Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132342e302f32342d3234203d3e203534333339.roa
File: 37382e32342e3132342e302f32342d3234203d3e203534333339.roa (raw, json)
Hash identifier: KBQWp2YW6b35tXBZxmWFRr/DTme9e2nhX14tjQgVgwA=
Subject key identifier: 7B:C7:CB:28:4B:94:2F:C4:08:F3:9D:30:50:50:BF:E6:3E:0D:46:24
Certificate issuer: /CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Certificate serial: 745D5B641C3CDB9B8341F518781AECECEB408914
Authority key identifier: D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132342e302f32342d3234203d3e203534333339.roa
Signing time: Wed 28 Aug 2024 15:05:19 +0000
ROA not before: Wed 28 Aug 2024 15:00:19 +0000
ROA not after: Wed 27 Aug 2025 15:05:19 +0000
asID: 54339
IP address blocks: 78.24.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl
rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.mft
rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:5d:5b:64:1c:3c:db:9b:83:41:f5:18:78:1a:ec:ec:eb:40:89:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Validity
Not Before: Aug 28 15:00:19 2024 GMT
Not After : Aug 27 15:05:19 2025 GMT
Subject: CN=7BC7CB284B942FC408F39D305050BFE63E0D4624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ae:59:8b:7a:1e:0c:a8:6f:2d:fc:ac:6e:17:
dd:08:ae:52:df:97:5c:88:1e:5a:94:52:57:bf:2b:
78:e3:d0:ae:36:46:e9:f4:ad:6e:cf:49:13:c6:30:
e2:9d:5e:d0:d3:58:2c:1d:a4:cd:a2:8b:93:0d:7e:
88:03:eb:c8:8a:dd:c1:52:0e:b2:16:2f:5a:97:7d:
76:bb:c8:ed:27:54:f5:7e:bc:bd:89:8b:c5:9d:43:
4e:f3:7d:2c:2f:4e:bc:2b:a4:3c:99:84:76:b4:a3:
3c:88:dc:bd:4c:f0:62:5b:2c:a1:74:90:d3:8c:bd:
2d:47:44:3b:74:72:29:3c:5e:58:f8:e0:3b:9a:a3:
38:23:27:8c:27:6d:c3:18:97:e6:c8:67:4d:7a:4e:
0c:30:d9:57:d3:25:be:1a:01:46:75:f3:8f:97:f5:
49:3f:56:e5:6e:3b:9a:42:ef:bf:64:5f:18:c0:21:
69:e6:b0:e8:39:f9:69:f8:3d:08:c7:df:5a:06:c4:
a8:90:d5:d0:73:66:4d:5a:28:20:46:1b:95:f4:07:
90:ce:be:4f:cf:42:be:03:7a:dd:c0:ae:e3:9b:de:
d0:cd:0f:57:3c:0a:fd:f2:13:ca:3a:f6:8e:e9:0d:
e7:e5:1a:0b:15:61:2d:c2:0b:96:04:95:11:26:3f:
ac:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:C7:CB:28:4B:94:2F:C4:08:F3:9D:30:50:50:BF:E6:3E:0D:46:24
X509v3 Authority Key Identifier:
keyid:D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132342e302f32342d3234203d3e203534333339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.124.0/24
Signature Algorithm: sha256WithRSAEncryption
51:04:94:f6:18:9c:7d:91:fa:8b:19:ba:2d:57:1f:3e:be:ae:
6a:42:2a:95:35:89:eb:5b:64:26:14:47:ea:f6:fe:1c:7a:2a:
