Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36302e302f32342d3332203d3e203531313637.roa
File: 3130392e3233362e36302e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: YLYr6Idn58ZjSMDj6lYoVNXFKXcGLrx4bqQbFc+AexM=
Subject key identifier: CF:9A:48:D0:4B:BD:95:72:AE:FA:54:BC:22:02:44:F9:8F:76:A0:92
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 30DB165EF37AF606C100C81A7F307C6FD86D5BFF
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36302e302f32342d3332203d3e203531313637.roa
Signing time: Fri 21 Jul 2023 07:19:47 +0000
ROA not before: Fri 21 Jul 2023 07:14:47 +0000
ROA not after: Fri 19 Jul 2024 07:19:47 +0000
asID: 51167
IP address blocks: 109.236.60.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:db:16:5e:f3:7a:f6:06:c1:00:c8:1a:7f:30:7c:6f:d8:6d:5b:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Jul 21 07:14:47 2023 GMT
Not After : Jul 19 07:19:47 2024 GMT
Subject: CN=CF9A48D04BBD9572AEFA54BC220244F98F76A092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:19:10:43:22:f9:da:e6:2d:b6:fb:bc:d9:71:
21:a0:fb:4c:2c:ef:d8:b8:12:ff:c5:cf:44:73:33:
01:1f:24:4a:01:06:76:bb:d5:ef:82:53:93:5a:67:
81:16:3d:00:22:9f:1b:5f:2e:dd:b7:29:8b:9c:0c:
aa:5b:58:ba:01:e6:33:f1:68:db:73:fb:4f:25:f9:
ec:69:69:7a:57:1d:5a:24:40:c6:ce:18:f2:73:f5:
01:5c:28:f2:bd:2c:98:91:05:fe:f4:35:91:40:63:
fa:29:71:a1:bf:47:8d:6a:6b:71:fc:44:43:15:c9:
8a:17:33:53:bc:0d:2a:25:e6:13:e7:92:5b:85:3d:
42:6b:0a:42:48:14:4a:58:a1:92:02:b0:c5:61:95:
d1:88:23:1f:71:9c:f9:f1:46:36:0c:a1:97:a0:90:
e2:d7:ea:4f:be:3b:83:10:06:2e:08:97:e3:05:0a:
08:ba:4d:cc:cf:12:bd:ba:3c:f2:48:d1:ea:92:e0:
64:22:7a:a5:ee:b5:bd:d8:a3:49:cf:95:46:53:23:
c2:55:3d:83:fa:99:d7:32:0f:bf:00:c3:ff:a8:9a:
7f:0c:82:a1:e4:ee:58:c8:28:6d:3a:f8:e7:d2:f3:
8f:d6:68:6b:cf:38:03:b1:bb:33:aa:6a:ef:c2:fc:
24:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:9A:48:D0:4B:BD:95:72:AE:FA:54:BC:22:02:44:F9:8F:76:A0:92
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36302e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.60.0/24
Signature Algorithm: sha256WithRSAEncryption
85:ee:d3:ec:27:51:92:eb:d8:0e:56:bc:08:1f:5c:a8:4e:0f:
b1:44:9f:08:74:cf:28:ad:3a:9d:01:b5:17:31:90:69:f8:72:
1c:15:ba:57:f6:6d:d2:f0:a7:f8:df:aa:15:97:06:d0:c4:e7:
0f:dd:d3:2c:56:98:a7:02:cd:94:81:28:8b:e3:b2:b7:26:b9:
67:d1:6d:fb:65:c4:70:1f:ce:f2:19:c2:41:f9:de:39:af:bc:
ab:be:c1:5e:dc:08:e8:bc:3a:e3:9d:47:d1:ec:22:ec:3a:f1:
06:46:d0:23:27:e2:cc:15:21:73:21:1f:7b:e6:aa:30:13:99:
c9:1b:dc:4a:61:9b:35:76:55:2a:52:1e:28:69:5c:1f:80:f9:
13:63:b0:b0:96:f9:ba:a8:d2:39:48:ae:b1:a9:90:ec:f3:bd:
9f:86:35:07:fa:88:10:5d:5d:5c:78:58:0b:cb:50:ed:a0:75:
f6:d6:53:c0:17:69:6e:5a:a6:2d:ac:8e:91:04:ee:93:71:ed:
4d:35:10:13:97:e6:75:b3:07:99:fd:23:d8:98:a4:5e:64:47:
13:c0:73:51:c5:66:40:b1:b0:87:04:3d:98:f1:34:c4:e5:d6:
6f:3c:f1:f9:82:24:68:52:8a:de:1a:fd:e9:6b:8b:9c:fc:2a:
7c:e0:96:31
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMNsWXvN69gbBAMgafzB8b9htW/8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzA3MjEwNzE0NDdaFw0yNDA3MTkwNzE5NDdaMDMxMTAvBgNV
BAMTKENGOUE0OEQwNEJCRDk1NzJBRUZBNTRCQzIyMDI0NEY5OEY3NkEwOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrGRBDIvna5i22+7zZcSGg+0ws
79i4Ev/Fz0RzMwEfJEoBBna71e+CU5NaZ4EWPQAinxtfLt23KYucDKpbWLoB5jPx
aNtz+08l+expaXpXHVokQMbOGPJz9QFcKPK9LJiRBf70NZFAY/opcaG/R41qa3H8
REMVyYoXM1O8DSol5hPnkluFPUJrCkJIFEpYoZICsMVhldGIIx9xnPnxRjYMoZeg
kOLX6k++O4MQBi4Il+MFCgi6TczPEr26PPJI0eqS4GQieqXutb3Yo0nPlUZTI8JV
PYP6mdcyD78Aw/+omn8MgqHk7ljIKG06+OfS84/WaGvPOAOxuzOqau/C/CTlAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUz5pI0Eu9lXKu+lS8IgJE+Y92oJIwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzMDM5MmUzMjMzMzYyZTM2
MzAyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
bew8MA0GCSqGSIb3DQEBCwUAA4IBAQCF7tPsJ1GS69gOVrwIH1yoTg+xRJ8IdM8o
rTqdAbUXMZBp+HIcFbpX9m3S8Kf436oVlwbQxOcP3dMsVpinAs2UgSiL47K3Jrln
0W37ZcRwH87yGcJB+d45r7yrvsFe3AjovDrjnUfR7CLsOvEGRtAjJ+LMFSFzIR97
5qowE5nJG9xKYZs1dlUqUh4oaVwfgPkTY7Cwlvm6qNI5SK6xqZDs872fhjUH+ogQ
XV1ceFgLy1DtoHX21lPAF2luWqYtrI6RBO6Tce1NNRATl+Z1sweZ/SPYmKReZEcT
wHNRxWZAsbCHBD2Y8TTE5dZvPPH5giRoUoreGv3pa4uc/Cp84JYx
-----END CERTIFICATE-----
Generated at Sun May 12 02:47:02 2024 by rpki-client on console-fra.rpki-client.org