Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36302e302f32342d3332203d3e203430303231.roa
File: 3130392e3233362e36302e302f32342d3332203d3e203430303231.roa (raw, json)
Hash identifier: o64AqUBsDD+nxk6+dbiwR+uCT7NjVfVmU6N4JcZnRSg=
Subject key identifier: 7F:7A:28:79:CA:FE:28:31:D8:DF:54:1E:A1:ED:88:39:38:FD:1E:99
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 7F96E74F81A88FDC035582B390D0A0D7C9797CF8
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36302e302f32342d3332203d3e203430303231.roa
Signing time: Tue 12 Mar 2024 20:00:12 +0000
ROA not before: Tue 12 Mar 2024 19:55:12 +0000
ROA not after: Tue 11 Mar 2025 20:00:12 +0000
asID: 40021
IP address blocks: 109.236.60.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:96:e7:4f:81:a8:8f:dc:03:55:82:b3:90:d0:a0:d7:c9:79:7c:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 12 19:55:12 2024 GMT
Not After : Mar 11 20:00:12 2025 GMT
Subject: CN=7F7A2879CAFE2831D8DF541EA1ED883938FD1E99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:15:33:19:7b:a5:66:8d:e0:ef:7b:90:09:d5:
79:b5:ea:37:9a:c8:8f:ce:99:35:44:d8:f0:b4:94:
dd:b7:94:47:ce:22:54:47:dd:de:b3:a1:05:90:f2:
a4:06:d4:9d:ac:cb:3a:f2:cf:51:4c:ef:8c:56:7d:
2b:0d:6f:ac:4b:ad:8f:39:7f:22:57:6e:39:7c:01:
a8:b6:0e:e5:e8:ce:46:1e:b0:5b:02:b0:59:9f:d7:
51:2f:36:d6:97:b8:10:a2:b6:64:e1:2f:38:2a:8a:
e3:b3:b7:bd:03:d3:55:e3:b4:81:da:09:03:7e:a4:
fd:81:26:7b:50:0c:13:82:f6:9d:61:d3:f2:26:a3:
1e:35:ff:a8:76:ef:c8:78:f0:84:80:fb:fe:0d:91:
e8:26:dc:46:f7:7c:ed:9d:cd:8f:8a:97:08:ea:86:
ba:1e:3a:0f:e2:b9:4b:70:35:62:3e:f4:3e:4a:4d:
11:20:88:dc:77:49:32:99:93:b0:a6:c2:20:75:d9:
bb:82:bc:f3:1c:61:08:27:86:f7:2d:37:51:f7:19:
36:9d:1d:1a:16:ce:63:67:39:b9:a7:46:ce:ee:f5:
18:e4:00:ec:a5:6a:b1:6c:ec:ae:b4:42:37:dc:36:
ca:9d:dd:03:5f:65:05:1b:64:30:9b:fc:ee:ac:ef:
dc:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:7A:28:79:CA:FE:28:31:D8:DF:54:1E:A1:ED:88:39:38:FD:1E:99
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36302e302f32342d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.60.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:72:52:09:aa:c2:10:93:7a:95:5f:44:25:01:66:4b:05:80:
f9:dc:33:a4:a3:92:78:88:c4:da:e6:19:6f:20:d1:10:86:80:
0b:42:b1:6f:14:60:00:8a:a2:05:3d:5d:f3:46:93:f0:c0:a2:
ff:74:2b:e6:97:14:3b:42:48:a0:40:af:ae:e4:ce:5f:3f:4f:
9a:e0:a0:ec:cd:d4:13:4e:82:a7:cf:b5:1b:80:5d:d5:1b:8f:
7a:08:5a:4d:67:90:be:d9:5a:bf:8d:ad:7a:31:32:92:a3:fe:
86:79:c7:8d:47:90:c5:d7:8d:ef:05:ce:1b:4b:eb:ce:0d:95:
4b:c4:15:9d:82:45:31:be:6a:af:c3:18:0b:d3:b0:a9:8f:54:
80:f4:a6:58:7f:65:40:63:50:b6:10:d5:ae:b8:75:0a:b4:90:
6d:7a:bc:e9:95:d5:1c:f0:0f:4f:d9:a8:c4:c1:07:b1:66:34:
00:bf:ab:81:2d:3a:ba:c9:8d:0f:20:1f:c5:7f:ca:d9:31:78:
06:6b:e2:54:b0:e3:27:86:73:de:40:23:77:97:3f:82:db:69:
27:f4:13:e2:3f:4e:d0:98:4b:ba:d3:ca:85:f9:ab:d2:c4:46:
f2:55:c0:ef:1e:71:c1:b0:67:50:14:78:c6:a7:5c:85:6a:f1:
2a:aa:75:df
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUf5bnT4Goj9wDVYKzkNCg18l5fPgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDAzMTIxOTU1MTJaFw0yNTAzMTEyMDAwMTJaMDMxMTAvBgNV
BAMTKDdGN0EyODc5Q0FGRTI4MzFEOERGNTQxRUExRUQ4ODM5MzhGRDFFOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZFTMZe6VmjeDve5AJ1Xm16jea
yI/OmTVE2PC0lN23lEfOIlRH3d6zoQWQ8qQG1J2syzryz1FM74xWfSsNb6xLrY85
fyJXbjl8Aai2DuXozkYesFsCsFmf11EvNtaXuBCitmThLzgqiuOzt70D01XjtIHa
CQN+pP2BJntQDBOC9p1h0/Imox41/6h278h48ISA+/4Nkegm3Eb3fO2dzY+Klwjq
hroeOg/iuUtwNWI+9D5KTREgiNx3STKZk7CmwiB12buCvPMcYQgnhvctN1H3GTad
HRoWzmNnObmnRs7u9RjkAOylarFs7K60QjfcNsqd3QNfZQUbZDCb/O6s79zDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUf3ooecr+KDHY31Qeoe2IOTj9HpkwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzMDM5MmUzMjMzMzYyZTM2
MzAyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNDMwMzAzMjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
bew8MA0GCSqGSIb3DQEBCwUAA4IBAQA+clIJqsIQk3qVX0QlAWZLBYD53DOko5J4
iMTa5hlvINEQhoALQrFvFGAAiqIFPV3zRpPwwKL/dCvmlxQ7QkigQK+u5M5fP0+a
4KDszdQTToKnz7UbgF3VG496CFpNZ5C+2Vq/ja16MTKSo/6GeceNR5DF143vBc4b
S+vODZVLxBWdgkUxvmqvwxgL07Cpj1SA9KZYf2VAY1C2ENWuuHUKtJBterzpldUc
8A9P2ajEwQexZjQAv6uBLTq6yY0PIB/Ff8rZMXgGa+JUsOMnhnPeQCN3lz+C22kn
9BPiP07QmEu608qF+avSxEbyVcDvHnHBsGdQFHjGp1yFavEqqnXf
-----END CERTIFICATE-----
Generated at Sat May 11 08:34:17 2024 by rpki-client on console-fra.rpki-client.org