3b:94:e1:be:bb:64:44:01:01:a5:1c:c0:a4:6a:b8:04:9c:27:
f1:2f:9b:cb:ed:28:22:be:34:1e:96:df:26:b9:4e:1c:64:93:
a7:9c:40:74:a2:95:5b:58:7d:ab:45:b4:51:7b:5a:aa:0b:d1:
81:51:50:6c:04:a4:c6:f1:7f:d7:c9:3c:ff:d2:37:8a:33:4c:
9e:5d:49:6c:e2:87:7b:84:10:63:e6:49:55:4e:44:61:42:3a:
bb:c9:f9:ae:04:52:51:9d:aa:67:dc:e0:d7:eb:90:98:8c:9a:
cb:b2:bf:54:80:22:68:d8:a6:2b:25:a5:ff:d0:e2:47:85:ce:
d1:2d:c0:25:78:39:69:39:7b:e2:ac:d4:07:a9:f3:69:76:9a:
96:8e:63:55:65:7f:7c:b7:cd:f3:57:ee:10:f7:8a:a8:84:30:
0e:4d:79:28:56:e3:5f:df:74:64:63:3a:3f:a3:71:8c:d4:52:
a9:d5:23:c3:24:9d:64:0b:2d:4b:cf:19:d3:bf:b7:8e:b7:14:
17:c8:e4:1a:89:97:6f:1a:20:50:93:c6:d9:47:8a:83:d0:1e:
7d:b5:1f:fe
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUdF1bZBw825uDQfUYeBrs7OtAiRQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDAxYmEwMTNiYzFlNmQ4NmYwZDZkNThlYWZhNTRlMjdm
YWRhMzQ0NDAeFw0yNDA4MjgxNTAwMTlaFw0yNTA4MjcxNTA1MTlaMDMxMTAvBgNV
BAMTKDdCQzdDQjI4NEI5NDJGQzQwOEYzOUQzMDUwNTBCRkU2M0UwRDQ2MjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrrlmLeh4MqG8t/KxuF90IrlLf
l1yIHlqUUle/K3jj0K42Run0rW7PSRPGMOKdXtDTWCwdpM2ii5MNfogD68iK3cFS
DrIWL1qXfXa7yO0nVPV+vL2Ji8WdQ07zfSwvTrwrpDyZhHa0ozyI3L1M8GJbLKF0
kNOMvS1HRDt0cik8Xlj44DuaozgjJ4wnbcMYl+bIZ016Tgww2VfTJb4aAUZ184+X
9Uk/VuVuO5pC779kXxjAIWnmsOg5+Wn4PQjH31oGxKiQ1dBzZk1aKCBGG5X0B5DO
vk/PQr4Det3AruOb3tDND1c8Cv3yE8o69o7pDeflGgsVYS3CC5YElREmP6wLAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUe8fLKEuUL8QI850wUFC/5j4NRiQwHwYDVR0j
BBgwFoAU0BugE7webYbw1tWOr6VOJ/raNEQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYtNjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5
NDMxLzEvRDAxQkEwMTNCQzFFNkQ4NkYwRDZENThFQUZBNTRFMjdGQURBMzQ0NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBCdWdFN3dlYllidzF0V09yNlZPSl9y
YU5FUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYt
NjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5NDMxLzEvMzczODJlMzIzNDJlMzEzMjM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzNDMzMzMzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE4Y
fDANBgkqhkiG9w0BAQsFAAOCAQEAUQSU9hicfZH6ixm6LVcfPr6uakIqlTWJ61tk
JhRH6vb+HHoqO5ThvrtkRAEBpRzApGq4BJwn8S+by+0oIr40HpbfJrlOHGSTp5xA
dKKVW1h9q0W0UXtaqgvRgVFQbASkxvF/18k8/9I3ijNMnl1JbOKHe4QQY+ZJVU5E
YUI6u8n5rgRSUZ2qZ9zg1+uQmIyay7K/VIAiaNimKyWl/9DiR4XO0S3AJXg5aTl7
4qzUB6nzaXaalo5jVWV/fLfN81fuEPeKqIQwDk15KFbjX990ZGM6P6NxjNRSqdUj
wySdZAstS88Z07+3jrcUF8jkGomXbxogUJPG2UeKg9AefbUf/g==
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:49:04 2024 by rpki-client on console-ams.rpki-client.org