Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35382e302f32342d3234203d3e203538303631.roa
File: 322e35392e35382e302f32342d3234203d3e203538303631.roa (raw, json)
Hash identifier: spi/l9lBrYroqqx1PpOBbuZlQW3vy+5G+Urcx7tqAsk=
Subject key identifier: DE:2F:7E:05:47:9D:ED:7E:67:D0:64:18:9B:01:B5:0F:61:F6:C9:D7
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 7300FFEC5A81768CF91A4988B4B4B2C1D049B3F9
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35382e302f32342d3234203d3e203538303631.roa
Signing time: Sat 10 Feb 2024 12:15:31 +0000
ROA not before: Sat 10 Feb 2024 12:10:31 +0000
ROA not after: Sat 08 Feb 2025 12:15:31 +0000
asID: 58061
IP address blocks: 2.59.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:00:ff:ec:5a:81:76:8c:f9:1a:49:88:b4:b4:b2:c1:d0:49:b3:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 10 12:10:31 2024 GMT
Not After : Feb 8 12:15:31 2025 GMT
Subject: CN=DE2F7E05479DED7E67D064189B01B50F61F6C9D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b0:96:7e:13:bc:7d:ad:c4:9e:4e:c2:17:16:
fb:6a:41:47:9d:c2:a5:62:ef:1c:68:c9:4b:68:ea:
f0:6e:18:75:9c:dc:a3:eb:0c:39:63:68:75:d0:69:
fc:77:be:ba:5c:27:a3:df:19:aa:db:8c:50:d9:3c:
8a:ff:6b:fc:73:da:0d:80:d1:5a:14:9e:96:1f:d2:
73:32:63:fd:db:6b:f0:13:90:d4:7e:3e:e1:51:ff:
61:e1:c1:1b:0d:1e:f3:d8:d6:c4:66:1a:a2:e3:79:
2a:8c:be:17:c2:dc:40:04:de:4f:9e:79:54:c7:74:
92:2d:b4:3e:be:e7:22:be:41:32:0c:7a:5b:a8:40:
97:8c:2e:0a:4c:93:98:ab:2e:c4:e5:8d:9d:06:af:
5d:fc:e8:c3:9c:f5:5a:6e:d7:de:5f:48:07:8e:d4:
c2:62:86:83:28:ec:1e:c1:6d:7d:ba:5c:9f:2b:16:
00:6e:80:76:05:d6:33:cb:c2:ed:15:44:ab:5f:07:
93:30:8b:2f:99:98:f9:b9:e9:67:41:05:6d:06:4d:
11:32:e9:09:7c:f5:c9:39:89:17:16:a0:3e:12:45:
d6:cd:96:5b:d0:f4:21:bd:69:db:88:d4:92:11:53:
d6:d1:f8:3e:b9:2b:34:7d:d5:38:ee:86:80:26:37:
b0:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:2F:7E:05:47:9D:ED:7E:67:D0:64:18:9B:01:B5:0F:61:F6:C9:D7
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35382e302f32342d3234203d3e203538303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.58.0/24
Signature Algorithm: sha256WithRSAEncryption
14:e9:83:20:7d:05:33:e3:42:6b:31:e3:51:1e:2c:9e:e9:85:
7f:99:d7:64:45:b7:b1:07:f6:6c:17:5e:a2:a7:3e:9b:1d:98:
75:62:a7:7b:4f:c9:2e:4b:eb:1c:b5:1d:d6:97:ab:ee:5b:84:
3f:d3:a5:98:c6:b5:e8:11:8e:ff:eb:f0:8e:b0:6c:e5:15:b0:
4a:70:13:c7:95:4d:d5:de:86:48:11:5f:17:13:14:3e:67:fd:
c1:79:5d:ed:25:15:cd:d7:46:4b:4e:17:f4:a6:31:1c:d7:f5:
89:76:51:9c:39:50:b9:10:91:9b:45:34:e8:f4:bd:ab:f7:cf:
b8:f6:73:13:86:ff:0e:cf:7f:49:28:c3:b4:67:07:e7:9c:ec:
b4:4a:5b:4e:1e:56:ca:2b:ec:ce:8e:a9:ca:ad:d8:ed:eb:37:
8c:9c:a7:87:46:fe:16:9b:10:bb:f7:14:a3:5f:47:7b:9a:2d:
13:07:0a:12:d6:57:a1:97:31:0c:48:69:2d:14:8b:c2:f4:73:
1a:46:52:a4:d8:69:ee:a0:10:0f:c7:7b:6b:36:06:24:23:1f:
60:c1:88:fb:57:8c:01:3d:ba:95:42:e8:65:6a:e6:65:ae:8b:
a0:6d:e1:92:72:d1:60:e7:dd:34:cf:d6:7c:40:ff:17:0d:30:
98:15:7e:70
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUcwD/7FqBdoz5GkmItLSywdBJs/kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDAyMTAxMjEwMzFaFw0yNTAyMDgxMjE1MzFaMDMxMTAvBgNV
BAMTKERFMkY3RTA1NDc5REVEN0U2N0QwNjQxODlCMDFCNTBGNjFGNkM5RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUsJZ+E7x9rcSeTsIXFvtqQUed
wqVi7xxoyUto6vBuGHWc3KPrDDljaHXQafx3vrpcJ6PfGarbjFDZPIr/a/xz2g2A
0VoUnpYf0nMyY/3ba/ATkNR+PuFR/2HhwRsNHvPY1sRmGqLjeSqMvhfC3EAE3k+e
eVTHdJIttD6+5yK+QTIMeluoQJeMLgpMk5irLsTljZ0Gr1386MOc9Vpu195fSAeO
1MJihoMo7B7BbX26XJ8rFgBugHYF1jPLwu0VRKtfB5Mwiy+ZmPm56WdBBW0GTREy
6Ql89ck5iRcWoD4SRdbNllvQ9CG9aduI1JIRU9bR+D65KzR91TjuhoAmN7DbAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU3i9+BUed7X5n0GQYmwG1D2H2ydcwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzkyZTM1MzgyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM4MzAzNjMxLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjs6MA0G
CSqGSIb3DQEBCwUAA4IBAQAU6YMgfQUz40JrMeNRHiye6YV/mddkRbexB/ZsF16i
pz6bHZh1Yqd7T8kuS+sctR3Wl6vuW4Q/06WYxrXoEY7/6/COsGzlFbBKcBPHlU3V
3oZIEV8XExQ+Z/3BeV3tJRXN10ZLThf0pjEc1/WJdlGcOVC5EJGbRTTo9L2r98+4
9nMThv8Oz39JKMO0ZwfnnOy0SltOHlbKK+zOjqnKrdjt6zeMnKeHRv4WmxC79xSj
X0d7mi0TBwoS1lehlzEMSGktFIvC9HMaRlKk2GnuoBAPx3trNgYkIx9gwYj7V4wB
PbqVQuhlauZlrougbeGSctFg5900z9Z8QP8XDTCYFX5w
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:43 2024 by rpki-client on console-ams.rpki-client.org