Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e20323135363732.roa
File: 34352e3135382e35392e302f32342d3234203d3e20323135363732.roa (raw, json)
Hash identifier: J01lInY3sX2rh/hPPHQQlHqDepqFLT6S8hfjp5YSKlc=
Subject key identifier: B0:DA:A3:FF:F4:74:A6:62:07:25:51:4D:B0:4D:1C:6E:37:7A:A5:52
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 2F6D3FE948F5ED16A7B2841722900D991B47950B
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e20323135363732.roa
Signing time: Mon 18 Mar 2024 06:40:48 +0000
ROA not before: Mon 18 Mar 2024 06:35:48 +0000
ROA not after: Mon 17 Mar 2025 06:40:48 +0000
asID: 215672
IP address blocks: 45.158.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:6d:3f:e9:48:f5:ed:16:a7:b2:84:17:22:90:0d:99:1b:47:95:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 18 06:35:48 2024 GMT
Not After : Mar 17 06:40:48 2025 GMT
Subject: CN=B0DAA3FFF474A6620725514DB04D1C6E377AA552
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:dc:83:70:02:ec:8a:e1:40:12:40:0d:69:bf:
6a:e7:ef:7f:ef:7b:97:c1:15:5e:f8:fb:5d:ea:f5:
41:ae:b6:cd:8f:f7:d0:f5:9f:c8:6e:bf:3b:d8:56:
02:05:4d:a7:c2:43:54:8f:09:e3:dc:e8:e0:77:8a:
fe:1c:8f:60:76:91:76:73:1d:bb:3f:9a:65:9e:cf:
f7:f0:d1:06:34:ee:5e:55:da:93:bc:ff:f4:c7:84:
e2:3d:6b:88:9c:b8:a7:a3:29:a8:9c:89:6d:05:57:
e8:14:5a:53:dd:64:a1:43:83:39:12:4d:da:44:d5:
76:0d:06:f2:03:0a:eb:ac:8e:ff:5c:76:b0:b0:47:
68:e1:23:29:0b:14:2b:33:a4:b6:79:ab:49:93:d3:
d1:98:1b:7c:9d:72:33:d4:88:38:e0:60:2e:fd:bb:
c1:25:c6:43:0b:cc:2e:37:99:54:ea:23:6f:84:40:
2d:20:21:a0:92:3e:09:72:b7:7a:2e:9e:71:a7:d0:
22:45:68:bf:3e:25:af:0a:c4:73:e8:ad:68:c7:17:
7e:02:4c:3d:02:80:58:03:db:cc:2e:8f:ba:0a:7b:
d4:56:cd:e8:ef:6e:b4:70:ff:7a:cb:2a:22:41:41:
2f:97:5a:dd:f4:bc:a4:92:1a:c2:d3:88:47:9d:20:
93:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:DA:A3:FF:F4:74:A6:62:07:25:51:4D:B0:4D:1C:6E:37:7A:A5:52
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e20323135363732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.59.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:93:0c:3e:9d:71:00:76:32:21:62:d0:d6:dc:c5:af:49:a2:
11:14:44:67:97:18:98:af:6c:d0:a4:4a:be:34:3d:45:bd:32:
2b:ae:87:e0:73:46:2f:a0:51:4f:66:26:78:de:b0:42:c2:8a:
53:7e:61:9e:70:f0:58:8f:93:da:25:4a:61:34:7c:7d:28:0b:
52:97:31:a5:eb:e6:05:81:85:4a:f2:68:a3:97:70:39:95:63:
3b:2c:7a:de:e2:07:71:08:9a:cf:10:5c:68:38:85:0d:8c:75:
e9:c7:73:56:dc:80:df:c0:b3:4a:a6:e4:98:11:02:ad:89:b1:
7f:f8:3f:30:50:ca:c5:be:43:85:f0:db:61:5f:d4:85:5a:30:
1a:cd:92:fb:8c:fa:12:e7:d7:a1:fb:c0:e5:1b:83:cb:a5:61:
44:5a:74:f8:b2:f4:ed:90:9c:f5:76:cd:51:70:ba:d0:89:d0:
9c:6c:69:a9:bc:10:b9:17:af:ea:5d:b1:25:60:74:99:2a:69:
bd:97:7a:7e:7a:3c:df:5e:3b:61:ad:d7:ae:14:a7:e7:41:f4:
e6:19:e2:c3:9b:3a:a9:c6:90:d2:29:f3:e4:74:19:65:d9:1a:
eb:09:14:cf:83:9f:3b:a4:89:f4:8d:ab:65:df:e6:4b:14:67:
3d:da:74:ff
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUL20/6Uj17RansoQXIpANmRtHlQswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDAzMTgwNjM1NDhaFw0yNTAzMTcwNjQwNDhaMDMxMTAvBgNV
BAMTKEIwREFBM0ZGRjQ3NEE2NjIwNzI1NTE0REIwNEQxQzZFMzc3QUE1NTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ3INwAuyK4UASQA1pv2rn73/v
e5fBFV74+13q9UGuts2P99D1n8huvzvYVgIFTafCQ1SPCePc6OB3iv4cj2B2kXZz
Hbs/mmWez/fw0QY07l5V2pO8//THhOI9a4icuKejKaiciW0FV+gUWlPdZKFDgzkS
TdpE1XYNBvIDCuusjv9cdrCwR2jhIykLFCszpLZ5q0mT09GYG3ydcjPUiDjgYC79
u8ElxkMLzC43mVTqI2+EQC0gIaCSPglyt3ounnGn0CJFaL8+Ja8KxHPorWjHF34C
TD0CgFgD28wuj7oKe9RWzejvbrRw/3rLKiJBQS+XWt30vKSSGsLTiEedIJObAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUsNqj//R0pmIHJVFNsE0cbjd6pVIwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzNTM4MmUzNTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM1MzYzNzMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZ47MA0GCSqGSIb3DQEBCwUAA4IBAQC0kww+nXEAdjIhYtDW3MWvSaIRFERnlxiY
r2zQpEq+ND1FvTIrrofgc0YvoFFPZiZ43rBCwopTfmGecPBYj5PaJUphNHx9KAtS
lzGl6+YFgYVK8mijl3A5lWM7LHre4gdxCJrPEFxoOIUNjHXpx3NW3IDfwLNKpuSY
EQKtibF/+D8wUMrFvkOF8NthX9SFWjAazZL7jPoS59eh+8DlG4PLpWFEWnT4svTt
kJz1ds1RcLrQidCcbGmpvBC5F6/qXbElYHSZKmm9l3p+ejzfXjthrdeuFKfnQfTm
GeLDmzqpxpDSKfPkdBll2RrrCRTPg587pIn0jatl3+ZLFGc92nT/
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:01 2024 by rpki-client on console-fra.rpki-client.org