Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232392e302f32342d3234203d3e20313336373837.roa
File: 37372e3233372e3232392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: txFVs3D+N4JWuNth+GP0qkurI6fFYxGfOF6Q8Iek3Eg=
Subject key identifier: 3D:A4:08:20:8D:DF:A6:DF:47:CF:D2:8D:CA:CD:26:55:89:34:5D:64
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3AB9D8B0A879B28234E1C030FE11A929692B359C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232392e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 30 Jan 2024 19:25:37 +0000
ROA not before: Tue 30 Jan 2024 19:20:37 +0000
ROA not after: Tue 28 Jan 2025 19:25:37 +0000
asID: 136787
IP address blocks: 77.237.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:b9:d8:b0:a8:79:b2:82:34:e1:c0:30:fe:11:a9:29:69:2b:35:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 30 19:20:37 2024 GMT
Not After : Jan 28 19:25:37 2025 GMT
Subject: CN=3DA408208DDFA6DF47CFD28DCACD265589345D64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:bb:a2:ec:6f:7d:18:8d:b7:10:57:79:8d:49:
ce:da:ab:0a:4c:95:a4:e8:66:6c:0e:b2:64:4c:85:
11:a8:dc:17:ae:4a:34:ae:1f:6f:06:41:ea:53:1e:
0f:69:a7:b9:80:e2:94:80:e6:31:6d:08:9d:f2:33:
dd:a3:cf:48:9c:86:c3:17:ba:2b:94:65:66:4a:94:
d0:81:96:48:b9:e1:bd:1d:df:7e:33:22:8f:2d:e1:
eb:a7:43:12:a4:21:5d:59:a3:b1:60:50:d4:4b:d1:
f7:c7:89:e6:71:d1:8d:1c:77:f4:f8:09:c7:11:b0:
8a:32:44:9c:9a:2c:2f:fb:d8:b7:8c:0d:4e:b2:e4:
9b:0d:5b:a4:ed:48:8c:03:8a:66:f7:b8:86:4e:00:
2e:8f:ac:14:a5:82:e3:1a:70:a1:59:bd:4a:c4:8f:
78:e8:c3:b5:7e:c2:eb:c0:82:bf:64:ae:c0:5d:cc:
69:ce:5f:2d:d3:e3:5b:07:bd:f6:23:32:de:e2:5d:
55:d9:22:4e:71:a9:ae:be:ee:6f:35:84:54:21:a5:
1b:85:a6:5b:43:de:ee:66:d7:7e:52:86:30:d3:a8:
fc:97:a9:03:cb:7b:99:47:42:ea:e5:e7:09:af:4f:
47:ba:ab:af:be:9e:bb:77:0a:df:36:43:68:08:f7:
0c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A4:08:20:8D:DF:A6:DF:47:CF:D2:8D:CA:CD:26:55:89:34:5D:64
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.237.229.0/24
Signature Algorithm: sha256WithRSAEncryption
87:fe:f5:ff:d4:81:56:3a:3a:3c:63:b9:89:b4:31:b7:d0:e1:
1e:3c:f3:25:fe:d1:62:4f:b3:23:de:25:07:51:83:f4:4b:8e:
d3:2b:14:fb:f8:c8:70:98:77:fb:4c:42:34:65:e0:0c:f5:e6:
41:aa:a2:ed:c8:9d:5f:48:d2:8c:f5:7d:2b:ed:44:17:c2:65:
2d:c4:54:5a:33:df:2c:2d:9c:af:16:c2:f8:ab:2c:6b:fd:5d:
2b:a4:f3:fc:42:78:90:6a:f0:74:d0:f6:ff:51:4c:b0:ac:b2:
b5:6e:ae:4e:41:0b:52:3a:20:16:f0:6b:35:9e:e6:54:b3:12:
fd:fb:bb:b7:6d:f8:62:89:92:76:97:6f:b7:c7:05:3c:73:bf:
7c:ac:5d:20:ee:13:46:ec:38:20:8d:de:cc:bc:51:07:3d:ab:
59:50:50:dc:de:48:39:c5:3b:4a:ce:0f:92:2e:7f:01:0c:73:
48:50:33:0e:16:ac:7f:c8:1d:e5:df:0f:e0:d1:85:2a:6c:14:
bf:08:2f:23:2b:d7:7f:56:77:a8:1c:86:0a:ed:cd:38:bf:5c:
fd:90:c3:6f:23:67:c2:e2:9d:33:86:17:c0:5f:d4:3e:54:31:
d2:d9:3d:3c:3a:a7:06:86:4c:cb:c8:83:db:d9:7e:73:b8:bc:
a9:e5:a1:8b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOrnYsKh5soI04cAw/hGpKWkrNZwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMzAxOTIwMzdaFw0yNTAxMjgxOTI1MzdaMDMxMTAvBgNV
BAMTKDNEQTQwODIwOERERkE2REY0N0NGRDI4RENBQ0QyNjU1ODkzNDVENjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVu6Lsb30YjbcQV3mNSc7aqwpM
laToZmwOsmRMhRGo3BeuSjSuH28GQepTHg9pp7mA4pSA5jFtCJ3yM92jz0ichsMX
uiuUZWZKlNCBlki54b0d334zIo8t4eunQxKkIV1Zo7FgUNRL0ffHieZx0Y0cd/T4
CccRsIoyRJyaLC/72LeMDU6y5JsNW6TtSIwDimb3uIZOAC6PrBSlguMacKFZvUrE
j3jow7V+wuvAgr9krsBdzGnOXy3T41sHvfYjMt7iXVXZIk5xqa6+7m81hFQhpRuF
pltD3u5m135ShjDTqPyXqQPLe5lHQurl5wmvT0e6q6++nrt3Ct82Q2gI9wz1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPaQIII3fpt9Hz9KNys0mVYk0XWQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzczNzJlMzIzMzM3MmUzMjMy
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABN7eUwDQYJKoZIhvcNAQELBQADggEBAIf+9f/UgVY6OjxjuYm0MbfQ4R488yX+
0WJPsyPeJQdRg/RLjtMrFPv4yHCYd/tMQjRl4Az15kGqou3InV9I0oz1fSvtRBfC
ZS3EVFoz3ywtnK8WwvirLGv9XSuk8/xCeJBq8HTQ9v9RTLCssrVurk5BC1I6IBbw
azWe5lSzEv37u7dt+GKJknaXb7fHBTxzv3ysXSDuE0bsOCCN3sy8UQc9q1lQUNze
SDnFO0rOD5IufwEMc0hQMw4WrH/IHeXfD+DRhSpsFL8ILyMr139Wd6gchgrtzTi/
XP2Qw28jZ8LinTOGF8Bf1D5UMdLZPTw6pwaGTMvIg9vZfnO4vKnloYs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:04 2024 by rpki-client on console-fra.rpki-client.org