Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37372e302f32342d3234203d3e20323130393330.roa
File: 3137312e32322e37372e302f32342d3234203d3e20323130393330.roa (raw, json)
Hash identifier: wSk1+h0+8c8/Ukosreqncn2GJdf/5ZHuwhJWXQ4XYuA=
Subject key identifier: 88:1A:53:AE:F1:71:46:AF:2C:2D:EE:C7:07:BB:49:09:21:08:7F:EE
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 01BB32D0FAA925D0DBD743CCFBED541D5202158D
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37372e302f32342d3234203d3e20323130393330.roa
Signing time: Tue 01 Aug 2023 14:48:01 +0000
ROA not before: Tue 01 Aug 2023 14:43:01 +0000
ROA not after: Tue 30 Jul 2024 14:48:01 +0000
asID: 210930
IP address blocks: 171.22.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 14:08:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:bb:32:d0:fa:a9:25:d0:db:d7:43:cc:fb:ed:54:1d:52:02:15:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Aug 1 14:43:01 2023 GMT
Not After : Jul 30 14:48:01 2024 GMT
Subject: CN=881A53AEF17146AF2C2DEEC707BB490921087FEE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:96:7f:6e:37:54:24:92:f1:5b:8f:ca:87:b4:
9d:15:9b:c0:a0:1f:f5:98:01:97:2c:63:3b:d0:30:
55:68:c7:71:2a:ea:50:fa:2a:a1:59:24:e0:73:62:
54:94:96:a8:d1:a1:ff:30:62:76:95:33:8b:40:ef:
b1:e7:8c:c8:ab:e3:75:b1:b2:cb:c5:9c:51:ac:2f:
23:14:c7:9d:95:e7:45:b2:88:ed:25:e3:10:72:ee:
a6:4e:9f:eb:99:cf:b9:e8:6e:a3:00:4c:32:b1:32:
e7:f8:f8:f5:df:0c:d0:12:a6:3e:00:e5:af:ef:9b:
c0:a2:87:79:c7:30:4b:aa:bb:b9:ce:b9:d6:f4:da:
02:23:76:e8:b9:31:d9:4b:25:ae:98:7f:6f:67:a3:
92:b5:1b:99:c5:1c:4e:98:7d:04:66:c4:f3:7b:b9:
a0:b7:d1:65:e9:89:3a:3f:c9:7b:38:c7:b1:22:f7:
f3:ab:64:71:b5:a4:c9:c7:94:eb:03:3e:6b:14:c5:
eb:1c:b2:81:f5:db:71:1e:11:e7:b7:55:9f:d6:b1:
df:8f:4f:c1:21:3f:0d:99:01:e5:af:76:e7:c2:f2:
22:9d:4c:ef:aa:ed:e1:7a:44:4d:50:54:34:43:ac:
fd:7c:ad:57:c6:0b:33:c8:2f:df:b0:e7:76:ac:ab:
93:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:1A:53:AE:F1:71:46:AF:2C:2D:EE:C7:07:BB:49:09:21:08:7F:EE
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37372e302f32342d3234203d3e20323130393330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.77.0/24
Signature Algorithm: sha256WithRSAEncryption
83:35:a1:df:80:91:70:90:71:0b:fb:47:09:c4:00:f0:f3:92:
56:00:10:37:dd:42:6c:e3:4a:d7:0e:f3:f1:77:f6:ed:cd:12:
cc:d2:93:fa:4e:28:df:40:8b:36:89:75:04:93:a4:29:b1:3d:
87:4e:1d:27:1d:5c:3c:7f:bf:d0:2f:a0:6a:2b:ab:e7:62:05:
c0:29:4f:1e:d5:de:97:9a:50:49:b4:25:77:2d:2f:49:92:6f:
7c:1e:43:86:1d:d2:88:c4:fe:d8:7f:1b:05:b4:77:a3:0f:2d:
d6:dd:83:90:23:be:2f:1a:cf:9d:b0:4e:6a:1a:2a:22:c8:57:
3a:f0:f9:1d:ba:aa:78:47:8f:91:82:d7:6f:49:0f:c6:12:c8:
48:d6:93:fa:c8:5a:13:ec:aa:b9:0a:31:f1:3d:cf:56:38:ab:
13:29:c1:4b:3d:5c:1c:3f:73:0a:5f:62:5f:b6:2f:da:b9:fa:
ab:21:1a:d5:3f:38:37:95:84:31:f8:19:ff:b3:cb:b5:3e:a0:
11:f4:ab:49:db:9e:fb:ce:fa:b1:7e:7e:4c:87:8f:c0:d2:93:
6a:7e:b4:70:dd:f1:e4:0e:44:fe:72:f9:11:83:15:c5:db:db:
b7:c0:7f:6e:e8:55:da:be:f5:f2:95:69:c3:c1:df:76:ab:fb:
d2:eb:ed:05
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUAbsy0PqpJdDb10PM++1UHVICFY0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzA4MDExNDQzMDFaFw0yNDA3MzAxNDQ4MDFaMDMxMTAvBgNV
BAMTKDg4MUE1M0FFRjE3MTQ2QUYyQzJERUVDNzA3QkI0OTA5MjEwODdGRUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaln9uN1QkkvFbj8qHtJ0Vm8Cg
H/WYAZcsYzvQMFVox3Eq6lD6KqFZJOBzYlSUlqjRof8wYnaVM4tA77HnjMir43Wx
ssvFnFGsLyMUx52V50WyiO0l4xBy7qZOn+uZz7nobqMATDKxMuf4+PXfDNASpj4A
5a/vm8Cih3nHMEuqu7nOudb02gIjdui5MdlLJa6Yf29no5K1G5nFHE6YfQRmxPN7
uaC30WXpiTo/yXs4x7Ei9/OrZHG1pMnHlOsDPmsUxescsoH123EeEee3VZ/Wsd+P
T8EhPw2ZAeWvdufC8iKdTO+q7eF6RE1QVDRDrP18rVfGCzPIL9+w53asq5PLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUiBpTrvFxRq8sLe7HB7tJCSEIf+4wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzNzMxMmUzMjMyMmUzNzM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMwMzkzMzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
qxZNMA0GCSqGSIb3DQEBCwUAA4IBAQCDNaHfgJFwkHEL+0cJxADw85JWABA33UJs
40rXDvPxd/btzRLM0pP6TijfQIs2iXUEk6QpsT2HTh0nHVw8f7/QL6BqK6vnYgXA
KU8e1d6XmlBJtCV3LS9Jkm98HkOGHdKIxP7YfxsFtHejDy3W3YOQI74vGs+dsE5q
GioiyFc68Pkduqp4R4+RgtdvSQ/GEshI1pP6yFoT7Kq5CjHxPc9WOKsTKcFLPVwc
P3MKX2Jfti/aufqrIRrVPzg3lYQx+Bn/s8u1PqAR9KtJ2577zvqxfn5Mh4/A0pNq
frRw3fHkDkT+cvkRgxXF29u3wH9u6FXavvXylWnDwd92q/vS6+0F
-----END CERTIFICATE-----
Generated at Sat May 11 18:18:50 2024 by rpki-client on console-ams.rpki-client.org