Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3134362e31392e32332e302f32342d3234203d3e203235333639.roa
File: 3134362e31392e32332e302f32342d3234203d3e203235333639.roa (raw, json)
Hash identifier: +gAww8Pz1wKMPGSoMPsKqeewNVdbzGW2wHRJ/Ru3VQo=
Subject key identifier: AF:E6:6D:57:DE:D1:AC:76:BF:AA:9B:57:A8:52:90:6D:92:8D:1A:79
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 1DC0F54F265B1D900AF375F1A26A7178E0FF8D43
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3134362e31392e32332e302f32342d3234203d3e203235333639.roa
Signing time: Fri 20 Sep 2024 21:08:18 +0000
ROA not before: Fri 20 Sep 2024 21:03:18 +0000
ROA not after: Fri 19 Sep 2025 21:08:18 +0000
asID: 25369
IP address blocks: 146.19.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:c0:f5:4f:26:5b:1d:90:0a:f3:75:f1:a2:6a:71:78:e0:ff:8d:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Sep 20 21:03:18 2024 GMT
Not After : Sep 19 21:08:18 2025 GMT
Subject: CN=AFE66D57DED1AC76BFAA9B57A852906D928D1A79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:37:18:8f:7d:87:91:8f:36:77:88:eb:a2:0a:
16:8b:47:41:8f:5d:3b:6b:2d:d6:eb:b2:a6:90:cf:
b1:8a:04:da:f8:50:23:27:ef:22:c5:87:82:4d:db:
af:a9:e1:4b:00:86:c6:c4:6f:25:83:df:af:dd:a7:
94:54:31:5e:41:4e:08:dd:2c:f6:7d:46:e6:25:f7:
df:6c:1f:b9:6e:f6:d1:c8:a5:5a:75:8f:36:b9:67:
bf:4a:04:b3:a7:7c:cf:d2:71:77:3e:92:02:2a:d9:
00:e6:12:ad:04:22:2e:c1:b0:28:cb:86:3f:95:f9:
8b:32:4e:e0:6b:f3:62:13:90:f7:f0:8d:26:16:1b:
2c:e6:e2:a0:3f:01:e8:b1:ad:0a:9d:ef:4d:d3:02:
ba:b4:cc:4b:5e:42:04:e1:88:47:06:78:2c:ca:c4:
06:9c:41:49:29:df:30:93:48:b9:12:20:22:06:2a:
e4:de:fd:50:e7:58:41:13:58:bd:53:91:69:30:4d:
e7:0c:69:44:57:72:0e:21:76:40:36:58:15:42:f9:
89:d7:cc:b0:3a:99:d2:6f:c4:d4:bc:e1:a4:31:73:
cd:62:16:a9:2a:52:7e:2e:54:47:c3:4d:7e:57:31:
7f:71:cd:29:1f:34:6a:68:18:c8:b9:51:a1:b8:44:
9e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:E6:6D:57:DE:D1:AC:76:BF:AA:9B:57:A8:52:90:6D:92:8D:1A:79
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3134362e31392e32332e302f32342d3234203d3e203235333639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.23.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:91:b4:aa:e9:ca:84:79:a5:78:37:7b:8d:b6:27:50:ee:2a:
6f:c4:55:d2:76:7e:9e:03:7e:da:b9:3e:48:d7:6a:e0:ed:18:
60:14:a5:5c:1b:dc:c3:7c:3d:4b:39:ff:0e:54:27:74:77:c6:
d6:48:72:ea:6c:d7:13:fe:64:3c:be:95:d3:43:94:d1:3c:40:
57:7c:7b:dd:32:4a:cb:b4:1b:8e:a8:97:e0:9b:d0:eb:2c:1e:
25:54:f9:f5:08:88:97:3c:ad:bf:df:4d:8b:6b:95:2e:e8:3e:
21:67:db:19:6c:42:1d:a9:e7:1d:91:3e:f9:0f:46:50:b2:59:
a4:e5:95:37:24:8f:d6:68:3e:39:13:9c:ca:9a:75:8c:e3:65:
24:5f:e7:62:7f:95:06:99:dc:a6:2d:87:c7:33:0a:6b:ed:cc:
0c:d5:ac:d6:41:37:8f:5d:e3:b6:be:12:84:0a:df:31:21:e2:
40:28:40:0d:e3:bc:b8:02:cf:9e:0c:61:41:49:fa:8c:4a:cc:
20:93:7f:9d:43:06:af:be:73:80:99:61:2a:2a:39:26:4c:ab:
e2:47:e0:89:c3:e2:c1:a0:a9:5c:87:d7:74:28:ad:9d:fa:32:
a7:b0:27:cf:d2:c7:93:65:22:20:95:4f:06:b9:20:6d:62:ab:
46:28:cd:60
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUHcD1TyZbHZAK83XxompxeOD/jUMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA5MjAyMTAzMThaFw0yNTA5MTkyMTA4MThaMDMxMTAvBgNV
BAMTKEFGRTY2RDU3REVEMUFDNzZCRkFBOUI1N0E4NTI5MDZEOTI4RDFBNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeNxiPfYeRjzZ3iOuiChaLR0GP
XTtrLdbrsqaQz7GKBNr4UCMn7yLFh4JN26+p4UsAhsbEbyWD36/dp5RUMV5BTgjd
LPZ9RuYl999sH7lu9tHIpVp1jza5Z79KBLOnfM/ScXc+kgIq2QDmEq0EIi7BsCjL
hj+V+YsyTuBr82ITkPfwjSYWGyzm4qA/AeixrQqd703TArq0zEteQgThiEcGeCzK
xAacQUkp3zCTSLkSICIGKuTe/VDnWEETWL1TkWkwTecMaURXcg4hdkA2WBVC+YnX
zLA6mdJvxNS84aQxc81iFqkqUn4uVEfDTX5XMX9xzSkfNGpoGMi5UaG4RJ4XAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUr+ZtV97RrHa/qptXqFKQbZKNGnkwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzNDM2MmUzMTM5MmUzMjMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNTMzMzYzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJIT
FzANBgkqhkiG9w0BAQsFAAOCAQEAK5G0qunKhHmleDd7jbYnUO4qb8RV0nZ+ngN+
2rk+SNdq4O0YYBSlXBvcw3w9Szn/DlQndHfG1khy6mzXE/5kPL6V00OU0TxAV3x7
3TJKy7QbjqiX4JvQ6yweJVT59QiIlzytv99Ni2uVLug+IWfbGWxCHannHZE++Q9G
ULJZpOWVNySP1mg+OROcypp1jONlJF/nYn+VBpncpi2HxzMKa+3MDNWs1kE3j13j
tr4ShArfMSHiQChADeO8uALPngxhQUn6jErMIJN/nUMGr75zgJlhKio5Jkyr4kfg
icPiwaCpXIfXdCitnfoyp7Anz9LHk2UiIJVPBrkgbWKrRijNYA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:20 2024 by rpki-client on console-ams.rpki-client.org