Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3137362e3232372e3234302e302f32342d3234203d3e20323039383534.roa
File: 3137362e3232372e3234302e302f32342d3234203d3e20323039383534.roa (raw, json)
Hash identifier: TD/CiTWwOiqci8PAGtvdnIsmckPAuWyjy3MyJ/J0JW4=
Subject key identifier: E7:73:07:12:0D:E3:8D:3B:CC:D8:07:DE:4A:D0:A6:5A:4F:78:3B:1F
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 1E5B85E4E544E4E18286EC82A9C486FF83996A07
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3137362e3232372e3234302e302f32342d3234203d3e20323039383534.roa
Signing time: Wed 07 Aug 2024 08:04:36 +0000
ROA not before: Wed 07 Aug 2024 07:59:36 +0000
ROA not after: Wed 06 Aug 2025 08:04:36 +0000
asID: 209854
IP address blocks: 176.227.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:5b:85:e4:e5:44:e4:e1:82:86:ec:82:a9:c4:86:ff:83:99:6a:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Aug 7 07:59:36 2024 GMT
Not After : Aug 6 08:04:36 2025 GMT
Subject: CN=E77307120DE38D3BCCD807DE4AD0A65A4F783B1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:25:5e:f8:ae:79:a3:b9:e4:0c:5e:2c:c1:11:
d6:e7:dd:12:69:5f:0a:5c:a9:6d:95:bf:92:78:c5:
6f:88:06:9d:19:c1:ba:85:45:ac:b8:50:7a:c0:e3:
49:22:e5:d7:ed:41:71:25:bd:59:d0:f7:cb:20:90:
b6:4f:3b:72:1e:19:ea:7e:b6:42:b2:d3:5e:f4:47:
bb:cf:70:c7:77:0e:24:58:2f:a3:0f:0d:64:d3:f5:
55:18:fd:41:1f:28:01:8b:ad:16:97:9f:1c:9c:1d:
c7:70:dd:6f:e7:a1:3b:09:f9:2c:89:51:45:5f:1f:
b8:47:ef:c4:ed:7b:42:08:33:a8:e1:da:3f:37:f7:
27:be:46:3e:2f:02:8d:c8:5b:15:b7:23:78:e1:31:
7b:f4:57:38:1b:ed:75:51:e0:e7:d2:3d:22:76:cf:
7e:5a:b4:b0:e0:02:73:52:aa:03:bd:c5:de:9b:6a:
fd:6c:84:6f:a3:b3:57:2a:a6:a8:e4:ed:a7:0e:8b:
d6:87:86:0e:37:cc:03:68:ca:29:95:d1:83:52:d9:
0b:65:1e:08:6e:98:96:39:03:cc:31:d5:92:81:71:
43:75:cc:c2:cd:0c:49:75:5d:4b:5c:d5:b6:11:42:
f2:cb:14:98:33:b3:ba:87:7a:d5:be:65:74:40:4c:
ec:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:73:07:12:0D:E3:8D:3B:CC:D8:07:DE:4A:D0:A6:5A:4F:78:3B:1F
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3137362e3232372e3234302e302f32342d3234203d3e20323039383534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.227.240.0/24
Signature Algorithm: sha256WithRSAEncryption
74:28:d2:fa:84:9b:89:f7:81:da:f2:f2:11:35:ac:77:16:1b:
f6:72:1c:93:db:eb:d8:c7:96:2d:38:26:91:fe:eb:d7:19:2f:
43:b0:3a:35:6b:b6:c4:e7:5c:8b:c2:07:7b:20:c8:1e:c6:0e:
1e:fd:bb:1e:d9:e7:e9:a7:74:7f:50:bc:93:91:30:08:e6:98:
87:1a:79:cc:b5:a2:1c:52:a2:6a:d8:b5:54:2a:d5:39:5e:87:
a5:30:f7:ad:b0:27:fe:f9:6e:28:fa:4f:9d:da:b7:13:ec:73:
0c:ca:67:a9:45:db:88:ea:87:e4:58:f0:7d:e7:18:3f:78:d1:
27:09:96:24:a7:8f:11:40:2a:de:14:df:9a:86:7d:7d:25:0d:
6d:05:ca:29:1d:14:0c:a0:c6:0f:d0:f4:fc:e0:cb:09:1b:76:
73:26:0e:22:2d:d3:e3:a8:4a:d4:cf:90:b1:8c:9d:21:5b:d2:
bb:5a:ae:99:cf:57:c9:34:0e:c2:54:4a:40:c6:68:20:69:8f:
b5:9c:87:33:50:a2:80:a6:f8:5c:fc:e4:44:2f:b8:e6:e2:9b:
6b:d6:43:ee:8d:06:d0:a0:b3:e7:99:48:0c:00:3e:59:cd:bf:
5a:68:37:74:ec:fd:5e:13:9b:5d:c0:3f:10:da:db:2b:b7:58:
32:cc:b5:70
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUHluF5OVE5OGChuyCqcSG/4OZagcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA4MDcwNzU5MzZaFw0yNTA4MDYwODA0MzZaMDMxMTAvBgNV
BAMTKEU3NzMwNzEyMERFMzhEM0JDQ0Q4MDdERTRBRDBBNjVBNEY3ODNCMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcJV74rnmjueQMXizBEdbn3RJp
XwpcqW2Vv5J4xW+IBp0ZwbqFRay4UHrA40ki5dftQXElvVnQ98sgkLZPO3IeGep+
tkKy0170R7vPcMd3DiRYL6MPDWTT9VUY/UEfKAGLrRaXnxycHcdw3W/noTsJ+SyJ
UUVfH7hH78Tte0IIM6jh2j839ye+Rj4vAo3IWxW3I3jhMXv0Vzgb7XVR4OfSPSJ2
z35atLDgAnNSqgO9xd6bav1shG+js1cqpqjk7acOi9aHhg43zANoyimV0YNS2Qtl
HghumJY5A8wx1ZKBcUN1zMLNDEl1XUtc1bYRQvLLFJgzs7qHetW+ZXRATOy/AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU53MHEg3jjTvM2AfeStCmWk94Ox8wHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzNzM2MmUzMjMyMzcyZTMy
MzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzOTM4MzUzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALDj8DANBgkqhkiG9w0BAQsFAAOCAQEAdCjS+oSbifeB2vLyETWsdxYb9nIc
k9vr2MeWLTgmkf7r1xkvQ7A6NWu2xOdci8IHeyDIHsYOHv27Htnn6ad0f1C8k5Ew
COaYhxp5zLWiHFKiati1VCrVOV6HpTD3rbAn/vluKPpPndq3E+xzDMpnqUXbiOqH
5FjwfecYP3jRJwmWJKePEUAq3hTfmoZ9fSUNbQXKKR0UDKDGD9D0/ODLCRt2cyYO
Ii3T46hK1M+QsYydIVvSu1qumc9XyTQOwlRKQMZoIGmPtZyHM1CigKb4XPzkRC+4
5uKba9ZD7o0G0KCz55lIDAA+Wc2/Wmg3dOz9XhObXcA/ENrbK7dYMsy1cA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org