Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38322e302f32342d3234203d3e203633303233.roa
File: 34352e31322e38322e302f32342d3234203d3e203633303233.roa (raw, json)
Hash identifier: rfpUEjrQoadvsQKXyjB6WQCVYRzcDjJ2npqXG1IRs6k=
Subject key identifier: 59:F9:55:29:19:77:AE:4E:F2:A3:B2:1B:C4:91:1E:D5:E8:65:76:29
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 37592630831376EBFD7CC79D83371C70EAFF2C82
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38322e302f32342d3234203d3e203633303233.roa
Signing time: Wed 21 Feb 2024 19:05:13 +0000
ROA not before: Wed 21 Feb 2024 19:00:13 +0000
ROA not after: Wed 19 Feb 2025 19:05:13 +0000
asID: 63023
IP address blocks: 45.12.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Dec 2024 08:34:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:59:26:30:83:13:76:eb:fd:7c:c7:9d:83:37:1c:70:ea:ff:2c:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 21 19:00:13 2024 GMT
Not After : Feb 19 19:05:13 2025 GMT
Subject: CN=59F955291977AE4EF2A3B21BC4911ED5E8657629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e7:76:5d:54:a1:7c:20:fc:b5:d5:3f:59:9f:
72:6c:f1:c3:50:5d:4f:e5:81:24:26:40:a1:4d:9f:
f7:1e:dd:03:8b:b4:f8:ea:79:d5:c6:7b:80:7d:8d:
2d:ea:b2:14:9c:06:d3:60:c0:28:ca:5f:e0:3e:05:
7a:35:7f:8e:04:43:ab:1f:b1:8e:bc:e9:df:4b:0b:
be:aa:2b:b0:d9:1e:6f:d8:25:f3:5f:0f:ec:6e:19:
ae:2a:e3:26:54:00:e9:a8:d1:6c:2d:34:73:21:60:
01:2b:9d:1d:e4:66:e2:18:ce:19:eb:59:7f:d1:79:
95:d5:01:e6:05:d4:79:dd:73:d3:4f:24:3c:14:cb:
9b:f4:fc:ff:9a:6a:1c:2b:88:11:e1:28:75:3a:13:
b2:cf:6e:19:95:2e:50:f5:bd:fb:cf:3c:64:21:f7:
f3:33:4c:c0:bf:45:c6:32:5d:d2:6b:56:9d:ba:e4:
77:7d:52:70:30:ee:41:f9:53:3b:fb:8d:ef:dd:eb:
c3:95:e0:48:24:c7:9b:5a:12:6c:95:93:fb:2e:29:
74:90:37:f1:a6:00:d9:51:8b:98:88:66:d0:70:ba:
f2:25:33:75:f4:b3:45:c8:09:05:a3:4b:d4:0b:71:
75:60:38:84:6d:99:0a:57:bf:64:36:4c:d2:ff:4c:
b4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:F9:55:29:19:77:AE:4E:F2:A3:B2:1B:C4:91:1E:D5:E8:65:76:29
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38322e302f32342d3234203d3e203633303233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.82.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:b8:43:d1:0d:30:aa:3f:13:5b:a1:91:db:00:32:53:e1:e0:
0a:1e:a0:32:54:b2:10:4e:2c:ab:c4:b6:c0:d6:d2:aa:53:15:
e4:aa:cd:a1:12:38:47:98:69:dc:de:09:ed:6b:6c:28:8c:c6:
29:79:21:e5:8f:84:0f:bd:04:e2:a4:43:8c:ff:bb:dc:f5:f1:
07:4a:3f:59:fa:90:f7:88:a3:97:45:34:0e:b0:78:5f:c2:72:
e2:40:5c:03:30:1f:e9:49:fc:b9:70:bb:27:7a:8d:37:9b:3d:
7f:a5:06:dd:a9:e7:30:3d:6f:52:58:5e:28:db:fe:91:96:51:
61:a9:8f:0c:d9:37:29:83:7d:66:1b:6c:4c:15:af:14:b4:74:
e6:33:ec:14:85:2e:bb:e1:45:e0:e6:fc:33:08:f9:96:8c:21:
65:b8:c0:7d:63:00:db:93:02:0f:86:c0:91:e1:c3:0f:8d:17:
f3:c5:03:e4:9c:ea:10:75:7a:4c:6d:8c:e0:6b:9a:45:00:de:
60:da:77:e5:31:5d:39:0b:39:f5:65:cc:75:72:ff:7a:2e:f9:
7d:1f:d5:f4:0e:e2:fa:d4:c9:88:ce:75:2b:88:91:c4:d1:20:
82:4e:4c:2a:4b:dd:ec:fc:d8:a7:82:89:9a:60:ca:68:51:ac:
32:9b:76:dd
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUN1kmMIMTduv9fMedgzcccOr/LIIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDAyMjExOTAwMTNaFw0yNTAyMTkxOTA1MTNaMDMxMTAvBgNV
BAMTKDU5Rjk1NTI5MTk3N0FFNEVGMkEzQjIxQkM0OTExRUQ1RTg2NTc2MjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC53ZdVKF8IPy11T9Zn3Js8cNQ
XU/lgSQmQKFNn/ce3QOLtPjqedXGe4B9jS3qshScBtNgwCjKX+A+BXo1f44EQ6sf
sY686d9LC76qK7DZHm/YJfNfD+xuGa4q4yZUAOmo0WwtNHMhYAErnR3kZuIYzhnr
WX/ReZXVAeYF1Hndc9NPJDwUy5v0/P+aahwriBHhKHU6E7LPbhmVLlD1vfvPPGQh
9/MzTMC/RcYyXdJrVp265Hd9UnAw7kH5Uzv7je/d68OV4Egkx5taEmyVk/suKXSQ
N/GmANlRi5iIZtBwuvIlM3X0s0XICQWjS9QLcXVgOIRtmQpXv2Q2TNL/TLQzAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUWflVKRl3rk7yo7IbxJEe1ehldikwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMjJlMzgzMjJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzMzMDMyMzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtDFIw
DQYJKoZIhvcNAQELBQADggEBAAu4Q9ENMKo/E1uhkdsAMlPh4AoeoDJUshBOLKvE
tsDW0qpTFeSqzaESOEeYadzeCe1rbCiMxil5IeWPhA+9BOKkQ4z/u9z18QdKP1n6
kPeIo5dFNA6weF/CcuJAXAMwH+lJ/Llwuyd6jTebPX+lBt2p5zA9b1JYXijb/pGW
UWGpjwzZNymDfWYbbEwVrxS0dOYz7BSFLrvhReDm/DMI+ZaMIWW4wH1jANuTAg+G
wJHhww+NF/PFA+Sc6hB1ekxtjOBrmkUA3mDad+UxXTkLOfVlzHVy/3ou+X0f1fQO
4vrUyYjOdSuIkcTRIIJOTCpL3ez82KeCiZpgymhRrDKbdt0=
-----END CERTIFICATE-----
Generated at Mon Dec 9 17:21:11 2024 by rpki-client on console-ams.rpki-client.org