Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33372e3233392e302f32342d3234203d3e20323036353035.roa
File: 3139332e33372e3233392e302f32342d3234203d3e20323036353035.roa (raw, json)
Hash identifier: WG3t++jegAt6pDpix3OaV0lvGPHymGV+h8eeR5Xd2ws=
Subject key identifier: C4:AE:5D:06:A9:A8:59:0C:07:A0:99:F2:F0:F5:7D:CB:47:70:72:80
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 0A0A8C4F05D453B28BFF876BBB7FF59BA5994175
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33372e3233392e302f32342d3234203d3e20323036353035.roa
Signing time: Sat 08 Jul 2023 08:51:20 +0000
ROA not before: Sat 08 Jul 2023 08:46:20 +0000
ROA not after: Sat 06 Jul 2024 08:51:20 +0000
asID: 206505
IP address blocks: 193.37.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 16:37:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:0a:8c:4f:05:d4:53:b2:8b:ff:87:6b:bb:7f:f5:9b:a5:99:41:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jul 8 08:46:20 2023 GMT
Not After : Jul 6 08:51:20 2024 GMT
Subject: CN=C4AE5D06A9A8590C07A099F2F0F57DCB47707280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7e:58:c2:9a:78:bd:04:58:d4:70:82:b4:81:
43:12:b6:46:b2:ac:fc:be:f9:db:61:b1:ed:62:c0:
29:f9:26:39:86:4c:a9:06:86:72:0d:5a:01:64:b6:
da:55:85:e9:64:cb:50:29:76:0a:ad:13:e6:01:bf:
1c:b0:6c:b9:68:43:ee:f5:07:34:e3:73:7a:e8:33:
8c:40:fb:7a:8e:8d:33:02:ff:09:08:ad:81:38:90:
5f:22:77:f9:b4:10:26:0b:de:70:cb:a9:d1:54:a4:
58:fa:c8:fc:83:43:b2:54:4f:43:65:ec:c4:a7:4c:
b9:f6:3a:02:fa:72:ba:8f:64:9f:3f:be:fb:10:e8:
3c:9b:9c:0e:d6:b8:eb:35:5d:47:62:66:2c:50:c4:
31:7e:0d:12:16:bb:21:2c:48:c5:ee:77:f1:00:5d:
eb:78:fd:3a:c6:ca:96:b9:64:b6:99:a2:5f:c8:bc:
f2:53:89:b6:20:dd:92:35:89:96:e7:f9:b4:ba:4c:
81:0e:9f:5a:5b:33:a3:96:65:5d:ad:03:69:9c:bc:
d0:ab:fa:d7:fa:01:4b:02:bf:83:53:73:1f:62:0f:
8b:05:06:c4:73:23:a2:fa:77:72:55:32:b3:d2:a0:
93:ce:ce:41:50:05:c9:4a:a6:e8:ef:0d:c0:4a:18:
1d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:AE:5D:06:A9:A8:59:0C:07:A0:99:F2:F0:F5:7D:CB:47:70:72:80
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33372e3233392e302f32342d3234203d3e20323036353035.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.239.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:7e:45:e9:1b:28:fb:a3:89:34:57:9a:b2:b8:34:5a:41:de:
ec:92:94:ef:be:9e:7b:eb:a5:c6:68:26:aa:87:69:e9:b3:96:
62:d6:c9:1c:ab:8d:6a:bb:a1:1b:1a:f0:9b:bf:97:02:57:e3:
c0:ac:20:36:ef:61:5e:8e:aa:82:f7:67:d0:4d:1b:03:b6:75:
4d:86:93:df:f5:b9:e3:ea:f5:5f:13:11:1e:77:21:44:8b:43:
c7:e4:e4:25:d9:0a:a6:24:9c:6b:8c:0b:9a:66:49:a1:b1:89:
27:51:98:e2:3f:79:57:fe:91:3c:19:5c:05:8e:9f:5a:62:76:
89:44:ca:36:69:0f:6c:cf:4f:66:cb:8e:d7:14:36:74:2e:10:
a8:96:43:c2:23:4f:9b:ab:bc:de:25:7b:b8:8f:33:48:55:6f:
b5:3e:81:6a:f1:68:bb:ce:a4:9d:4d:e0:13:3d:de:d9:cc:ea:
59:ae:43:82:8e:94:d5:20:1d:2f:23:1a:3f:0a:cc:a7:74:7b:
36:04:b2:79:07:08:21:fb:9e:b5:48:bc:8f:34:c9:95:21:ee:
dd:5c:ae:42:10:fa:bb:39:ed:a7:8a:55:7a:ce:82:9a:c9:a3:
ec:0c:e7:63:09:e5:bc:44:12:9a:b5:f2:52:ac:1b:f0:b1:4e:
da:9c:37:42
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCgqMTwXUU7KL/4dru3/1m6WZQXUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzA3MDgwODQ2MjBaFw0yNDA3MDYwODUxMjBaMDMxMTAvBgNV
BAMTKEM0QUU1RDA2QTlBODU5MEMwN0EwOTlGMkYwRjU3RENCNDc3MDcyODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtfljCmni9BFjUcIK0gUMStkay
rPy++dthse1iwCn5JjmGTKkGhnINWgFkttpVhelky1ApdgqtE+YBvxywbLloQ+71
BzTjc3roM4xA+3qOjTMC/wkIrYE4kF8id/m0ECYL3nDLqdFUpFj6yPyDQ7JUT0Nl
7MSnTLn2OgL6crqPZJ8/vvsQ6DybnA7WuOs1XUdiZixQxDF+DRIWuyEsSMXud/EA
Xet4/TrGypa5ZLaZol/IvPJTibYg3ZI1iZbn+bS6TIEOn1pbM6OWZV2tA2mcvNCr
+tf6AUsCv4NTcx9iD4sFBsRzI6L6d3JVMrPSoJPOzkFQBclKpujvDcBKGB2fAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUxK5dBqmoWQwHoJny8PV9y0dwcoAwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzOTMzMmUzMzM3MmUzMjMz
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzNTMwMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBJe8wDQYJKoZIhvcNAQELBQADggEBAAp+RekbKPujiTRXmrK4NFpB3uySlO++
nnvrpcZoJqqHaemzlmLWyRyrjWq7oRsa8Ju/lwJX48CsIDbvYV6OqoL3Z9BNGwO2
dU2Gk9/1uePq9V8TER53IUSLQ8fk5CXZCqYknGuMC5pmSaGxiSdRmOI/eVf+kTwZ
XAWOn1pidolEyjZpD2zPT2bLjtcUNnQuEKiWQ8IjT5urvN4le7iPM0hVb7U+gWrx
aLvOpJ1N4BM93tnM6lmuQ4KOlNUgHS8jGj8KzKd0ezYEsnkHCCH7nrVIvI80yZUh
7t1crkIQ+rs57aeKVXrOgprJo+wM52MJ5bxEEpq18lKsG/CxTtqcN0I=
-----END CERTIFICATE-----
Generated at Sat May 11 20:11:50 2024 by rpki-client on console-fra.rpki-client.org