Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32342d3234203d3e20323134343636.roa
File: 322e35362e3234382e302f32342d3234203d3e20323134343636.roa (raw, json)
Hash identifier: gm86+Ogg9RfZ683gjbyZQ2iuCs3FyvKUQyHXAN7IGjo=
Subject key identifier: EA:24:71:18:72:C4:59:4D:53:01:71:CA:04:99:9B:F8:1E:14:1C:FE
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 14EC0878783FC1CA21B1FB315DD42543668DB395
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32342d3234203d3e20323134343636.roa
Signing time: Thu 17 Oct 2024 17:04:00 +0000
ROA not before: Thu 17 Oct 2024 16:59:00 +0000
ROA not after: Thu 16 Oct 2025 17:04:00 +0000
asID: 214466
IP address blocks: 2.56.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:ec:08:78:78:3f:c1:ca:21:b1:fb:31:5d:d4:25:43:66:8d:b3:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Oct 17 16:59:00 2024 GMT
Not After : Oct 16 17:04:00 2025 GMT
Subject: CN=EA24711872C4594D530171CA04999BF81E141CFE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:24:d9:ed:b5:80:99:94:30:1a:62:8a:d3:dc:
44:6d:c8:b0:d0:b8:08:ed:1b:47:6d:de:88:f3:86:
17:85:45:70:e9:81:05:7d:07:1f:a2:42:72:ce:76:
f3:93:5b:28:c2:1f:4f:91:1c:03:20:89:1a:95:8b:
14:dd:f3:e8:04:b0:b4:7b:bf:ad:40:61:ac:08:df:
30:cd:52:5b:d6:7a:09:fc:52:6b:58:67:88:39:9c:
ec:03:b2:45:4e:d7:cb:8b:a7:fc:56:e1:24:92:8d:
2a:20:e8:7b:92:9d:94:98:64:ff:36:75:19:5c:bc:
fd:36:15:d0:d6:60:fc:54:79:1b:ec:87:0e:e4:12:
5d:94:12:7a:e5:fd:43:68:0a:d7:eb:08:5c:97:e4:
4d:d1:ac:93:ee:a6:c9:01:3d:cd:22:56:fe:e1:48:
63:66:6d:5b:96:b9:66:25:78:60:52:58:59:37:cf:
df:fe:30:df:41:2b:31:a2:c4:2e:94:0f:c8:b6:6e:
04:9f:cf:da:2b:60:0c:15:5a:63:b2:8a:ee:5f:3f:
7c:c0:5f:df:eb:10:fa:d2:36:d4:be:d2:48:1b:2f:
28:c8:10:4b:f3:d5:fe:3a:50:cd:07:06:b3:96:44:
c1:9b:73:83:95:d8:8e:35:ea:6c:23:d9:07:a8:3a:
55:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:24:71:18:72:C4:59:4D:53:01:71:CA:04:99:9B:F8:1E:14:1C:FE
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32342d3234203d3e20323134343636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.248.0/24
Signature Algorithm: sha256WithRSAEncryption
75:e5:c1:27:f1:88:34:9e:14:87:0e:23:f1:fb:78:cc:53:6f:
85:b1:b4:74:00:19:59:ae:ad:cc:48:68:5e:c7:f3:c9:62:53:
bd:fd:08:9a:8f:d1:54:d8:5c:44:5c:0e:c5:9e:e6:f6:b9:fd:
45:1e:9b:ce:e0:4e:89:cf:97:e4:db:bf:e0:00:46:88:68:a1:
82:b6:27:d3:07:af:cb:72:63:ce:f6:41:33:e8:e7:1c:34:95:
d7:55:5b:7d:87:45:0b:87:a3:3c:14:98:01:0f:2b:23:8a:0b:
7b:39:09:ea:60:07:70:b4:f9:a2:55:7a:51:43:dd:25:8d:bd:
df:5b:10:38:e0:d8:5d:e9:14:65:df:e5:97:96:1f:ff:9e:3e:
dd:86:92:d5:5a:0e:1f:03:a7:27:3a:8e:1f:67:df:18:26:f7:
41:c0:84:91:51:12:ee:bd:b7:ce:8b:75:05:9c:b7:5a:c4:5d:
37:fa:bb:fb:e8:fa:15:ef:58:72:a8:e2:fd:97:ac:06:27:2d:
37:0f:e1:a4:d3:b9:2a:ee:e7:4a:e1:fe:29:42:81:f9:85:cd:
53:83:44:cd:fb:18:0f:42:85:eb:f9:84:00:3b:9a:0a:2a:7e:
b0:3a:14:01:cd:67:53:4a:fc:93:1d:1f:c5:56:ba:d5:1c:c5:
df:5f:8e:a6
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUFOwIeHg/wcohsfsxXdQlQ2aNs5UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDEwMTcxNjU5MDBaFw0yNTEwMTYxNzA0MDBaMDMxMTAvBgNV
BAMTKEVBMjQ3MTE4NzJDNDU5NEQ1MzAxNzFDQTA0OTk5QkY4MUUxNDFDRkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHJNnttYCZlDAaYorT3ERtyLDQ
uAjtG0dt3ojzhheFRXDpgQV9Bx+iQnLOdvOTWyjCH0+RHAMgiRqVixTd8+gEsLR7
v61AYawI3zDNUlvWegn8UmtYZ4g5nOwDskVO18uLp/xW4SSSjSog6HuSnZSYZP82
dRlcvP02FdDWYPxUeRvshw7kEl2UEnrl/UNoCtfrCFyX5E3RrJPupskBPc0iVv7h
SGNmbVuWuWYleGBSWFk3z9/+MN9BKzGixC6UD8i2bgSfz9orYAwVWmOyiu5fP3zA
X9/rEPrSNtS+0kgbLyjIEEvz1f46UM0HBrOWRMGbc4OV2I416mwj2QeoOlWhAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU6iRxGHLEWU1TAXHKBJmb+B4UHP4wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzYyZTMyMzQzODJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNDM0MzYzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAI4
+DANBgkqhkiG9w0BAQsFAAOCAQEAdeXBJ/GINJ4Uhw4j8ft4zFNvhbG0dAAZWa6t
zEhoXsfzyWJTvf0Imo/RVNhcRFwOxZ7m9rn9RR6bzuBOic+X5Nu/4ABGiGihgrYn
0wevy3JjzvZBM+jnHDSV11VbfYdFC4ejPBSYAQ8rI4oLezkJ6mAHcLT5olV6UUPd
JY2931sQOODYXekUZd/ll5Yf/54+3YaS1VoOHwOnJzqOH2ffGCb3QcCEkVES7r23
zot1BZy3WsRdN/q7++j6Fe9Ycqji/ZesBictNw/hpNO5Ku7nSuH+KUKB+YXNU4NE
zfsYD0KF6/mEADuaCip+sDoUAc1nU0r8kx0fxVa61RzF31+Opg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:01 2024 by rpki-client on console-fra.rpki-client.org