Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234392e302f32342d3234203d3e203631333137.roa
File: 322e35362e3234392e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: 2kdUMTkQAHBqHXXxTVz09YF0/R9m4xhjJJEmY6Yl9f4=
Subject key identifier: 30:CD:63:3C:F2:1A:8C:32:6C:C5:D4:86:06:02:92:F0:71:CD:57:0A
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 4BC3AA063D4BAEC4D6500C672DCCDECEA7CCFE1A
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234392e302f32342d3234203d3e203631333137.roa
Signing time: Wed 11 Oct 2023 12:45:25 +0000
ROA not before: Wed 11 Oct 2023 12:40:25 +0000
ROA not after: Wed 09 Oct 2024 12:45:25 +0000
asID: 61317
IP address blocks: 2.56.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:c3:aa:06:3d:4b:ae:c4:d6:50:0c:67:2d:cc:de:ce:a7:cc:fe:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Oct 11 12:40:25 2023 GMT
Not After : Oct 9 12:45:25 2024 GMT
Subject: CN=30CD633CF21A8C326CC5D486060292F071CD570A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e2:87:18:51:d2:b5:5c:40:44:cd:f7:63:af:
b0:4b:c3:a7:96:4c:98:76:42:57:1a:5f:7e:2a:83:
6a:b1:4c:6e:b1:8c:f3:04:fe:48:80:18:11:15:fd:
b7:a8:a2:19:83:a5:0f:d1:0e:64:93:b5:61:65:b3:
cd:cc:75:ce:50:37:13:7b:39:17:12:17:31:94:97:
ea:35:6b:25:ce:b0:dc:78:fe:4f:7b:fa:ba:5b:f1:
e7:4c:04:76:fe:c0:10:a6:4c:39:8a:70:91:6d:ba:
4a:05:a4:c1:85:dc:b5:20:6d:62:74:25:78:2d:be:
36:e0:97:20:63:a5:14:66:05:eb:f4:68:f6:2e:47:
68:7d:d8:d6:b6:31:ff:c5:41:f2:e4:d8:93:e2:bb:
74:fb:c2:0b:27:2b:34:70:57:2d:26:b1:bd:2f:ba:
18:60:11:56:12:bd:a7:d0:c0:26:9f:1e:ca:c9:d5:
39:17:e2:12:54:0b:16:2e:72:92:9b:44:8a:6e:dd:
e9:ac:97:e5:68:35:bd:b1:de:2b:98:6f:5a:bc:51:
52:48:2f:61:5c:b6:08:e4:0b:43:39:57:ec:7c:4b:
61:af:2b:3c:2c:5c:c9:b1:89:d0:ce:82:58:a5:a5:
33:c3:8e:ce:b9:1f:3c:84:c8:62:09:7b:4e:4d:aa:
c1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:CD:63:3C:F2:1A:8C:32:6C:C5:D4:86:06:02:92:F0:71:CD:57:0A
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234392e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.249.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:4a:56:08:8e:10:54:7c:88:1a:7e:7a:f9:17:77:d3:74:35:
60:f5:db:7f:9c:28:b5:83:8a:fb:88:2a:77:4b:96:03:dd:0a:
78:0b:00:af:27:6b:b0:fa:cf:7b:08:85:6f:82:ef:4b:89:b4:
f5:4e:2c:8f:6b:a5:53:a5:7e:a7:62:94:bc:77:e1:21:94:43:
f4:70:f3:6c:0a:f2:54:08:32:db:77:58:27:b3:6b:ab:e3:6b:
d5:81:a0:14:db:55:0d:61:f8:23:3a:70:8c:88:7a:5e:6f:73:
af:5a:4e:a7:87:8f:33:0b:00:de:86:b5:cb:a1:da:60:28:f8:
5b:0b:a7:57:45:ca:2a:2b:e3:ca:ad:22:04:ea:c0:cd:7b:bd:
c0:9a:77:1c:25:d2:af:52:1d:22:19:bc:e4:26:a5:49:c9:30:
2c:62:ff:b6:fd:68:63:c3:0b:0b:65:cd:28:2b:9d:90:49:d9:
30:d5:c2:13:aa:55:b9:62:dd:72:61:9a:ff:2b:1d:96:22:58:
03:64:2d:e8:fc:1e:6b:8c:c2:18:42:8f:70:37:3b:fa:15:b2:
00:fc:42:a4:3d:63:78:16:9e:cc:70:ae:b3:41:17:2e:f9:72:
ad:70:e2:50:bc:4a:8c:f0:8e:9b:ab:ff:82:10:23:44:18:e7:
b9:6b:35:bf
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUS8OqBj1LrsTWUAxnLczezqfM/howDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzEwMTExMjQwMjVaFw0yNDEwMDkxMjQ1MjVaMDMxMTAvBgNV
BAMTKDMwQ0Q2MzNDRjIxQThDMzI2Q0M1RDQ4NjA2MDI5MkYwNzFDRDU3MEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDd4ocYUdK1XEBEzfdjr7BLw6eW
TJh2QlcaX34qg2qxTG6xjPME/kiAGBEV/beoohmDpQ/RDmSTtWFls83Mdc5QNxN7
ORcSFzGUl+o1ayXOsNx4/k97+rpb8edMBHb+wBCmTDmKcJFtukoFpMGF3LUgbWJ0
JXgtvjbglyBjpRRmBev0aPYuR2h92Na2Mf/FQfLk2JPiu3T7wgsnKzRwVy0msb0v
uhhgEVYSvafQwCafHsrJ1TkX4hJUCxYucpKbRIpu3emsl+VoNb2x3iuYb1q8UVJI
L2FctgjkC0M5V+x8S2GvKzwsXMmxidDOglilpTPDjs65HzyEyGIJe05NqsGdAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUMM1jPPIajDJsxdSGBgKS8HHNVwowHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzYyZTMyMzQzOTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOPkw
DQYJKoZIhvcNAQELBQADggEBAH5KVgiOEFR8iBp+evkXd9N0NWD123+cKLWDivuI
KndLlgPdCngLAK8na7D6z3sIhW+C70uJtPVOLI9rpVOlfqdilLx34SGUQ/Rw82wK
8lQIMtt3WCeza6vja9WBoBTbVQ1h+CM6cIyIel5vc69aTqeHjzMLAN6Gtcuh2mAo
+FsLp1dFyior48qtIgTqwM17vcCadxwl0q9SHSIZvOQmpUnJMCxi/7b9aGPDCwtl
zSgrnZBJ2TDVwhOqVbli3XJhmv8rHZYiWANkLej8HmuMwhhCj3A3O/oVsgD8QqQ9
Y3gWnsxwrrNBFy75cq1w4lC8Sozwjpur/4IQI0QY57lrNb8=
-----END CERTIFICATE-----
Generated at Tue May 7 18:26:50 2024 by rpki-client on console-ams.rpki-client.org