1:d9:29:ac:02:4c:df:
76:50:b7:e6:cc:19:80:47:11:1b:15:80:46:dc:a8:d0:02:60:
be:5a:c8:ac:57:74:67:c6:24:9f:f0:96:9b:6b:5c:6a:2b:f3:
14:98:b0:a6:b0:ff:9d:bc:88:1d:3b:b3:59:7a:1c:56:92:78:
a7:09:c9:b7:66:05:3f:a2:5c:09:bb:c7:9c:97:97:bd:42:f9:
95:f8:d2:8c:ea:c1:e8:5a:43:39:c3:46:94:31:ee:d4:e1:f1:
00:bc:82:e9:2e:40:92:06:10:67:87:13:6c:16:93:80:18:1b:
7c:8e:32:93:7e:de:34:27:c0:a5:58:51:91:d7:36:c8:25:21:
d5:44:89:8b:9d:b0:db:0b:e1:fa:38:c1:f4:fd:f2:72:d8:5c:
26:e9:54:64:b4:43:ba:ba:b5:46:1e:f5:5f:58:55:f6:9d:22:
9c:09:fd:4e:8a:24:8a:62:c0:7b:51:fa:cf:dc:c6:65:18:4f:
32:dc:10:7c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGoBPcNDZGq5ywzoWqexnDSyw2NgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTdaFw0yNTA2MDIwNjA1MTdaMDMxMTAvBgNV
BAMTKDNBN0FBOTY0MzQ0QjEyQzM2NTRCMjA3NkRENjQ3QTVEMzBERTVBNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkrdISoe3MPo3Z/nB+USxG9P0s
KyGYBrI3CzBSfneN9YW/g/hT7Ox6/xaO92WvMATl750ljGMAeNrJZjeABj7E9ib3
IMrlfa7WdqVqCbWIm8eUJ42ciPNZsAGzOVuiEScsujYkS5nU0yGDExIoIfoG+eh3
vvjqpYJ1pnR/uMqaN6GH79Op5pDB0K16+KbIHHavtg+69MnxXL50nmpGqKsAgHOf
KTs9Oh4I/tuMSYcoxbBLHUSMimLt2nj1xo8OZ1CLKmNeYhKaWQKTy5O1cwBSocZx
sMm5397dutYK5+je9YtABOdKPtaZE8RfXp2pdx65mJ4mqNrJPsL8cJRjIipBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUOnqpZDRLEsNlSyB23WR6XTDeWl0wHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzkzMTJlMzEzOTM5MmUzMTMw
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
W8dsMA0GCSqGSIb3DQEBCwUAA4IBAQDJHxh36NbQ94g7XrWwJvmLmsVyZBnxlhj8
Cdi1A2hVm0WRQv2UFxU6MdNAT0AE2z6+MlG12y6KzebY/DZdbQNGVqHZKawCTN92
ULfmzBmARxEbFYBG3KjQAmC+WsisV3RnxiSf8Jaba1xqK/MUmLCmsP+dvIgdO7NZ
ehxWkninCcm3ZgU/olwJu8ecl5e9QvmV+NKM6sHoWkM5w0aUMe7U4fEAvILpLkCS
BhBnhxNsFpOAGBt8jjKTft40J8ClWFGR1zbIJSHVRImLnbDbC+H6OMH0/fJy2Fwm
6VRktEO6urVGHvVfWFX2nSKcCf1OiiSKYsB7UfrP3MZlGE8y3BB8
-----END CERTIFICATE-----
Generated at Sun Nov 24 17:29:06 2024 by rpki-client on console-fra.rpki-client.org