Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3134362e31392e32332e302f32342d3234203d3e203235333639.roa
File: 3134362e31392e32332e302f32342d3234203d3e203235333639.roa (raw, json)
Hash identifier: OdtdXzhRHLCN2emL8JywlUnQAiNFkV/38/b62fGAQDA=
Subject key identifier: 3B:57:A3:30:81:48:4B:06:C2:45:D2:C1:E8:8E:C8:0F:DE:1D:57:3B
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 48AA45C8EAAA3BD93964AE9E0B7A2A0C171FF772
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3134362e31392e32332e302f32342d3234203d3e203235333639.roa
Signing time: Fri 15 Dec 2023 23:11:03 +0000
ROA not before: Fri 15 Dec 2023 23:06:03 +0000
ROA not after: Fri 13 Dec 2024 23:11:03 +0000
asID: 25369
IP address blocks: 146.19.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 14:41:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:aa:45:c8:ea:aa:3b:d9:39:64:ae:9e:0b:7a:2a:0c:17:1f:f7:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Dec 15 23:06:03 2023 GMT
Not After : Dec 13 23:11:03 2024 GMT
Subject: CN=3B57A33081484B06C245D2C1E88EC80FDE1D573B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6a:36:8e:e6:99:b8:2e:00:45:9d:5e:6a:df:
74:54:38:ff:1f:dc:d1:5b:cb:6b:0a:9c:13:7d:f0:
bc:f0:c4:a3:39:51:6a:81:0e:8b:4a:eb:cf:08:b2:
f5:b7:eb:20:4b:34:67:b1:40:47:ef:8b:d2:af:54:
8a:b1:91:9c:54:09:6f:05:44:8c:46:dd:1c:c2:f8:
80:b2:a9:18:d2:8a:11:d8:42:de:7f:8f:bc:08:92:
27:2d:88:cc:9d:e4:be:a7:05:2a:00:22:4b:22:08:
ee:ba:07:a3:c7:70:c0:57:15:e5:30:f4:d8:fd:87:
fb:74:81:b1:c0:d1:ad:37:ec:79:b8:a9:10:73:f8:
39:cf:1a:e1:08:d1:e8:8d:31:e5:c8:bc:46:4c:ec:
f1:d9:c7:e1:9d:57:3c:85:7c:5a:8c:0b:87:f1:d6:
e9:3b:a0:a5:c6:d7:81:6c:53:3c:cd:31:15:52:d8:
88:81:ea:6b:16:5b:eb:97:33:69:0d:ac:dd:3b:d4:
82:fe:6c:3b:f8:87:82:2b:a5:08:0f:12:57:83:79:
95:9c:60:fd:35:a5:5b:66:c1:7e:e9:ba:bc:dc:7a:
eb:17:af:d4:4a:28:f8:5a:e6:dd:6a:4b:66:9f:fc:
bd:4f:74:62:51:3b:48:f9:27:00:08:b4:9b:3c:74:
68:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:57:A3:30:81:48:4B:06:C2:45:D2:C1:E8:8E:C8:0F:DE:1D:57:3B
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3134362e31392e32332e302f32342d3234203d3e203235333639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.23.0/24
Signature Algorithm: sha256WithRSAEncryption
93:a1:8e:01:22:6f:41:b1:e4:0c:60:ac:c4:a6:fb:2a:a8:00:
11:4c:ee:77:6b:e5:09:76:77:24:97:7a:6d:9d:2d:88:a3:07:
86:bf:35:37:09:c7:64:63:b6:24:1a:1c:c2:8b:d1:91:58:ee:
20:5f:44:b3:cf:85:8b:d1:3c:b9:bd:76:8e:66:a5:3c:f6:74:
88:6f:12:e0:94:1d:a8:9f:8e:92:d2:7a:ea:af:cf:a2:44:61:
77:8c:de:18:4a:6b:e3:ee:db:66:31:44:2c:22:08:e4:b5:bf:
6c:8d:3b:ea:e0:eb:3b:dd:11:00:b9:60:00:4c:db:72:b9:22:
8e:4d:f0:e5:a0:80:71:18:67:a5:75:cb:26:44:83:b3:10:dc:
f2:56:3d:af:9b:85:4a:d6:c9:fd:83:c0:2e:43:0e:46:52:4a:
dd:58:ba:89:32:d9:df:a4:b6:49:b9:75:ae:b2:95:f0:80:1a:
82:da:42:e3:42:9b:dc:da:3b:fc:84:7a:cc:bd:62:1f:5e:dd:
fc:2d:cd:c4:a7:9b:a3:b7:05:07:01:e4:1f:de:52:dd:c8:4d:
d7:6c:97:2c:8d:77:cd:22:b6:dd:1a:85:7f:6f:1f:74:68:05:
39:31:2f:ae:8e:e0:ba:44:7b:21:d1:57:55:4f:54:7e:71:4e:
af:03:e5:83
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUSKpFyOqqO9k5ZK6eC3oqDBcf93IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzEyMTUyMzA2MDNaFw0yNDEyMTMyMzExMDNaMDMxMTAvBgNV
BAMTKDNCNTdBMzMwODE0ODRCMDZDMjQ1RDJDMUU4OEVDODBGREUxRDU3M0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6ajaO5pm4LgBFnV5q33RUOP8f
3NFby2sKnBN98LzwxKM5UWqBDotK688IsvW36yBLNGexQEfvi9KvVIqxkZxUCW8F
RIxG3RzC+ICyqRjSihHYQt5/j7wIkictiMyd5L6nBSoAIksiCO66B6PHcMBXFeUw
9Nj9h/t0gbHA0a037Hm4qRBz+DnPGuEI0eiNMeXIvEZM7PHZx+GdVzyFfFqMC4fx
1uk7oKXG14FsUzzNMRVS2IiB6msWW+uXM2kNrN071IL+bDv4h4IrpQgPEleDeZWc
YP01pVtmwX7purzceusXr9RKKPha5t1qS2af/L1PdGJRO0j5JwAItJs8dGjjAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUO1ejMIFISwbCRdLB6I7ID94dVzswHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzNDM2MmUzMTM5MmUzMjMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNTMzMzYzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJIT
FzANBgkqhkiG9w0BAQsFAAOCAQEAk6GOASJvQbHkDGCsxKb7KqgAEUzud2vlCXZ3
JJd6bZ0tiKMHhr81NwnHZGO2JBocwovRkVjuIF9Es8+Fi9E8ub12jmalPPZ0iG8S
4JQdqJ+OktJ66q/PokRhd4zeGEpr4+7bZjFELCII5LW/bI076uDrO90RALlgAEzb
crkijk3w5aCAcRhnpXXLJkSDsxDc8lY9r5uFStbJ/YPALkMORlJK3Vi6iTLZ36S2
Sbl1rrKV8IAagtpC40Kb3No7/IR6zL1iH17d/C3NxKebo7cFBwHkH95S3chN12yX
LI13zSK23RqFf28fdGgFOTEvro7gukR7IdFXVU9UfnFOrwPlgw==
-----END CERTIFICATE-----
Generated at Fri May 3 21:54:56 2024 by rpki-client on console-fra.rpki-client.org