Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37392e302f32342d3234203d3e203235333639.roa
File: 3137312e32322e37392e302f32342d3234203d3e203235333639.roa (raw, json)
Hash identifier: FbLt/MPJAGpcYnZT64VzNW4Y8e6/VVD+XlMY5Go+2fI=
Subject key identifier: 0A:AE:F6:B5:1E:12:14:EA:90:A4:DD:94:8A:A7:4F:08:80:38:12:29
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 0DBF81C7D278E66C98CEA0D43FA159C4E5FC5912
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37392e302f32342d3234203d3e203235333639.roa
Signing time: Sun 17 Dec 2023 09:10:39 +0000
ROA not before: Sun 17 Dec 2023 09:05:39 +0000
ROA not after: Sun 15 Dec 2024 09:10:39 +0000
asID: 25369
IP address blocks: 171.22.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 14:41:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:bf:81:c7:d2:78:e6:6c:98:ce:a0:d4:3f:a1:59:c4:e5:fc:59:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Dec 17 09:05:39 2023 GMT
Not After : Dec 15 09:10:39 2024 GMT
Subject: CN=0AAEF6B51E1214EA90A4DD948AA74F0880381229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:af:50:fc:a5:c8:2b:8d:0b:14:87:85:02:d0:
3d:0e:22:2b:a7:2c:12:ee:4e:e2:e8:7a:61:50:5e:
46:63:9a:b7:51:43:54:fb:41:0f:3a:3e:e8:ae:50:
20:47:2d:87:4c:30:ad:ed:86:3e:14:c4:ea:91:06:
2e:b0:15:c7:49:d5:4a:f0:1a:55:89:df:e7:a7:93:
6b:ce:29:39:f7:df:5f:1d:f4:68:96:98:60:cd:9b:
e9:e4:f8:ad:62:be:f4:34:64:38:9b:2d:23:76:b9:
b3:ef:d6:55:09:27:9c:7d:fc:6e:db:2b:ec:3b:bf:
d4:ec:5d:3f:f1:af:3f:a8:b4:8f:21:f1:23:18:a1:
44:57:6c:ef:81:93:f5:43:3c:73:89:e4:d2:88:e1:
2c:34:4d:f7:ce:e7:03:78:ec:1f:84:d8:a6:db:3a:
2e:b5:11:92:f3:88:cd:80:c7:d8:84:9b:96:16:b6:
79:f2:9b:94:13:f7:7f:61:7d:5d:b0:4e:3d:3e:03:
ae:1d:e1:ba:d1:01:08:2f:29:8c:d6:9a:c8:14:4a:
87:49:88:ce:3c:bc:10:1d:fa:4a:ea:f1:44:b2:cd:
8a:2d:fb:64:6e:d1:82:a8:08:f4:eb:4d:06:13:10:
ff:83:13:63:45:22:0d:e8:9e:56:10:82:02:45:b5:
77:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:AE:F6:B5:1E:12:14:EA:90:A4:DD:94:8A:A7:4F:08:80:38:12:29
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37392e302f32342d3234203d3e203235333639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.79.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:46:d6:e7:e9:c8:17:aa:85:10:12:e9:0e:30:03:87:f6:73:
6c:1f:29:b6:21:5b:71:97:9f:fe:68:11:9b:1e:19:fa:6f:dc:
ab:8b:0c:eb:a1:2e:24:e1:f0:95:9b:db:d0:c1:87:47:cd:2e:
6c:e2:eb:4a:c1:fc:fa:83:9a:ab:24:2d:ef:b0:b1:c6:c3:89:
e5:43:4c:7e:33:03:8f:9b:f9:7c:37:f0:6a:3b:be:e6:8a:40:
28:db:5b:92:a0:d7:a3:d6:9e:d0:4f:e2:ec:eb:05:5b:10:ab:
6a:d7:2b:38:ad:27:73:98:20:7f:63:b8:98:a8:53:4f:85:86:
ce:9c:e6:92:c6:fb:96:58:44:20:d1:0c:02:10:07:db:02:01:
ea:36:ac:d4:ba:43:33:2e:ac:3b:66:7d:01:51:c6:95:f2:20:
95:1c:b8:e4:14:69:10:18:88:8f:58:dd:2e:06:5c:8b:e0:ee:
9f:e8:b9:3b:6c:36:55:36:15:e3:de:3c:23:45:48:1b:ac:c5:
8c:fd:fa:27:6f:a1:bf:3e:17:e7:ee:78:cb:4c:91:99:45:75:
20:9e:05:08:d8:40:ae:eb:5b:2d:1e:bb:2f:85:ba:c4:39:4f:
8a:ac:70:21:09:91:2b:47:d6:9f:b4:7e:ac:c6:6c:b3:4b:0f:
cb:33:4c:1d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUDb+Bx9J45myYzqDUP6FZxOX8WRIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzEyMTcwOTA1MzlaFw0yNDEyMTUwOTEwMzlaMDMxMTAvBgNV
BAMTKDBBQUVGNkI1MUUxMjE0RUE5MEE0REQ5NDhBQTc0RjA4ODAzODEyMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrr1D8pcgrjQsUh4UC0D0OIiun
LBLuTuLoemFQXkZjmrdRQ1T7QQ86PuiuUCBHLYdMMK3thj4UxOqRBi6wFcdJ1Urw
GlWJ3+enk2vOKTn3318d9GiWmGDNm+nk+K1ivvQ0ZDibLSN2ubPv1lUJJ5x9/G7b
K+w7v9TsXT/xrz+otI8h8SMYoURXbO+Bk/VDPHOJ5NKI4Sw0TffO5wN47B+E2Kbb
Oi61EZLziM2Ax9iEm5YWtnnym5QT939hfV2wTj0+A64d4brRAQgvKYzWmsgUSodJ
iM48vBAd+krq8USyzYot+2Ru0YKoCPTrTQYTEP+DE2NFIg3onlYQggJFtXddAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUCq72tR4SFOqQpN2UiqdPCIA4EikwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzNzMxMmUzMjMyMmUzNzM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNTMzMzYzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKsW
TzANBgkqhkiG9w0BAQsFAAOCAQEAnUbW5+nIF6qFEBLpDjADh/ZzbB8ptiFbcZef
/mgRmx4Z+m/cq4sM66EuJOHwlZvb0MGHR80ubOLrSsH8+oOaqyQt77CxxsOJ5UNM
fjMDj5v5fDfwaju+5opAKNtbkqDXo9ae0E/i7OsFWxCratcrOK0nc5ggf2O4mKhT
T4WGzpzmksb7llhEINEMAhAH2wIB6jas1LpDMy6sO2Z9AVHGlfIglRy45BRpEBiI
j1jdLgZci+Dun+i5O2w2VTYV4948I0VIG6zFjP36J2+hvz4X5+54y0yRmUV1IJ4F
CNhArutbLR67L4W6xDlPiqxwIQmRK0fWn7R+rMZss0sPyzNMHQ==
-----END CERTIFICATE-----
Generated at Fri May 3 22:27:46 2024 by rpki-client on console-ams.rpki-client.org