Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3134362e31392e38362e302f32342d3234203d3e20333937343233.roa
File: 3134362e31392e38362e302f32342d3234203d3e20333937343233.roa (raw, json)
Hash identifier: fHi8dS31WQ6mXFRoJ3N9ivzrKeFWPHVSudmn23uFVUM=
Subject key identifier: B5:43:1E:3A:F0:9B:42:66:21:18:E8:36:99:B7:6D:83:88:23:2F:05
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 6FB5B76DEA781A8564BBF26AFC31FB2D82BFC57E
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3134362e31392e38362e302f32342d3234203d3e20333937343233.roa
Signing time: Mon 11 Mar 2024 13:22:54 +0000
ROA not before: Mon 11 Mar 2024 13:17:54 +0000
ROA not after: Mon 10 Mar 2025 13:22:54 +0000
asID: 397423
IP address blocks: 146.19.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:b5:b7:6d:ea:78:1a:85:64:bb:f2:6a:fc:31:fb:2d:82:bf:c5:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 11 13:17:54 2024 GMT
Not After : Mar 10 13:22:54 2025 GMT
Subject: CN=B5431E3AF09B42662118E83699B76D8388232F05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d8:32:4b:b7:36:92:c7:29:48:ba:95:db:0a:
6b:27:ef:e2:15:41:87:8b:67:4c:b3:bb:62:d5:d2:
bd:63:f4:be:1b:29:76:13:03:56:d1:ac:5e:61:51:
33:74:ff:c4:d0:c7:ed:03:49:76:e0:15:6a:79:33:
ab:5a:01:12:6d:66:d7:53:e2:a5:da:85:96:23:b6:
9e:dd:d0:cb:2e:eb:73:5f:c5:e3:a2:7e:1e:9d:e4:
89:4c:2b:8d:2e:28:13:d2:01:dc:7e:1d:84:19:a7:
55:c0:31:55:5c:db:bd:8e:13:93:4f:c8:58:b7:df:
6c:ac:05:18:92:8b:e1:65:86:0d:ca:fb:0e:e0:ee:
e9:16:09:b3:50:33:6a:90:3d:7d:06:6f:35:e7:8c:
01:1c:b9:96:eb:ee:26:51:6c:c9:5e:77:39:a2:5f:
e5:d7:6d:1d:d7:fa:46:ad:d0:ee:11:e9:3b:3c:41:
2c:28:30:ee:05:e0:4e:be:04:3e:6c:ab:82:68:87:
1b:2c:d1:01:15:6f:5a:e1:30:82:dd:6f:67:ce:d6:
97:20:ca:5d:46:a0:9c:a5:c2:3c:eb:4e:5b:d8:50:
52:03:d6:72:a5:cf:29:f4:00:bd:af:6e:3d:2b:67:
e2:31:46:e6:b8:2d:71:3e:b1:fc:db:c0:e6:b9:48:
e4:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:43:1E:3A:F0:9B:42:66:21:18:E8:36:99:B7:6D:83:88:23:2F:05
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3134362e31392e38362e302f32342d3234203d3e20333937343233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.86.0/24
Signature Algorithm: sha256WithRSAEncryption
98:09:7e:20:2a:bf:fb:9b:a6:26:a4:2b:b5:04:f3:5d:23:92:
0e:89:e5:ef:26:88:3a:6b:21:ea:4d:22:b8:81:4a:8d:91:c7:
e6:6a:90:aa:37:d8:d8:6f:69:6b:c0:ba:91:56:40:13:6a:7d:
ca:65:0f:a2:6c:4d:ae:19:cd:2a:f9:e5:ac:ed:d2:a7:cd:45:
f5:96:b7:09:30:7e:67:b3:63:8f:12:22:f3:2f:6f:99:df:0b:
d6:a2:ee:19:75:d5:c6:e2:f5:10:1f:6b:15:08:74:dd:0e:00:
c1:1d:6e:e0:35:38:45:1d:2f:da:62:bd:44:b0:65:a9:b2:59:
0d:a1:8e:a0:40:e3:ac:79:48:40:50:c8:4c:eb:5e:2a:9c:fa:
88:b0:f3:3a:35:ac:9f:17:be:f2:be:68:4c:59:7a:fb:b9:b6:
1e:08:3c:68:51:6a:44:a7:83:86:2f:06:19:78:78:2f:8c:25:
c8:d3:41:50:0c:f6:cb:2a:9b:70:10:91:99:a9:8f:c3:9a:b7:
6f:da:7b:7a:a0:cf:6e:9c:27:ef:16:45:c3:ca:20:41:90:43:
92:51:9b:af:6d:eb:7a:99:63:28:79:09:b3:89:21:55:4e:59:
b8:96:58:e1:7e:04:43:ba:07:9b:47:76:37:c9:50:4a:50:10:
0b:c6:41:34
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUb7W3bep4GoVku/Jq/DH7LYK/xX4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDAzMTExMzE3NTRaFw0yNTAzMTAxMzIyNTRaMDMxMTAvBgNV
BAMTKEI1NDMxRTNBRjA5QjQyNjYyMTE4RTgzNjk5Qjc2RDgzODgyMzJGMDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC32DJLtzaSxylIupXbCmsn7+IV
QYeLZ0yzu2LV0r1j9L4bKXYTA1bRrF5hUTN0/8TQx+0DSXbgFWp5M6taARJtZtdT
4qXahZYjtp7d0Msu63NfxeOifh6d5IlMK40uKBPSAdx+HYQZp1XAMVVc272OE5NP
yFi332ysBRiSi+Flhg3K+w7g7ukWCbNQM2qQPX0GbzXnjAEcuZbr7iZRbMledzmi
X+XXbR3X+kat0O4R6Ts8QSwoMO4F4E6+BD5sq4Johxss0QEVb1rhMILdb2fO1pcg
yl1GoJylwjzrTlvYUFID1nKlzyn0AL2vbj0rZ+IxRua4LXE+sfzbwOa5SOQ7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUtUMeOvCbQmYhGOg2mbdtg4gjLwUwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzNDM2MmUzMTM5MmUzODM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzOTM3MzQzMjMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
khNWMA0GCSqGSIb3DQEBCwUAA4IBAQCYCX4gKr/7m6YmpCu1BPNdI5IOieXvJog6
ayHqTSK4gUqNkcfmapCqN9jYb2lrwLqRVkATan3KZQ+ibE2uGc0q+eWs7dKnzUX1
lrcJMH5ns2OPEiLzL2+Z3wvWou4ZddXG4vUQH2sVCHTdDgDBHW7gNThFHS/aYr1E
sGWpslkNoY6gQOOseUhAUMhM614qnPqIsPM6NayfF77yvmhMWXr7ubYeCDxoUWpE
p4OGLwYZeHgvjCXI00FQDPbLKptwEJGZqY/Dmrdv2nt6oM9unCfvFkXDyiBBkEOS
UZuvbet6mWMoeQmziSFVTlm4lljhfgRDugebR3Y3yVBKUBALxkE0
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:20 2024 by rpki-client on console-ams.rpki-client.org