Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232362e302f32342d3234203d3e20323031333431.roa
File: 37372e3233372e3232362e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: jhaBA9Jxr3eK8rx7S77qtGqCyXMRE7q1sjc1wdzFBpI=
Subject key identifier: 66:E3:93:68:93:CB:A9:9A:08:B9:96:94:A0:5E:F3:9C:03:71:CA:D7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0D5BD02AE127828DCA72B5DA4B85ABBB575B320E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232362e302f32342d3234203d3e20323031333431.roa
Signing time: Mon 26 Feb 2024 08:53:02 +0000
ROA not before: Mon 26 Feb 2024 08:48:02 +0000
ROA not after: Mon 24 Feb 2025 08:53:02 +0000
asID: 201341
IP address blocks: 77.237.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:5b:d0:2a:e1:27:82:8d:ca:72:b5:da:4b:85:ab:bb:57:5b:32:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:02 2024 GMT
Not After : Feb 24 08:53:02 2025 GMT
Subject: CN=66E3936893CBA99A08B99694A05EF39C0371CAD7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:76:3c:b8:ad:b4:6f:17:6a:12:d6:2f:20:e0:
3d:56:10:83:c8:19:31:2f:78:04:32:06:8d:ec:ac:
ee:7a:b7:97:95:88:4e:4f:24:17:44:2d:9d:b5:bd:
5b:2a:c2:1e:8f:cd:29:54:43:f1:10:19:da:94:35:
f6:52:56:ee:07:e1:6f:14:6c:07:bb:da:b7:9a:9a:
8b:e2:9e:c4:c8:af:b6:4f:7d:bb:d4:54:71:d4:f2:
26:fd:4f:be:df:ad:6d:ab:62:0b:07:c9:a2:a6:55:
d4:39:4c:30:90:6e:4f:47:17:dd:6d:85:76:5c:51:
2c:f4:3c:67:50:f3:d6:6b:d3:4c:44:b0:a1:59:2d:
9b:27:04:c1:64:c2:16:74:65:2c:83:2a:27:73:6e:
27:e5:05:37:75:1f:08:76:33:58:1e:aa:b0:2b:de:
b9:45:a4:ef:89:e6:12:38:72:ba:ea:5a:74:31:55:
05:71:07:aa:74:95:fa:d4:7d:e8:9c:7f:9f:92:c8:
db:c7:86:59:58:ac:b9:b6:5c:37:79:5f:d5:84:57:
c7:ca:ff:b8:d0:e2:26:72:a4:5a:6a:4c:62:09:3e:
ef:6f:99:07:33:0d:31:94:76:6d:1a:36:f8:47:b2:
f2:87:99:88:ec:f8:0d:95:f0:a6:f2:4e:a3:1b:fb:
2c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:E3:93:68:93:CB:A9:9A:08:B9:96:94:A0:5E:F3:9C:03:71:CA:D7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232362e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.237.226.0/24
Signature Algorithm: sha256WithRSAEncryption
03:7a:b6:8d:93:dd:b1:9d:1c:5c:8b:57:a1:1e:34:11:af:49:
a0:0b:1e:db:60:29:60:d3:5b:72:7a:0a:b6:80:87:83:33:77:
da:90:40:41:01:5b:20:da:ee:b6:35:5e:bd:a0:12:2f:5f:30:
2f:0f:95:c0:e8:c3:17:c4:48:16:e7:e9:33:e3:36:10:b5:10:
a3:ea:db:9e:97:24:e9:84:c7:b7:69:dc:52:7f:b9:c5:30:fc:
f4:64:97:6e:6e:5f:ee:67:59:a4:23:fd:a0:3d:bb:f3:82:44:
32:8b:98:59:33:0f:ae:01:0b:1b:66:f9:09:11:01:1c:24:b5:
b9:f7:4a:89:cd:2d:cf:8a:a8:ff:c9:77:af:15:2d:7d:de:22:
e3:34:4c:c6:85:99:ac:42:ae:b8:9d:8c:1e:c8:d4:c8:ce:83:
61:6d:c0:52:79:4b:ac:63:b7:eb:4a:8b:31:85:e8:21:7e:89:
38:f4:58:9c:a8:81:61:fb:95:94:61:af:01:d2:9c:6d:a9:6a:
c4:9e:bc:25:1f:63:cc:a9:2e:2a:72:d3:c8:58:e7:50:3e:dc:
03:26:bf:48:db:9f:9e:6c:b9:fe:de:32:09:f2:30:85:98:9c:
42:8e:01:a4:da:f3:37:85:c3:2c:a8:ac:3c:d9:89:da:e4:e5:
47:8b:64:28
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDVvQKuEngo3KcrXaS4Wru1dbMg4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDJaFw0yNTAyMjQwODUzMDJaMDMxMTAvBgNV
BAMTKDY2RTM5MzY4OTNDQkE5OUEwOEI5OTY5NEEwNUVGMzlDMDM3MUNBRDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDedjy4rbRvF2oS1i8g4D1WEIPI
GTEveAQyBo3srO56t5eViE5PJBdELZ21vVsqwh6PzSlUQ/EQGdqUNfZSVu4H4W8U
bAe72reamovinsTIr7ZPfbvUVHHU8ib9T77frW2rYgsHyaKmVdQ5TDCQbk9HF91t
hXZcUSz0PGdQ89Zr00xEsKFZLZsnBMFkwhZ0ZSyDKidzbiflBTd1Hwh2M1geqrAr
3rlFpO+J5hI4crrqWnQxVQVxB6p0lfrUfeicf5+SyNvHhllYrLm2XDd5X9WEV8fK
/7jQ4iZypFpqTGIJPu9vmQczDTGUdm0aNvhHsvKHmYjs+A2V8KbyTqMb+ywtAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUZuOTaJPLqZoIuZaUoF7znANxytcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzczNzJlMzIzMzM3MmUzMjMy
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABN7eIwDQYJKoZIhvcNAQELBQADggEBAAN6to2T3bGdHFyLV6EeNBGvSaALHttg
KWDTW3J6CraAh4Mzd9qQQEEBWyDa7rY1Xr2gEi9fMC8PlcDowxfESBbn6TPjNhC1
EKPq256XJOmEx7dp3FJ/ucUw/PRkl25uX+5nWaQj/aA9u/OCRDKLmFkzD64BCxtm
+QkRARwktbn3SonNLc+KqP/Jd68VLX3eIuM0TMaFmaxCrridjB7I1MjOg2FtwFJ5
S6xjt+tKizGF6CF+iTj0WJyogWH7lZRhrwHSnG2pasSevCUfY8ypLipy08hY51A+
3AMmv0jbn55suf7eMgnyMIWYnEKOAaTa8zeFwyyorDzZidrk5UeLZCg=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:16 2024 by rpki-client on console-fra.rpki-client.org