Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132342e302f32342d3234203d3e203534333339.roa
File: 37382e32342e3132342e302f32342d3234203d3e203534333339.roa (raw, json)
Hash identifier: oW38565ILIlqFNoVZFzMb6Kfzz1ggNiqsrLP9yBoxEc=
Subject key identifier: B6:68:AC:52:CD:88:B8:07:BD:36:3B:44:25:56:7D:36:A3:D7:55:C3
Certificate issuer: /CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Certificate serial: 47BECFFF32B40B1EF73AFCBD88211846A1B231C0
Authority key identifier: D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132342e302f32342d3234203d3e203534333339.roa
Signing time: Wed 27 Sep 2023 14:35:35 +0000
ROA not before: Wed 27 Sep 2023 14:30:35 +0000
ROA not after: Wed 25 Sep 2024 14:35:35 +0000
asID: 54339
IP address blocks: 78.24.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl
rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.mft
rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:be:cf:ff:32:b4:0b:1e:f7:3a:fc:bd:88:21:18:46:a1:b2:31:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Validity
Not Before: Sep 27 14:30:35 2023 GMT
Not After : Sep 25 14:35:35 2024 GMT
Subject: CN=B668AC52CD88B807BD363B4425567D36A3D755C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:41:fa:97:bf:01:e2:5d:9a:08:e4:7b:56:c8:
84:24:d4:78:63:e1:98:60:11:35:59:2c:f0:24:28:
74:f8:16:5e:a2:6a:bc:85:a1:2e:a3:01:79:2a:65:
c3:17:56:55:ec:df:c5:6f:8a:17:69:7b:ff:ef:b6:
41:b7:87:73:76:54:b5:9c:4b:51:9e:06:1d:d7:7b:
ce:d5:fb:b1:46:46:20:2a:70:97:ae:4c:76:51:d3:
b6:b6:6d:be:ba:d5:9b:62:9f:32:b6:27:63:5f:8c:
1d:d1:a6:8d:6b:a1:bc:d1:01:c0:58:90:2c:4d:61:
d3:be:01:da:fe:cb:ab:5f:36:88:9c:db:f2:f2:85:
43:4f:fa:41:a9:7e:85:9c:df:77:8b:2d:00:31:bf:
4c:4b:eb:aa:b2:f4:2d:e5:93:56:ab:cd:4d:82:70:
b5:28:d2:df:cc:55:37:45:56:4e:ef:51:95:49:f5:
05:bb:b7:aa:4b:32:78:1a:ff:68:51:de:ae:1e:c0:
c2:2f:4e:4d:1f:4b:1d:2f:ec:e3:dd:84:81:43:dc:
5b:b6:45:75:01:c3:19:7d:cb:4d:d4:ea:64:2b:f3:
d2:b2:cd:5c:7f:38:64:c7:04:15:ba:cd:f7:24:7b:
1f:a0:4f:12:0d:27:fc:c4:3e:9e:6d:07:d2:8b:22:
62:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:68:AC:52:CD:88:B8:07:BD:36:3B:44:25:56:7D:36:A3:D7:55:C3
X509v3 Authority Key Identifier:
keyid:D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132342e302f32342d3234203d3e203534333339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.124.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:7a:da:22:86:ea:28:3f:d4:6f:95:c3:94:9c:28:43:cf:3c:
79:75:26:ea:86:41:59:89:da:0c:c4:6e:bc:22:99:fb:dc:2b:
