Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/322e35382e37342e302f32342d3234203d3e20313336373837.roa
File: 322e35382e37342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: sR9weQzHlqd90K/0YMU7JvaTFXHIAanMg1VSA2rRrUU=
Subject key identifier: 61:9F:15:65:90:CC:B2:41:89:1E:D7:0B:CE:56:47:D5:3C:09:62:3F
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 1415AE8A012534B2FB1B0BB254F785190555DB98
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/322e35382e37342e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 19 Jun 2023 16:34:34 +0000
ROA not before: Mon 19 Jun 2023 16:29:34 +0000
ROA not after: Mon 17 Jun 2024 16:34:34 +0000
asID: 136787
IP address blocks: 2.58.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:15:ae:8a:01:25:34:b2:fb:1b:0b:b2:54:f7:85:19:05:55:db:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Jun 19 16:29:34 2023 GMT
Not After : Jun 17 16:34:34 2024 GMT
Subject: CN=619F156590CCB241891ED70BCE5647D53C09623F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:93:b4:49:0f:38:f3:f3:8f:d7:47:6b:54:c3:
ce:9d:3c:2b:32:73:cf:6b:a2:97:bc:af:03:d8:1a:
70:53:55:19:3d:b7:83:52:ce:8c:89:a7:66:dd:67:
f1:54:0b:b9:c8:05:b7:b6:7a:a5:b4:50:f9:2d:0a:
92:7a:97:31:62:e2:72:ab:d6:f9:a2:b6:b0:24:38:
12:46:5f:3e:03:9a:66:41:83:8b:f7:59:dd:54:3a:
f9:d3:01:3c:77:90:ac:dc:bf:f3:4a:e2:3b:dd:24:
d9:41:b1:25:2e:25:26:a9:96:19:f1:05:18:08:cf:
9e:b6:79:c9:11:cb:c7:f3:65:9c:d5:36:46:9d:f6:
a7:e9:46:e8:73:ff:f4:12:12:81:bb:ac:aa:bf:7f:
64:ad:a0:4a:87:86:21:4b:69:76:22:a6:49:ea:f4:
e5:f3:7b:ce:45:c1:57:2f:ae:e4:af:7a:4c:14:b2:
11:ca:a4:c8:0b:40:1a:7b:a0:1c:5d:d8:7b:5a:67:
01:29:33:6a:7d:17:5f:2c:93:f9:4c:0f:fd:67:58:
8c:ff:71:12:5f:d0:05:93:6a:b7:81:20:af:3c:83:
1f:34:21:59:05:b7:31:6a:c5:43:ae:eb:85:c2:ea:
c0:53:5c:fb:b1:d4:ca:29:9f:c5:32:9f:77:63:80:
34:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:9F:15:65:90:CC:B2:41:89:1E:D7:0B:CE:56:47:D5:3C:09:62:3F
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/322e35382e37342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.74.0/24
Signature Algorithm: sha256WithRSAEncryption
32:86:6d:92:57:57:d0:9d:f5:10:8c:81:65:9d:b4:d7:e5:12:
8a:bf:2d:fc:f3:63:79:f1:20:b5:68:30:e8:58:d8:08:4c:2f:
50:cc:a1:c6:a8:e8:d5:01:b9:09:ec:5d:fe:7f:e5:af:9b:2b:
8c:7a:d4:4a:8d:50:78:2a:56:e7:ad:67:3d:98:67:08:a0:37:
2c:2e:ab:cc:62:26:8e:9d:3f:0b:a6:e4:bc:3d:57:45:71:b2:
6a:cc:e6:17:87:39:fa:e8:a9:73:9b:64:4f:fe:c8:10:60:8a:
54:bf:ab:50:c7:12:ff:39:68:25:31:c9:05:0f:f9:27:98:b0:
9a:3b:e6:fe:f8:14:22:bc:f3:20:d5:90:95:c0:2d:58:b8:5d:
cd:1a:51:53:47:c5:b7:bb:55:f8:ba:1d:97:25:0c:e5:d1:b6:
22:40:a9:41:49:c1:cd:34:dc:31:1c:8c:22:71:a1:3c:24:0d:
61:03:7d:77:c1:88:47:74:30:2e:00:d6:31:40:42:cb:a3:1a:
24:55:37:4e:ae:2c:38:07:f4:32:d4:37:8a:fe:20:0b:5f:2f:
69:a9:22:c3:ec:67:d3:5e:ce:f6:1e:b3:77:ed:3d:72:fa:8c:
7d:15:b5:f9:c1:9a:95:c3:97:c3:99:3f:1f:e4:28:77:19:3b:
a4:60:42:7d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUFBWuigElNLL7GwuyVPeFGQVV25gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yMzA2MTkxNjI5MzRaFw0yNDA2MTcxNjM0MzRaMDMxMTAvBgNV
BAMTKDYxOUYxNTY1OTBDQ0IyNDE4OTFFRDcwQkNFNTY0N0Q1M0MwOTYyM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgk7RJDzjz84/XR2tUw86dPCsy
c89rope8rwPYGnBTVRk9t4NSzoyJp2bdZ/FUC7nIBbe2eqW0UPktCpJ6lzFi4nKr
1vmitrAkOBJGXz4DmmZBg4v3Wd1UOvnTATx3kKzcv/NK4jvdJNlBsSUuJSaplhnx
BRgIz562eckRy8fzZZzVNkad9qfpRuhz//QSEoG7rKq/f2StoEqHhiFLaXYipknq
9OXze85FwVcvruSvekwUshHKpMgLQBp7oBxd2HtaZwEpM2p9F18sk/lMD/1nWIz/
cRJf0AWTareBIK88gx80IVkFtzFqxUOu64XC6sBTXPux1Mopn8Uyn3djgDTJAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUYZ8VZZDMskGJHtcLzlZH1TwJYj8wHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzIyZTM1MzgyZTM3MzQyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOkow
DQYJKoZIhvcNAQELBQADggEBADKGbZJXV9Cd9RCMgWWdtNflEoq/LfzzY3nxILVo
MOhY2AhML1DMocao6NUBuQnsXf5/5a+bK4x61EqNUHgqVuetZz2YZwigNywuq8xi
Jo6dPwum5Lw9V0VxsmrM5heHOfroqXObZE/+yBBgilS/q1DHEv85aCUxyQUP+SeY
sJo75v74FCK88yDVkJXALVi4Xc0aUVNHxbe7Vfi6HZclDOXRtiJAqUFJwc003DEc
jCJxoTwkDWEDfXfBiEd0MC4A1jFAQsujGiRVN06uLDgH9DLUN4r+IAtfL2mpIsPs
Z9NezvYes3ftPXL6jH0VtfnBmpXDl8OZPx/kKHcZO6RgQn0=
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:54 2024 by rpki-client on console-ams.rpki-client.org