Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232382e302f32342d3234203d3e203432333636.roa
File: 37372e3233372e3232382e302f32342d3234203d3e203432333636.roa (raw, json)
Hash identifier: updnrGoovou+rkQMj6vJgbVuYPohgBsZi9hAnVfqokY=
Subject key identifier: AA:01:16:62:1C:99:C1:A0:46:F0:B9:1C:82:AB:E7:C5:98:5D:43:5E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 190C5CA76D1BD2D8966601B50FEE3EBAC8769BAF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232382e302f32342d3234203d3e203432333636.roa
Signing time: Mon 04 Dec 2023 15:12:16 +0000
ROA not before: Mon 04 Dec 2023 15:07:16 +0000
ROA not after: Mon 02 Dec 2024 15:12:16 +0000
asID: 42366
IP address blocks: 77.237.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:0c:5c:a7:6d:1b:d2:d8:96:66:01:b5:0f:ee:3e:ba:c8:76:9b:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 4 15:07:16 2023 GMT
Not After : Dec 2 15:12:16 2024 GMT
Subject: CN=AA0116621C99C1A046F0B91C82ABE7C5985D435E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0e:86:b9:40:5c:81:36:64:d4:38:9e:dd:2e:
00:1b:22:36:e0:e2:9a:27:aa:b7:21:7f:f2:bd:97:
af:dc:ff:70:52:6b:cd:b8:77:3f:b6:30:a5:9e:89:
2c:1f:68:04:69:80:1d:98:af:c8:ea:8b:c1:5f:3f:
ce:f4:fb:93:9a:18:99:55:68:25:60:bb:5d:1f:07:
82:1c:dd:35:0f:c3:d6:5f:e3:b7:8b:87:12:2a:95:
bb:b3:ec:01:4b:65:4f:7a:16:13:bb:3d:62:7f:03:
08:12:03:5f:8e:56:e0:66:61:e9:5c:78:40:06:1a:
f7:c0:96:08:d7:94:62:c7:95:d4:d0:77:3c:21:40:
35:c2:46:0d:a8:59:4d:c6:18:96:dc:fd:5f:64:c7:
40:c8:fc:dc:d3:4b:1a:28:71:bb:2c:50:d9:97:42:
ff:75:f2:e8:c3:b3:62:70:56:bb:78:5b:89:83:e6:
e1:cd:51:f0:32:63:e3:56:6d:36:ce:fc:d7:20:d6:
41:84:c1:db:90:9b:77:fd:53:f3:d4:ae:e0:91:80:
3b:b8:e0:38:89:b5:bf:6e:3a:5a:90:7b:74:89:4a:
d2:41:cd:29:4f:6d:fe:bd:af:0c:46:9d:76:01:df:
cd:cb:23:54:fe:df:41:46:98:3a:95:40:05:9a:66:
a3:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:01:16:62:1C:99:C1:A0:46:F0:B9:1C:82:AB:E7:C5:98:5D:43:5E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232382e302f32342d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.237.228.0/24
Signature Algorithm: sha256WithRSAEncryption
39:10:e9:20:a0:4b:d8:19:fc:8f:4b:62:81:0d:2f:23:e9:a7:
98:a9:9e:36:fc:69:3f:3e:12:04:61:1c:9b:75:ce:b7:30:83:
76:d4:f0:8d:c9:9e:47:b9:1a:9b:6c:b7:cd:a0:ab:ff:f8:a6:
d4:ac:6c:1c:03:f2:8d:7d:6b:6c:b4:c1:d7:99:39:9e:d9:bf:
d0:e6:1c:aa:08:f0:5e:67:25:cd:38:b8:2a:7e:c7:37:7d:a3:
b7:ad:42:16:42:14:fe:48:a9:a4:2f:b9:5f:76:00:72:62:37:
94:ae:37:15:8b:0e:44:0b:9d:65:4d:6f:33:b5:8b:bf:10:8a:
fd:f8:fc:6f:1d:0c:e1:a0:6d:6d:28:5d:c9:34:78:97:5e:39:
4d:fd:75:ab:44:d6:1c:83:0a:fe:95:ca:4b:ad:6c:44:95:b9:
c2:3a:8d:b0:20:e5:52:92:99:cf:71:f7:b8:7a:39:7a:b0:ad:
0c:44:9a:8d:0c:4b:22:d8:23:0c:cf:89:f0:39:26:56:15:2f:
11:21:78:13:83:3a:9b:f2:a6:85:52:b4:a5:e5:96:a5:fd:0b:
2a:7a:fa:84:2f:fb:e5:ac:e3:b5:ac:0d:f8:62:a9:b3:e6:8a:
1f:c5:02:28:26:9b:35:e5:b1:59:14:02:66:1a:30:ff:36:99:
98:a0:73:06
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGQxcp20b0tiWZgG1D+4+ush2m68wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEyMDQxNTA3MTZaFw0yNDEyMDIxNTEyMTZaMDMxMTAvBgNV
BAMTKEFBMDExNjYyMUM5OUMxQTA0NkYwQjkxQzgyQUJFN0M1OTg1RDQzNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClDoa5QFyBNmTUOJ7dLgAbIjbg
4ponqrchf/K9l6/c/3BSa824dz+2MKWeiSwfaARpgB2Yr8jqi8FfP870+5OaGJlV
aCVgu10fB4Ic3TUPw9Zf47eLhxIqlbuz7AFLZU96FhO7PWJ/AwgSA1+OVuBmYelc
eEAGGvfAlgjXlGLHldTQdzwhQDXCRg2oWU3GGJbc/V9kx0DI/NzTSxoocbssUNmX
Qv918ujDs2JwVrt4W4mD5uHNUfAyY+NWbTbO/Ncg1kGEwduQm3f9U/PUruCRgDu4
4DiJtb9uOlqQe3SJStJBzSlPbf69rwxGnXYB383LI1T+30FGmDqVQAWaZqPFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqgEWYhyZwaBG8LkcgqvnxZhdQ14wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzczNzJlMzIzMzM3MmUzMjMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Te3kMA0GCSqGSIb3DQEBCwUAA4IBAQA5EOkgoEvYGfyPS2KBDS8j6aeYqZ42/Gk/
PhIEYRybdc63MIN21PCNyZ5HuRqbbLfNoKv/+KbUrGwcA/KNfWtstMHXmTme2b/Q
5hyqCPBeZyXNOLgqfsc3faO3rUIWQhT+SKmkL7lfdgByYjeUrjcViw5EC51lTW8z
tYu/EIr9+PxvHQzhoG1tKF3JNHiXXjlN/XWrRNYcgwr+lcpLrWxElbnCOo2wIOVS
kpnPcfe4ejl6sK0MRJqNDEsi2CMMz4nwOSZWFS8RIXgTgzqb8qaFUrSl5Zal/Qsq
evqEL/vlrOO1rA34Yqmz5oofxQIoJps15bFZFAJmGjD/NpmYoHMG
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:50 2024 by rpki-client on console-ams.rpki-client.org