Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133392e302f32342d3234203d3e203634353135.roa
File: 34352e39312e3133392e302f32342d3234203d3e203634353135.roa (raw, json)
Hash identifier: n2bGQsqZLJUN5ZYzY/nQzw7F7ysPBcdUljBIprqlvQI=
Subject key identifier: 2E:5D:15:68:3C:D8:8F:B9:83:20:D6:4D:A7:D3:7A:D1:96:52:4E:B9
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 49A78541459D8A316DB3B2F874CEC4F5D4EDE6DB
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133392e302f32342d3234203d3e203634353135.roa
Signing time: Tue 11 Jul 2023 12:37:26 +0000
ROA not before: Tue 11 Jul 2023 12:32:26 +0000
ROA not after: Tue 09 Jul 2024 12:37:26 +0000
asID: 64515
IP address blocks: 45.91.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 14:08:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:a7:85:41:45:9d:8a:31:6d:b3:b2:f8:74:ce:c4:f5:d4:ed:e6:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jul 11 12:32:26 2023 GMT
Not After : Jul 9 12:37:26 2024 GMT
Subject: CN=2E5D15683CD88FB98320D64DA7D37AD196524EB9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d1:6a:3a:94:68:07:0b:da:e5:57:9b:2d:fc:
32:35:ab:b2:4a:ed:41:d7:1e:3c:64:ce:50:2d:d7:
8f:31:7f:13:02:a9:42:c4:8c:11:91:b8:be:d6:7a:
83:91:8f:ae:dc:48:02:df:29:64:c1:0d:63:6b:45:
51:af:d8:ad:bc:0c:37:79:f5:11:04:bd:e4:84:97:
6d:d5:27:eb:ca:bf:b2:11:7a:13:ec:32:de:3d:f0:
da:39:62:30:3f:cf:d4:1c:1d:a4:49:ab:e5:3b:48:
81:29:a0:36:7b:be:d0:45:26:9b:fd:e4:c8:98:a8:
df:3b:7e:f3:65:1d:25:cc:a1:0c:2f:3b:69:3c:b5:
93:9e:75:34:3f:71:fd:e4:b0:23:fa:79:65:2b:c7:
f9:ce:c6:80:b1:6a:b1:e3:0e:03:c6:b1:9c:17:9e:
59:01:dd:a8:58:11:67:1b:d3:c9:bf:e0:67:9d:10:
e3:71:5b:43:4e:28:ed:32:8c:6a:90:a5:cd:4b:82:
b6:40:17:65:f3:ed:c7:75:6c:1d:ea:da:7c:d8:fa:
32:80:a9:61:72:f9:39:fe:ca:bf:92:8f:26:8b:39:
47:dd:a1:d7:84:cc:06:71:77:89:ad:94:17:c6:f7:
6e:2a:4d:e5:5c:4a:81:53:56:61:4b:47:29:ad:e4:
77:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:5D:15:68:3C:D8:8F:B9:83:20:D6:4D:A7:D3:7A:D1:96:52:4E:B9
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133392e302f32342d3234203d3e203634353135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.139.0/24
Signature Algorithm: sha256WithRSAEncryption
88:ef:b3:a8:48:66:20:f4:eb:61:d1:95:66:54:42:a6:41:31:
c6:5a:84:c2:44:68:51:e6:5b:f8:53:02:35:34:de:06:00:1c:
8c:52:86:a7:c6:7c:04:59:28:e0:f4:54:51:80:fd:52:23:a3:
1d:eb:e1:33:13:15:b8:9f:18:d9:84:bc:ee:ce:1e:b8:ff:85:
ba:c6:49:7c:49:1d:0a:a6:44:84:6a:a5:ac:cc:c1:6d:ca:55:
f2:bd:27:43:7d:5d:f1:30:a0:3a:42:00:8f:61:95:7f:9e:c4:
19:b8:f3:51:c7:cd:7c:3a:a2:f6:67:39:18:f6:36:17:a5:a1:
3b:ba:37:64:4c:4d:83:a0:30:54:b1:89:eb:fe:57:93:64:66:
8c:1f:82:d6:03:69:0b:32:ba:1a:93:d0:e3:35:dd:33:6b:58:
b1:18:b2:3c:69:5a:84:d6:bc:00:d7:6c:71:e1:f0:1a:61:c4:
cd:db:39:26:0c:da:74:61:a2:64:18:b6:b0:bb:15:ba:b8:c1:
d8:8c:bf:31:fc:8c:90:fe:83:47:c6:b4:b7:c1:1c:c8:0a:ac:
27:1f:8b:55:d1:02:20:e9:ad:6e:fd:0a:ac:88:80:a7:87:e0:
c7:13:55:42:a2:0b:c3:c0:6d:70:7d:d6:63:ec:0c:bf:5f:76:
8c:38:cb:3d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUSaeFQUWdijFts7L4dM7E9dTt5tswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzA3MTExMjMyMjZaFw0yNDA3MDkxMjM3MjZaMDMxMTAvBgNV
BAMTKDJFNUQxNTY4M0NEODhGQjk4MzIwRDY0REE3RDM3QUQxOTY1MjRFQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL0Wo6lGgHC9rlV5st/DI1q7JK
7UHXHjxkzlAt148xfxMCqULEjBGRuL7WeoORj67cSALfKWTBDWNrRVGv2K28DDd5
9REEveSEl23VJ+vKv7IRehPsMt498No5YjA/z9QcHaRJq+U7SIEpoDZ7vtBFJpv9
5MiYqN87fvNlHSXMoQwvO2k8tZOedTQ/cf3ksCP6eWUrx/nOxoCxarHjDgPGsZwX
nlkB3ahYEWcb08m/4GedEONxW0NOKO0yjGqQpc1LgrZAF2Xz7cd1bB3q2nzY+jKA
qWFy+Tn+yr+SjyaLOUfdodeEzAZxd4mtlBfG924qTeVcSoFTVmFLRymt5HeTAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQULl0VaDzYj7mDINZNp9N60ZZSTrkwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzkzMTJlMzEzMzM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzNDM1MzEzNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1b
izANBgkqhkiG9w0BAQsFAAOCAQEAiO+zqEhmIPTrYdGVZlRCpkExxlqEwkRoUeZb
+FMCNTTeBgAcjFKGp8Z8BFko4PRUUYD9UiOjHevhMxMVuJ8Y2YS87s4euP+FusZJ
fEkdCqZEhGqlrMzBbcpV8r0nQ31d8TCgOkIAj2GVf57EGbjzUcfNfDqi9mc5GPY2
F6WhO7o3ZExNg6AwVLGJ6/5Xk2RmjB+C1gNpCzK6GpPQ4zXdM2tYsRiyPGlahNa8
ANdsceHwGmHEzds5JgzadGGiZBi2sLsVurjB2Iy/MfyMkP6DR8a0t8EcyAqsJx+L
VdECIOmtbv0KrIiAp4fgxxNVQqILw8BtcH3WY+wMv192jDjLPQ==
-----END CERTIFICATE-----
Generated at Sat May 11 18:18:50 2024 by rpki-client on console-ams.rpki-client.org