Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232382e302f32342d3234203d3e203432333636.roa
File: 37372e3233372e3232382e302f32342d3234203d3e203432333636.roa (raw, json)
Hash identifier: nJjcIGZiQS8+bgFSRb3E9uXuHOE6PZTw9b+T3aTYDgU=
Subject key identifier: 33:33:76:85:81:76:20:6F:09:5D:BC:81:39:6A:A5:67:EA:43:DE:5F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 278B05FAC6023CF27528FB12CBE8C7FB55D50C2C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232382e302f32342d3234203d3e203432333636.roa
Signing time: Mon 04 Nov 2024 16:05:27 +0000
ROA not before: Mon 04 Nov 2024 16:00:27 +0000
ROA not after: Mon 03 Nov 2025 16:05:27 +0000
asID: 42366
IP address blocks: 77.237.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:8b:05:fa:c6:02:3c:f2:75:28:fb:12:cb:e8:c7:fb:55:d5:0c:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 4 16:00:27 2024 GMT
Not After : Nov 3 16:05:27 2025 GMT
Subject: CN=333376858176206F095DBC81396AA567EA43DE5F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3e:82:fb:15:4a:18:08:6b:92:d4:2c:22:16:
40:14:43:00:a9:e5:3b:cb:b2:e2:ae:63:23:95:ad:
ae:10:60:5b:b0:26:1f:04:55:82:e0:15:64:e0:78:
a6:ae:57:63:f6:ad:67:61:94:b2:f1:7b:e7:ed:1f:
29:2b:ae:8b:bf:42:01:ea:ef:5f:d9:97:a6:89:b3:
4d:76:a8:07:54:38:fe:1a:a5:86:d4:0a:53:87:e0:
40:29:81:dc:36:fb:33:93:c7:96:be:74:1d:81:17:
c3:17:f1:b4:d8:3f:ea:e7:28:b4:1b:83:33:80:de:
b4:22:1c:d2:22:f4:bb:c5:69:93:db:34:4f:bd:32:
18:11:f7:cb:ca:7a:ce:66:b5:6a:c4:50:97:10:a0:
34:b8:2c:b7:98:70:e2:fa:26:72:9c:d8:12:c8:4c:
ac:02:72:2d:80:c6:32:44:e4:0b:c0:c6:c2:e5:f2:
09:b5:ed:18:66:8d:d6:c7:6d:84:0c:50:fe:fd:d9:
6b:e2:1e:c2:06:49:8b:ed:5c:11:02:92:36:6c:47:
e9:23:6f:d7:51:b1:46:fd:92:0e:9e:85:87:b5:14:
b1:02:9f:ac:82:fb:79:7a:cf:1d:35:dc:89:ba:87:
67:d6:93:68:a5:29:25:44:9a:dc:b5:ca:1b:af:be:
e8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:33:76:85:81:76:20:6F:09:5D:BC:81:39:6A:A5:67:EA:43:DE:5F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232382e302f32342d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.237.228.0/24
Signature Algorithm: sha256WithRSAEncryption
92:4b:a3:a4:f4:35:d1:e0:69:09:fc:fe:bd:bc:df:50:23:33:
bd:0c:00:db:17:16:f8:cc:6b:74:35:87:b7:9e:3d:07:fc:a2:
32:72:fd:64:2d:17:7b:84:9b:9d:27:65:e7:75:4f:17:80:d2:
2a:10:16:24:ab:5d:94:05:8b:05:8e:e3:bb:f5:2f:f9:71:f6:
fc:08:b3:20:ad:e1:63:78:9d:57:eb:9d:1f:aa:0f:63:ab:ff:
a2:8b:c0:53:5a:19:98:19:d2:e5:3f:a8:da:35:02:19:de:96:
23:5f:0e:2d:15:c1:53:29:39:c1:3e:ca:00:27:b1:f2:a9:b3:
18:c0:67:6b:7f:de:b5:64:05:70:f3:83:39:68:dd:25:03:d9:
bd:0a:61:0b:1b:b4:86:62:40:d0:06:93:4f:92:6c:27:95:e5:
d0:cc:01:d3:f0:52:c6:f2:5e:e2:95:90:6f:46:c0:c5:2b:be:
68:f3:b8:69:88:ff:7a:5f:e4:b2:d6:de:db:19:c6:01:d3:15:
8f:36:15:1a:f4:01:72:00:6a:c1:07:84:e4:0e:62:1f:79:b0:
2d:92:db:6f:60:ed:c6:db:0f:63:44:a1:b4:24:2d:a4:20:74:
a2:68:bd:51:35:0c:63:79:be:2b:d9:92:5e:11:e1:2a:dc:c4:
94:fc:ed:cd
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJ4sF+sYCPPJ1KPsSy+jH+1XVDCwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDExMDQxNjAwMjdaFw0yNTExMDMxNjA1MjdaMDMxMTAvBgNV
BAMTKDMzMzM3Njg1ODE3NjIwNkYwOTVEQkM4MTM5NkFBNTY3RUE0M0RFNUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCPoL7FUoYCGuS1CwiFkAUQwCp
5TvLsuKuYyOVra4QYFuwJh8EVYLgFWTgeKauV2P2rWdhlLLxe+ftHykrrou/QgHq
71/Zl6aJs012qAdUOP4apYbUClOH4EApgdw2+zOTx5a+dB2BF8MX8bTYP+rnKLQb
gzOA3rQiHNIi9LvFaZPbNE+9MhgR98vKes5mtWrEUJcQoDS4LLeYcOL6JnKc2BLI
TKwCci2AxjJE5AvAxsLl8gm17RhmjdbHbYQMUP792WviHsIGSYvtXBECkjZsR+kj
b9dRsUb9kg6ehYe1FLECn6yC+3l6zx013Im6h2fWk2ilKSVEmty1yhuvvuj7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUMzN2hYF2IG8JXbyBOWqlZ+pD3l8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzczNzJlMzIzMzM3MmUzMjMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Te3kMA0GCSqGSIb3DQEBCwUAA4IBAQCSS6Ok9DXR4GkJ/P69vN9QIzO9DADbFxb4
zGt0NYe3nj0H/KIycv1kLRd7hJudJ2XndU8XgNIqEBYkq12UBYsFjuO79S/5cfb8
CLMgreFjeJ1X650fqg9jq/+ii8BTWhmYGdLlP6jaNQIZ3pYjXw4tFcFTKTnBPsoA
J7HyqbMYwGdrf961ZAVw84M5aN0lA9m9CmELG7SGYkDQBpNPkmwnleXQzAHT8FLG
8l7ilZBvRsDFK75o87hpiP96X+Sy1t7bGcYB0xWPNhUa9AFyAGrBB4TkDmIfebAt
kttvYO3G2w9jRKG0JC2kIHSiaL1RNQxjeb4r2ZJeEeEq3MSU/O3N
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:20:22 2025 by rpki-client