Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137342e302f32342d3234203d3e20323132323439.roa
File: 34352e38372e3137342e302f32342d3234203d3e20323132323439.roa (raw, json)
Hash identifier: Fq/b0iwd3fmr5fGE7DB92PYV5SCGJEFGGGYZmGwswKM=
Subject key identifier: C5:F5:4E:F5:30:F7:32:D9:42:66:DE:0E:6F:36:9D:2D:D3:87:D1:FF
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 597922F2BBF3DDA65D3EA79A6284F9D50EEFD08E
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137342e302f32342d3234203d3e20323132323439.roa
Signing time: Wed 21 Feb 2024 19:05:13 +0000
ROA not before: Wed 21 Feb 2024 19:00:13 +0000
ROA not after: Wed 19 Feb 2025 19:05:13 +0000
asID: 212249
IP address blocks: 45.87.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 14:08:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:79:22:f2:bb:f3:dd:a6:5d:3e:a7:9a:62:84:f9:d5:0e:ef:d0:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 21 19:00:13 2024 GMT
Not After : Feb 19 19:05:13 2025 GMT
Subject: CN=C5F54EF530F732D94266DE0E6F369D2DD387D1FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:96:5f:6e:85:8b:77:bd:e2:1b:b3:10:f2:d5:
b3:9f:c1:97:1d:28:d0:9a:ee:13:cc:8c:26:90:78:
9a:47:16:4b:00:bc:1e:a3:a6:9a:ef:31:29:1a:05:
ad:cd:1f:2b:5e:f5:ea:1d:be:47:b6:aa:0e:3e:cf:
d9:fa:1f:b6:db:40:1c:09:d8:cb:f1:28:84:15:55:
84:35:e0:67:9a:a4:97:d4:a8:b5:65:a7:9a:4e:1a:
20:3e:86:0b:f6:0d:35:72:82:d7:42:e3:b8:80:dd:
1e:4e:b9:bc:ce:c9:b7:6b:2b:86:8d:46:a5:ce:8b:
bb:5f:4a:d2:29:90:86:f8:98:5e:c4:d2:31:f2:8c:
b5:1d:ca:73:62:0b:81:c2:09:f4:b7:17:d1:8f:1b:
01:68:72:84:ed:82:88:53:91:9f:a4:1d:8b:10:ee:
d3:a7:c3:bf:d6:00:de:89:ae:5d:26:cd:d2:ed:e0:
58:2a:75:f8:0d:d8:a5:09:ca:33:d9:d6:fa:01:2f:
3c:e1:d4:06:c0:01:34:af:d7:6e:a3:d7:f8:55:87:
d1:37:ff:15:33:34:b5:5b:b6:1d:86:d2:f5:12:be:
11:7d:68:82:60:b4:84:24:db:3b:39:0c:d4:99:ca:
08:ec:18:8f:16:40:9d:9d:9b:93:96:62:58:54:74:
bd:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:F5:4E:F5:30:F7:32:D9:42:66:DE:0E:6F:36:9D:2D:D3:87:D1:FF
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137342e302f32342d3234203d3e20323132323439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.174.0/24
Signature Algorithm: sha256WithRSAEncryption
21:14:01:0d:90:28:42:90:1e:bf:d8:2c:23:19:31:8a:dc:ab:
e2:c4:71:06:3b:da:2e:af:6a:8b:7b:34:c3:26:4c:71:a1:77:
a7:af:e9:e2:35:7b:f6:92:df:07:15:d9:61:e7:75:08:d6:ee:
96:0f:e0:e4:78:45:73:4b:29:e1:22:07:a7:e1:b9:2a:d4:1f:
f1:ce:64:74:97:1b:7c:b7:64:a9:88:ca:01:c1:00:47:f4:40:
86:d1:fc:6d:8b:bd:8b:da:ef:9d:c4:84:db:b7:98:30:05:d5:
a3:3b:a0:cf:de:fc:4d:27:ea:38:e9:81:ff:61:8b:94:c8:0d:
80:39:46:c5:e6:1a:07:fd:69:51:32:b7:35:70:30:6e:1b:4b:
01:fe:37:61:a5:0a:63:c3:7d:8a:16:67:af:d7:8c:84:ab:44:
11:d9:8f:1a:5c:c2:e9:ad:83:73:91:c2:20:ba:cf:d1:fd:c6:
32:f3:de:65:13:0e:92:09:4e:5d:dd:9b:89:2e:d9:48:17:9f:
54:ea:56:02:77:db:7c:d4:59:86:5c:ec:8f:68:85:b7:34:cb:
bf:a7:a4:62:92:2d:25:39:f7:8d:4b:ef:ff:2c:f0:8c:75:bd:
34:af:17:6a:20:ae:c9:85:23:9c:f4:33:04:bb:00:ec:90:2b:
90:bf:db:ac
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWXki8rvz3aZdPqeaYoT51Q7v0I4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDAyMjExOTAwMTNaFw0yNTAyMTkxOTA1MTNaMDMxMTAvBgNV
BAMTKEM1RjU0RUY1MzBGNzMyRDk0MjY2REUwRTZGMzY5RDJERDM4N0QxRkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMll9uhYt3veIbsxDy1bOfwZcd
KNCa7hPMjCaQeJpHFksAvB6jpprvMSkaBa3NHyte9eodvke2qg4+z9n6H7bbQBwJ
2MvxKIQVVYQ14GeapJfUqLVlp5pOGiA+hgv2DTVygtdC47iA3R5OubzOybdrK4aN
RqXOi7tfStIpkIb4mF7E0jHyjLUdynNiC4HCCfS3F9GPGwFocoTtgohTkZ+kHYsQ
7tOnw7/WAN6Jrl0mzdLt4FgqdfgN2KUJyjPZ1voBLzzh1AbAATSv126j1/hVh9E3
/xUzNLVbth2G0vUSvhF9aIJgtIQk2zs5DNSZygjsGI8WQJ2dm5OWYlhUdL3nAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUxfVO9TD3MtlCZt4ObzadLdOH0f8wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzgzNzJlMzEzNzM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzNDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVeuMA0GCSqGSIb3DQEBCwUAA4IBAQAhFAENkChCkB6/2CwjGTGK3KvixHEGO9ou
r2qLezTDJkxxoXenr+niNXv2kt8HFdlh53UI1u6WD+DkeEVzSynhIgen4bkq1B/x
zmR0lxt8t2SpiMoBwQBH9ECG0fxti72L2u+dxITbt5gwBdWjO6DP3vxNJ+o46YH/
YYuUyA2AOUbF5hoH/WlRMrc1cDBuG0sB/jdhpQpjw32KFmev14yEq0QR2Y8aXMLp
rYNzkcIgus/R/cYy895lEw6SCU5d3ZuJLtlIF59U6lYCd9t81FmGXOyPaIW3NMu/
p6Riki0lOfeNS+//LPCMdb00rxdqIK7JhSOc9DMEuwDskCuQv9us
-----END CERTIFICATE-----
Generated at Sat May 11 18:18:50 2024 by rpki-client on console-ams.rpki-client.org