Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37372e302f32342d3234203d3e203630373930.roa
File: 3137312e32322e37372e302f32342d3234203d3e203630373930.roa (raw, json)
Hash identifier: EjlTfvIpz/iC/P6I0XH7doPgH8mCxlc6bOYNh4Uia50=
Subject key identifier: A6:5E:79:C7:05:AD:9A:A3:AC:14:FD:01:14:8B:3A:DF:D7:2E:DD:F9
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 32B999F745220328C3489E58852D06354D019388
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37372e302f32342d3234203d3e203630373930.roa
Signing time: Wed 03 Jul 2024 12:05:18 +0000
ROA not before: Wed 03 Jul 2024 12:00:18 +0000
ROA not after: Wed 02 Jul 2025 12:05:18 +0000
asID: 60790
IP address blocks: 171.22.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:b9:99:f7:45:22:03:28:c3:48:9e:58:85:2d:06:35:4d:01:93:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jul 3 12:00:18 2024 GMT
Not After : Jul 2 12:05:18 2025 GMT
Subject: CN=A65E79C705AD9AA3AC14FD01148B3ADFD72EDDF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5f:fc:5f:43:3b:c3:49:06:18:cc:cb:88:7d:
d5:72:c1:21:e2:57:fc:b3:04:ea:5a:a0:7c:54:62:
f8:69:ab:37:9a:63:3c:e1:a4:48:59:5a:5e:34:bb:
ff:49:5e:98:f0:6f:1a:80:22:fe:73:21:61:a7:0d:
b6:05:e3:7f:0b:f3:0d:7f:b1:58:fd:8d:31:2c:a3:
67:c1:ec:ee:77:9e:96:54:fa:87:17:34:2f:94:c1:
4c:bc:f8:08:3c:3d:ea:f4:bb:df:6c:38:b1:96:04:
e9:91:d8:5a:47:4a:98:71:e5:a3:93:80:55:0f:cb:
e5:46:77:28:69:39:18:41:13:93:bb:52:c1:e7:e9:
5e:09:c7:0c:21:95:59:85:96:61:28:93:02:01:d9:
03:38:bc:69:4a:b7:25:b9:9f:31:d9:33:2e:ce:84:
4d:40:d6:3e:b1:d7:7f:4f:fb:b5:10:ca:8a:65:02:
27:90:75:a7:0f:b4:79:08:d0:e3:c5:43:8e:4d:7d:
17:48:81:6d:b7:72:28:c7:91:22:38:29:0c:d8:55:
10:7e:85:84:08:68:e8:1c:86:7f:30:32:8b:8b:74:
69:05:2c:94:6b:25:55:33:19:b3:d6:5c:3f:eb:69:
4a:dd:0f:77:76:30:ac:ab:f3:06:28:e5:ca:57:d6:
6e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:5E:79:C7:05:AD:9A:A3:AC:14:FD:01:14:8B:3A:DF:D7:2E:DD:F9
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37372e302f32342d3234203d3e203630373930.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.77.0/24
Signature Algorithm: sha256WithRSAEncryption
67:8d:5f:2d:fd:1e:ff:ee:64:b4:12:44:45:b3:98:ea:e1:9e:
8f:db:2e:f5:2b:7a:9a:5f:1e:0a:f6:62:52:ec:c6:61:42:7f:
d3:c4:cd:a3:fb:46:99:d7:b9:cd:56:42:c6:6b:17:ff:74:fd:
e6:2b:ea:51:c8:84:d7:1b:b9:49:dd:08:01:a1:ed:32:b0:40:
06:61:0a:fc:3f:de:3d:44:44:49:78:9c:2f:4a:36:41:e1:5f:
28:70:e1:a5:8d:c7:fe:27:4a:b3:80:b5:55:02:17:d8:8f:95:
04:23:e0:4c:37:e8:7c:0e:19:07:7d:26:ad:08:9c:fa:9e:6e:
2d:62:df:f9:5e:70:ee:68:2c:6a:7a:5b:00:ad:21:68:c2:b6:
82:99:82:bb:00:a5:2e:c8:01:0f:a6:cc:09:6b:0c:28:d2:82:
ae:39:ae:49:7b:a1:9f:30:b4:4c:82:93:75:79:b4:58:e4:08:
64:b2:b9:fc:e4:0e:7f:f0:cf:4d:53:57:26:35:bf:c4:6c:68:
99:18:88:19:a3:d8:c1:76:23:6a:fc:bd:01:7e:14:f7:06:d9:
9c:f1:a4:a5:8e:23:83:ae:93:a8:0c:f7:17:e4:b9:75:9d:32:
29:56:71:8a:7d:65:e7:2a:46:c8:30:ba:53:75:ff:14:09:00:
f1:fa:76:54
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUMrmZ90UiAyjDSJ5YhS0GNU0Bk4gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA3MDMxMjAwMThaFw0yNTA3MDIxMjA1MThaMDMxMTAvBgNV
BAMTKEE2NUU3OUM3MDVBRDlBQTNBQzE0RkQwMTE0OEIzQURGRDcyRURERjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1X/xfQzvDSQYYzMuIfdVywSHi
V/yzBOpaoHxUYvhpqzeaYzzhpEhZWl40u/9JXpjwbxqAIv5zIWGnDbYF438L8w1/
sVj9jTEso2fB7O53npZU+ocXNC+UwUy8+Ag8Per0u99sOLGWBOmR2FpHSphx5aOT
gFUPy+VGdyhpORhBE5O7UsHn6V4JxwwhlVmFlmEokwIB2QM4vGlKtyW5nzHZMy7O
hE1A1j6x139P+7UQyoplAieQdacPtHkI0OPFQ45NfRdIgW23cijHkSI4KQzYVRB+
hYQIaOgchn8wMouLdGkFLJRrJVUzGbPWXD/raUrdD3d2MKyr8wYo5cpX1m7/AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUpl55xwWtmqOsFP0BFIs639cu3fkwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzNzMxMmUzMjMyMmUzNzM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMDM3MzkzMC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKsW
TTANBgkqhkiG9w0BAQsFAAOCAQEAZ41fLf0e/+5ktBJERbOY6uGej9su9St6ml8e
CvZiUuzGYUJ/08TNo/tGmde5zVZCxmsX/3T95ivqUciE1xu5Sd0IAaHtMrBABmEK
/D/ePURESXicL0o2QeFfKHDhpY3H/idKs4C1VQIX2I+VBCPgTDfofA4ZB30mrQic
+p5uLWLf+V5w7mgsanpbAK0haMK2gpmCuwClLsgBD6bMCWsMKNKCrjmuSXuhnzC0
TIKTdXm0WOQIZLK5/OQOf/DPTVNXJjW/xGxomRiIGaPYwXYjavy9AX4U9wbZnPGk
pY4jg66TqAz3F+S5dZ0yKVZxin1l5ypGyDC6U3X/FAkA8fp2VA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:43 2024 by rpki-client on console-ams.rpki-client.org