Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35392e302f32342d3234203d3e20323132333834.roa
File: 322e35392e35392e302f32342d3234203d3e20323132333834.roa (raw, json)
Hash identifier: hFNV2u8vSuxLPHP6ZDkBWgSgNcttosr9ua0TW5CpNEs=
Subject key identifier: 9B:47:5B:33:BF:C8:29:9F:42:14:C8:B6:71:2A:01:45:8E:AD:1A:21
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 1574A22D21F598FE06496F9DC48E0583AFA7B3D4
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35392e302f32342d3234203d3e20323132333834.roa
Signing time: Wed 11 Oct 2023 12:21:16 +0000
ROA not before: Wed 11 Oct 2023 12:16:16 +0000
ROA not after: Wed 09 Oct 2024 12:21:16 +0000
asID: 212384
IP address blocks: 2.59.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 16:37:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:74:a2:2d:21:f5:98:fe:06:49:6f:9d:c4:8e:05:83:af:a7:b3:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Oct 11 12:16:16 2023 GMT
Not After : Oct 9 12:21:16 2024 GMT
Subject: CN=9B475B33BFC8299F4214C8B6712A01458EAD1A21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:23:be:7b:09:95:86:e6:07:21:54:56:97:6c:
b8:21:65:65:92:cc:fe:e3:5c:47:64:a4:3e:33:aa:
f1:65:5f:be:9e:7e:d4:ad:8c:3b:43:fe:50:ac:b0:
35:be:4f:74:f6:1c:d3:d3:e5:d1:ef:cc:0e:1f:22:
cd:d7:ea:54:b4:74:f1:f1:21:7b:40:47:cf:82:cc:
03:c8:77:f9:67:7d:84:e9:78:c4:65:9a:2b:79:a2:
a0:97:01:56:61:ef:48:f3:d5:ec:01:a0:49:6f:74:
38:66:b4:f6:34:59:b0:c7:38:f3:b5:96:a0:62:4f:
ba:14:47:2e:d8:dc:aa:01:51:cf:37:b6:a8:bb:92:
bb:a7:ba:5f:e4:b1:93:2d:63:a7:b4:e3:67:c9:f1:
d6:ee:da:db:f8:a7:44:ff:cc:a2:d8:40:52:55:e2:
cd:3c:c4:11:49:9c:85:18:54:2a:45:eb:80:4b:a1:
e8:ba:43:05:2a:cb:8f:7c:a7:59:95:39:e7:1d:e8:
5a:6e:d5:72:0d:1d:1f:8a:03:93:19:66:ce:20:72:
b8:75:ff:d4:02:cc:2c:ce:fd:d0:88:2c:f2:03:54:
9b:44:37:76:9a:ab:33:1a:55:dd:1b:cc:68:4f:5a:
0e:dc:ad:1d:3d:b2:61:c7:69:6f:28:d2:90:08:0f:
9a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:47:5B:33:BF:C8:29:9F:42:14:C8:B6:71:2A:01:45:8E:AD:1A:21
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35392e302f32342d3234203d3e20323132333834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.59.0/24
Signature Algorithm: sha256WithRSAEncryption
66:17:26:2a:c2:fd:c0:a4:03:11:4f:de:5e:b6:a4:25:1a:39:
6e:90:1f:95:a7:ba:2b:98:ff:5f:00:8d:16:9b:b0:65:b1:14:
b0:6b:ce:15:84:44:f6:07:6b:eb:9e:da:79:11:82:73:a1:d8:
6f:49:40:c9:0d:11:e4:56:51:d0:ce:f4:d6:87:85:97:48:3b:
82:65:a7:91:aa:40:65:1e:38:37:2c:6c:f8:fa:e3:39:56:d6:
41:ca:b0:d3:d7:11:88:d0:6f:03:7e:7d:e7:2c:79:10:6e:c7:
e4:40:94:16:43:75:1d:f3:a4:1b:af:23:e0:86:3a:00:42:13:
c3:21:2e:af:65:27:01:d5:b5:ba:93:19:bd:6a:fd:f7:d3:16:
53:79:3d:da:c3:76:47:78:f6:39:74:f3:b3:03:1a:44:ee:62:
6c:2a:86:01:e2:20:ad:91:e3:34:16:ad:f1:2c:0f:90:8b:03:
a4:e1:b8:4a:aa:0d:e6:b8:33:4f:d8:fb:b9:8c:10:62:f3:33:
3b:99:22:fd:4d:fd:00:f1:48:7b:36:83:c6:35:f2:94:67:4e:
43:24:60:db:24:45:cb:e8:70:3e:86:90:86:d5:5e:e0:84:31:
08:17:c5:9b:07:ac:b7:5d:f5:7c:86:ac:48:21:a8:da:4b:7d:
34:31:66:97
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUFXSiLSH1mP4GSW+dxI4Fg6+ns9QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzEwMTExMjE2MTZaFw0yNDEwMDkxMjIxMTZaMDMxMTAvBgNV
BAMTKDlCNDc1QjMzQkZDODI5OUY0MjE0QzhCNjcxMkEwMTQ1OEVBRDFBMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkI757CZWG5gchVFaXbLghZWWS
zP7jXEdkpD4zqvFlX76eftStjDtD/lCssDW+T3T2HNPT5dHvzA4fIs3X6lS0dPHx
IXtAR8+CzAPId/lnfYTpeMRlmit5oqCXAVZh70jz1ewBoElvdDhmtPY0WbDHOPO1
lqBiT7oURy7Y3KoBUc83tqi7krunul/ksZMtY6e042fJ8dbu2tv4p0T/zKLYQFJV
4s08xBFJnIUYVCpF64BLoei6QwUqy498p1mVOecd6Fpu1XINHR+KA5MZZs4gcrh1
/9QCzCzO/dCILPIDVJtEN3aaqzMaVd0bzGhPWg7crR09smHHaW8o0pAID5olAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUm0dbM7/IKZ9CFMi2cSoBRY6tGiEwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzkyZTM1MzkyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMzM4MzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOzsw
DQYJKoZIhvcNAQELBQADggEBAGYXJirC/cCkAxFP3l62pCUaOW6QH5WnuiuY/18A
jRabsGWxFLBrzhWERPYHa+ue2nkRgnOh2G9JQMkNEeRWUdDO9NaHhZdIO4Jlp5Gq
QGUeODcsbPj64zlW1kHKsNPXEYjQbwN+fecseRBux+RAlBZDdR3zpBuvI+CGOgBC
E8MhLq9lJwHVtbqTGb1q/ffTFlN5PdrDdkd49jl087MDGkTuYmwqhgHiIK2R4zQW
rfEsD5CLA6ThuEqqDea4M0/Y+7mMEGLzMzuZIv1N/QDxSHs2g8Y18pRnTkMkYNsk
RcvocD6GkIbVXuCEMQgXxZsHrLdd9XyGrEghqNpLfTQxZpc=
-----END CERTIFICATE-----
Generated at Sat May 11 20:11:50 2024 by rpki-client on console-fra.rpki-client.org