Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3231322e32332e3231392e302f32342d3234203d3e203632313630.roa
File: 3231322e32332e3231392e302f32342d3234203d3e203632313630.roa (raw, json)
Hash identifier: q+9+pcg2NRcNEnEgmTcqORtmsvY4C/ocHkf6ZEM2iqA=
Subject key identifier: 4D:C7:C2:C5:2F:70:15:05:6A:CE:23:E5:14:DB:A2:00:BC:C1:B7:8A
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 1C9257C6B7D026DE06E6274829D3749CC6F46D40
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3231322e32332e3231392e302f32342d3234203d3e203632313630.roa
Signing time: Mon 16 Sep 2024 06:13:31 +0000
ROA not before: Mon 16 Sep 2024 06:08:31 +0000
ROA not after: Mon 15 Sep 2025 06:13:31 +0000
asID: 62160
IP address blocks: 212.23.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:92:57:c6:b7:d0:26:de:06:e6:27:48:29:d3:74:9c:c6:f4:6d:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Sep 16 06:08:31 2024 GMT
Not After : Sep 15 06:13:31 2025 GMT
Subject: CN=4DC7C2C52F7015056ACE23E514DBA200BCC1B78A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:19:78:df:79:cc:cb:2f:48:59:5c:21:12:5a:
09:2c:b7:d8:cc:38:f5:01:b6:c9:9e:49:d1:fd:69:
4a:00:9e:a8:49:af:1a:b8:55:cc:55:95:59:10:a5:
a1:44:23:ba:83:89:be:60:5b:87:62:44:44:11:62:
66:6d:b3:a4:0b:22:d2:e1:bf:39:ef:c1:44:81:75:
03:6c:82:ba:d9:9c:95:ca:3a:cf:d8:73:3d:16:af:
aa:cd:fb:14:b7:82:90:32:dc:58:95:51:66:b7:7e:
78:37:f3:b6:79:50:4a:4e:c2:a8:1f:fb:a1:ea:25:
40:00:9d:94:61:df:a6:8d:8b:91:a2:92:78:2c:dd:
a5:6a:95:72:ff:8a:8c:66:67:f5:0d:25:ae:83:25:
94:15:e1:d9:cf:55:26:d8:05:5c:0e:57:b5:ef:97:
1f:d3:89:20:69:1b:54:32:70:a5:f3:6c:94:e1:ed:
d6:7b:c4:9a:b2:f6:7e:0c:c9:1c:bd:d2:05:ae:64:
88:85:38:86:3b:2c:15:c8:9e:3c:a4:05:96:09:39:
3d:62:9e:67:91:42:e8:12:20:e3:ef:ff:ae:54:f8:
9b:15:ba:b0:f3:9e:d9:36:0b:e7:d3:98:82:f9:50:
b5:b6:d9:23:6b:bd:5b:66:d0:e0:c1:b7:83:c2:12:
07:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C7:C2:C5:2F:70:15:05:6A:CE:23:E5:14:DB:A2:00:BC:C1:B7:8A
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3231322e32332e3231392e302f32342d3234203d3e203632313630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.219.0/24
Signature Algorithm: sha256WithRSAEncryption
94:d2:5e:f3:54:ea:f4:19:14:72:e7:49:18:a2:11:be:56:fc:
7e:49:92:db:5d:09:9d:fc:7d:dd:24:f8:0c:0e:33:b0:51:60:
da:80:59:29:1a:d5:a8:af:42:52:5f:f9:e2:f0:54:17:0d:a4:
6d:d1:3a:45:f2:67:ea:48:02:97:87:9b:84:ff:10:14:44:6d:
9b:35:57:66:70:34:e8:cb:f7:91:1f:a3:29:ef:b4:19:e3:ef:
ee:49:1b:a8:de:59:eb:8c:a0:08:f9:ac:70:01:2e:9b:37:66:
ef:b9:51:29:ee:39:cd:4d:ec:4c:1d:a3:1b:12:e9:87:d1:8d:
d5:4d:de:fe:68:d4:d2:a5:1b:3e:b1:9e:5a:6f:5d:7f:a7:9e:
9c:5a:70:51:b0:f0:55:50:13:54:73:1f:83:72:5d:98:0b:1d:
5d:7e:24:97:db:9c:25:ad:fa:95:ae:4a:03:72:a3:2f:61:35:
04:7e:ee:ee:fa:ff:bc:c9:0c:22:c9:8c:36:ae:50:c5:78:f8:
04:63:77:77:3e:fa:49:d4:31:1e:57:49:6d:7d:c9:12:95:f0:
74:9c:0b:ec:e7:b7:0a:6c:e3:09:70:f0:52:8d:4d:89:f8:a3:
19:fa:5f:74:f5:20:e9:65:30:1d:f4:72:25:b9:e0:ce:74:1a:
fc:19:af:f8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHJJXxrfQJt4G5idIKdN0nMb0bUAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA5MTYwNjA4MzFaFw0yNTA5MTUwNjEzMzFaMDMxMTAvBgNV
BAMTKDREQzdDMkM1MkY3MDE1MDU2QUNFMjNFNTE0REJBMjAwQkNDMUI3OEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrGXjfeczLL0hZXCESWgkst9jM
OPUBtsmeSdH9aUoAnqhJrxq4VcxVlVkQpaFEI7qDib5gW4diREQRYmZts6QLItLh
vznvwUSBdQNsgrrZnJXKOs/Ycz0Wr6rN+xS3gpAy3FiVUWa3fng387Z5UEpOwqgf
+6HqJUAAnZRh36aNi5Gikngs3aVqlXL/ioxmZ/UNJa6DJZQV4dnPVSbYBVwOV7Xv
lx/TiSBpG1QycKXzbJTh7dZ7xJqy9n4MyRy90gWuZIiFOIY7LBXInjykBZYJOT1i
nmeRQugSIOPv/65U+JsVurDzntk2C+fTmIL5ULW22SNrvVtm0ODBt4PCEgepAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUTcfCxS9wFQVqziPlFNuiALzBt4owHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIzMTMyMmUzMjMzMmUzMjMx
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMyMzEzNjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1BfbMA0GCSqGSIb3DQEBCwUAA4IBAQCU0l7zVOr0GRRy50kYohG+Vvx+SZLbXQmd
/H3dJPgMDjOwUWDagFkpGtWor0JSX/ni8FQXDaRt0TpF8mfqSAKXh5uE/xAURG2b
NVdmcDToy/eRH6Mp77QZ4+/uSRuo3lnrjKAI+axwAS6bN2bvuVEp7jnNTexMHaMb
EumH0Y3VTd7+aNTSpRs+sZ5ab11/p56cWnBRsPBVUBNUcx+Dcl2YCx1dfiSX25wl
rfqVrkoDcqMvYTUEfu7u+v+8yQwiyYw2rlDFePgEY3d3PvpJ1DEeV0ltfckSlfB0
nAvs57cKbOMJcPBSjU2J+KMZ+l909SDpZTAd9HIlueDOdBr8Ga/4
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:01 2024 by rpki-client on console-fra.rpki-client.org