Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37362e302f32342d3234203d3e203631333137.roa
File: 3137312e32322e37362e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: m2NqrIyUAH3u9kqgEd7V31WHNtVzzCsPP04yInP70XA=
Subject key identifier: 47:D1:6E:E7:C7:1D:1D:62:D2:BD:0D:B9:F7:7D:31:81:D4:44:A4:B8
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 7711AC7C7C447DCED13DC7F01FEA009924C904E8
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37362e302f32342d3234203d3e203631333137.roa
Signing time: Mon 22 Apr 2024 21:05:16 +0000
ROA not before: Mon 22 Apr 2024 21:00:16 +0000
ROA not after: Mon 21 Apr 2025 21:05:16 +0000
asID: 61317
IP address blocks: 171.22.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:11:ac:7c:7c:44:7d:ce:d1:3d:c7:f0:1f:ea:00:99:24:c9:04:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Apr 22 21:00:16 2024 GMT
Not After : Apr 21 21:05:16 2025 GMT
Subject: CN=47D16EE7C71D1D62D2BD0DB9F77D3181D444A4B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:52:fe:ca:28:0b:f3:5f:f3:40:7e:82:af:fd:
85:b7:15:95:9e:66:79:8a:0a:11:7f:74:e4:7c:53:
65:9d:9b:7f:30:2c:08:ad:c9:cb:c8:4e:7b:94:7a:
d5:db:6e:3a:78:bb:bd:e4:5e:a9:29:ba:74:d8:e0:
95:4a:18:b1:aa:b2:fe:1b:c7:5a:8f:8b:81:78:ca:
ad:6f:9b:28:08:06:de:fd:ff:6a:f2:fe:48:6a:96:
92:50:3b:d1:0f:22:39:0d:b7:d8:28:a3:02:8a:cc:
e5:ae:31:97:ba:a0:fd:f6:1f:6e:62:e3:f0:d9:97:
8a:fc:ac:70:20:32:89:de:ec:bb:3f:d3:14:1d:3f:
0a:9b:f7:10:b1:48:a2:75:63:27:d9:be:c9:9f:e8:
06:2b:78:2f:06:bc:60:21:25:a2:a8:e0:fb:d3:ad:
67:bf:30:35:a8:6f:8d:8b:93:b7:4a:28:7d:6c:45:
71:2d:58:d6:81:8c:3f:7d:1e:f1:a1:89:eb:8a:21:
14:3e:d3:c0:3e:ef:14:70:b7:bc:4a:0a:c6:18:9a:
00:84:aa:d8:88:c8:93:9d:eb:2a:7f:a6:01:22:ff:
7a:d8:44:d1:bc:39:4e:59:59:82:57:5c:8f:1b:3e:
35:32:68:29:da:60:41:05:11:1a:9b:ea:51:23:d7:
53:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:D1:6E:E7:C7:1D:1D:62:D2:BD:0D:B9:F7:7D:31:81:D4:44:A4:B8
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37362e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.76.0/24
Signature Algorithm: sha256WithRSAEncryption
18:ae:32:cf:ea:29:d5:c1:6a:b1:93:8a:5a:76:65:13:6f:a6:
2f:61:a7:7b:aa:4e:65:30:8e:6b:03:77:84:29:c5:0b:57:92:
57:40:1b:1b:32:19:41:7f:eb:fd:aa:ee:ed:32:14:ad:a6:6e:
b6:92:62:a8:67:a2:89:dd:6d:8d:bb:b8:d0:29:ff:fb:1c:33:
ed:ea:92:92:e2:77:0a:5e:08:c2:4a:3c:d5:ad:58:c3:6d:ce:
02:8c:53:d5:49:db:18:90:d3:84:96:58:fa:13:b8:26:53:f1:
60:45:72:b8:bd:6f:17:6b:ab:6e:ae:c4:7c:26:e3:19:bc:e0:
cc:16:80:77:43:68:ff:e3:f5:bf:21:ff:73:f5:48:fd:1b:a1:
06:78:c4:2e:46:a2:96:6d:d6:a1:a4:be:25:d8:5a:5f:2d:aa:
fb:a7:7c:3c:48:92:7a:3c:fd:99:7f:46:e5:68:b2:04:aa:4f:
f5:c0:ce:6f:43:ef:fb:8a:8b:5b:cb:36:f2:2f:eb:4f:37:8c:
71:41:d0:b9:8b:b7:18:df:fb:9c:75:92:16:42:f1:a5:c4:27:
d2:2e:da:69:11:c7:c4:84:67:dc:ce:eb:84:2c:3f:06:0c:54:
48:ed:19:4f:96:b3:0b:98:9b:fb:08:ca:77:20:3e:10:97:56:
29:ea:93:5c
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUdxGsfHxEfc7RPcfwH+oAmSTJBOgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA0MjIyMTAwMTZaFw0yNTA0MjEyMTA1MTZaMDMxMTAvBgNV
BAMTKDQ3RDE2RUU3QzcxRDFENjJEMkJEMERCOUY3N0QzMTgxRDQ0NEE0QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbUv7KKAvzX/NAfoKv/YW3FZWe
ZnmKChF/dOR8U2Wdm38wLAitycvITnuUetXbbjp4u73kXqkpunTY4JVKGLGqsv4b
x1qPi4F4yq1vmygIBt79/2ry/khqlpJQO9EPIjkNt9goowKKzOWuMZe6oP32H25i
4/DZl4r8rHAgMone7Ls/0xQdPwqb9xCxSKJ1YyfZvsmf6AYreC8GvGAhJaKo4PvT
rWe/MDWob42Lk7dKKH1sRXEtWNaBjD99HvGhieuKIRQ+08A+7xRwt7xKCsYYmgCE
qtiIyJOd6yp/pgEi/3rYRNG8OU5ZWYJXXI8bPjUyaCnaYEEFERqb6lEj11M/AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUR9Fu58cdHWLSvQ25930xgdREpLgwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzNzMxMmUzMjMyMmUzNzM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTMzMzEzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKsW
TDANBgkqhkiG9w0BAQsFAAOCAQEAGK4yz+op1cFqsZOKWnZlE2+mL2Gne6pOZTCO
awN3hCnFC1eSV0AbGzIZQX/r/aru7TIUraZutpJiqGeiid1tjbu40Cn/+xwz7eqS
kuJ3Cl4Iwko81a1Yw23OAoxT1UnbGJDThJZY+hO4JlPxYEVyuL1vF2urbq7EfCbj
GbzgzBaAd0No/+P1vyH/c/VI/RuhBnjELkailm3WoaS+JdhaXy2q+6d8PEiSejz9
mX9G5WiyBKpP9cDOb0Pv+4qLW8s28i/rTzeMcUHQuYu3GN/7nHWSFkLxpcQn0i7a
aRHHxIRn3M7rhCw/BgxUSO0ZT5azC5ib+wjKdyA+EJdWKeqTXA==
-----END CERTIFICATE-----
Generated at Tue Apr 23 20:27:51 2024 by rpki-client on console-ams.rpki-client.org