85:6b:df:8d:fc:3f:a0:ae:51:56:7b:22:de:d5:89:8e:60:43:
4a:bf:bb:1c:37:10:df:3e:33:bb:ea:5c:91:c2:2d:76:2d:4b:
c6:35:7b:73:35:4b:93:f3:66:04:3c:9e:47:14:3d:b0:b2:1a:
13:52:e5:19:c4:9d:f6:51:c6:ec:b0:23:4a:35:ef:74:b3:d7:
bc:fe:7b:b3:ec:7f:1f:62:0e:23:f0:af:88:30:f6:2a:5d:ce:
0b:84:d3:51:dd:34:34:a9:32:c5:e1:16:88:3f:47:ad:f6:12:
37:77:c4:01:fd:ae:dd:9d:c7:39:d7:ba:9a:54:d4:98:b2:e2:
cc:f7:99:bc:07:59:7d:f8:6c:bd:58:c0:13:94:b0:41:ac:c8:
42:48:a1:f9:74:0d:69:bc:9c:f5:ca:cd:ae:13:9f:f3:b0:a1:
64:a8:35:a0:91:01:f7:14:12:cb:bb:ba:4e:6a:b2:b6:7a:10:
20:82:3c:02:cb:cc:d2:c2:8e:84:33:a8:fa:e2:2f:a2:0f:a4:
92:24:44:83:6d:d3:3e:df:b6:0d:f6:80:8b:18:70:d8:79:39:
b9:f0:4d:91
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUR77P/zK0Cx73Ovy9iCEYRqGyMcAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDAxYmEwMTNiYzFlNmQ4NmYwZDZkNThlYWZhNTRlMjdm
YWRhMzQ0NDAeFw0yMzA5MjcxNDMwMzVaFw0yNDA5MjUxNDM1MzVaMDMxMTAvBgNV
BAMTKEI2NjhBQzUyQ0Q4OEI4MDdCRDM2M0I0NDI1NTY3RDM2QTNENzU1QzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1QfqXvwHiXZoI5HtWyIQk1Hhj
4ZhgETVZLPAkKHT4Fl6iaryFoS6jAXkqZcMXVlXs38Vvihdpe//vtkG3h3N2VLWc
S1GeBh3Xe87V+7FGRiAqcJeuTHZR07a2bb661ZtinzK2J2NfjB3Rpo1robzRAcBY
kCxNYdO+Adr+y6tfNoic2/LyhUNP+kGpfoWc33eLLQAxv0xL66qy9C3lk1arzU2C
cLUo0t/MVTdFVk7vUZVJ9QW7t6pLMnga/2hR3q4ewMIvTk0fSx0v7OPdhIFD3Fu2
RXUBwxl9y03U6mQr89KyzVx/OGTHBBW6zfckex+gTxINJ/zEPp5tB9KLImLTAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUtmisUs2IuAe9NjtEJVZ9NqPXVcMwHwYDVR0j
BBgwFoAU0BugE7webYbw1tWOr6VOJ/raNEQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYtNjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5
NDMxLzEvRDAxQkEwMTNCQzFFNkQ4NkYwRDZENThFQUZBNTRFMjdGQURBMzQ0NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBCdWdFN3dlYllidzF0V09yNlZPSl9y
YU5FUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYt
NjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5NDMxLzEvMzczODJlMzIzNDJlMzEzMjM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzNDMzMzMzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE4Y
fDANBgkqhkiG9w0BAQsFAAOCAQEAPnraIobqKD/Ub5XDlJwoQ888eXUm6oZBWYna
DMRuvCKZ+9wrhWvfjfw/oK5RVnsi3tWJjmBDSr+7HDcQ3z4zu+pckcItdi1LxjV7
czVLk/NmBDyeRxQ9sLIaE1LlGcSd9lHG7LAjSjXvdLPXvP57s+x/H2IOI/CviDD2
Kl3OC4TTUd00NKkyxeEWiD9HrfYSN3fEAf2u3Z3HOde6mlTUmLLizPeZvAdZffhs
vVjAE5SwQazIQkih+XQNabyc9crNrhOf87ChZKg1oJEB9xQSy7u6TmqytnoQIII8
AsvM0sKOhDOo+uIvog+kkiREg23TPt+2DfaAixhw2Hk5ufBNkQ==
-----END CERTIFICATE-----
Generated at Fri May 17 05:44:25 2024 by rpki-client on console-fra.rpki-client.org