Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36302e302f32342d3332203d3e203531313637.roa
File: 3130392e3233362e36302e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: 1wfgM4xLFsYDHucpuKz8O3Jl4Sf0yI80MTQToRYYBkA=
Subject key identifier: CA:79:E3:92:5E:91:FC:91:DE:FC:03:4E:04:50:3C:C2:42:88:4C:BF
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 08D972F7C7ED4FEB77B9B3315CC96753FB0AA8EF
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36302e302f32342d3332203d3e203531313637.roa
Signing time: Fri 21 Jun 2024 08:03:59 +0000
ROA not before: Fri 21 Jun 2024 07:58:59 +0000
ROA not after: Fri 20 Jun 2025 08:03:59 +0000
asID: 51167
IP address blocks: 109.236.60.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:d9:72:f7:c7:ed:4f:eb:77:b9:b3:31:5c:c9:67:53:fb:0a:a8:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Jun 21 07:58:59 2024 GMT
Not After : Jun 20 08:03:59 2025 GMT
Subject: CN=CA79E3925E91FC91DEFC034E04503CC242884CBF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:22:3f:46:2c:4b:78:ce:16:ed:a9:5e:a6:77:
35:6a:28:e2:17:e7:dd:51:31:6b:c0:1f:11:69:36:
8b:0b:55:4c:8c:05:07:9e:3a:5f:ca:31:de:81:a3:
38:07:ce:c7:5d:2e:5b:6d:22:b4:ec:40:9a:09:27:
ba:dc:00:22:23:5c:92:ab:22:ab:9d:7a:5d:6b:92:
f6:97:c4:1f:93:fb:1a:2a:7d:89:81:23:f4:e8:ad:
af:05:42:36:95:f7:e8:d1:f8:72:79:29:38:61:43:
cc:90:d9:f3:f8:56:42:b9:23:93:40:d8:c3:61:9a:
64:1a:3f:dc:28:8a:3b:35:6f:1c:a9:68:81:f2:15:
ec:37:a4:d8:43:71:95:1a:80:e1:d2:b2:ed:89:d1:
f5:df:17:44:ed:3e:8b:c3:23:2d:89:87:30:fe:af:
d7:4b:05:86:bb:0d:37:ca:e5:24:b1:69:96:9c:4c:
72:d8:61:37:1a:9c:f7:56:09:74:88:cb:28:c2:4d:
09:07:ce:de:df:8d:db:da:73:77:de:2e:f3:87:5f:
84:cc:b2:b1:35:b2:bf:b9:4d:be:02:43:97:80:72:
db:57:f7:22:6e:11:cc:cd:e7:06:57:43:a1:c6:97:
14:02:2e:23:2f:24:0f:1d:21:66:51:c0:4e:46:a5:
95:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:79:E3:92:5E:91:FC:91:DE:FC:03:4E:04:50:3C:C2:42:88:4C:BF
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36302e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.60.0/24
Signature Algorithm: sha256WithRSAEncryption
20:10:22:c7:91:8a:98:56:5d:1f:0b:7e:7b:dc:fb:68:b8:31:
a3:f9:48:21:bf:4c:a9:db:35:13:a0:7a:46:4b:51:bf:20:d3:
09:d1:f2:33:4a:c9:f3:ab:88:04:17:43:ec:ca:a0:e2:a7:f7:
f8:46:f0:c6:0e:2a:c7:50:30:b2:5a:97:8e:fc:db:d8:bf:f8:
20:20:a0:08:e1:42:b9:c6:d3:ce:41:30:3d:6f:c2:45:f2:bf:
a2:0c:54:f5:3f:2d:11:0c:7c:3a:cf:f2:1f:48:e9:ec:e6:ee:
40:28:fb:7d:b6:af:ab:72:1a:68:1b:81:a1:2f:9e:23:1b:79:
4a:40:8e:67:b5:9b:24:fd:21:d1:71:09:1c:b6:0a:00:e8:48:
9f:8f:03:80:9e:ed:24:87:59:a4:3b:10:1b:31:93:16:77:df:
d7:be:ea:2e:f3:f0:8a:9c:ec:22:06:73:3b:66:96:c6:12:ae:
d5:1c:ae:25:0e:65:17:53:9c:a1:41:ce:9f:b8:85:76:a9:10:
09:3c:d7:58:cd:90:69:11:9f:5f:ce:76:6c:5d:6d:3f:4e:bc:
be:2e:64:3a:cf:cf:5f:91:9e:81:25:4b:ce:60:24:8f:57:bb:
de:68:80:5c:81:9a:69:da:d4:9c:17:a8:33:9b:96:4c:f8:47:
ad:c5:c4:f4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCNly98ftT+t3ubMxXMlnU/sKqO8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDA2MjEwNzU4NTlaFw0yNTA2MjAwODAzNTlaMDMxMTAvBgNV
BAMTKENBNzlFMzkyNUU5MUZDOTFERUZDMDM0RTA0NTAzQ0MyNDI4ODRDQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMIj9GLEt4zhbtqV6mdzVqKOIX
591RMWvAHxFpNosLVUyMBQeeOl/KMd6BozgHzsddLlttIrTsQJoJJ7rcACIjXJKr
Iqudel1rkvaXxB+T+xoqfYmBI/Tora8FQjaV9+jR+HJ5KThhQ8yQ2fP4VkK5I5NA
2MNhmmQaP9woijs1bxypaIHyFew3pNhDcZUagOHSsu2J0fXfF0TtPovDIy2JhzD+
r9dLBYa7DTfK5SSxaZacTHLYYTcanPdWCXSIyyjCTQkHzt7fjdvac3feLvOHX4TM
srE1sr+5Tb4CQ5eActtX9yJuEczN5wZXQ6HGlxQCLiMvJA8dIWZRwE5GpZXtAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUynnjkl6R/JHe/ANOBFA8wkKITL8wHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzMDM5MmUzMjMzMzYyZTM2
MzAyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
bew8MA0GCSqGSIb3DQEBCwUAA4IBAQAgECLHkYqYVl0fC3573PtouDGj+Ughv0yp
2zUToHpGS1G/INMJ0fIzSsnzq4gEF0PsyqDip/f4RvDGDirHUDCyWpeO/NvYv/gg
IKAI4UK5xtPOQTA9b8JF8r+iDFT1Py0RDHw6z/IfSOns5u5AKPt9tq+rchpoG4Gh
L54jG3lKQI5ntZsk/SHRcQkctgoA6EifjwOAnu0kh1mkOxAbMZMWd9/Xvuou8/CK
nOwiBnM7ZpbGEq7VHK4lDmUXU5yhQc6fuIV2qRAJPNdYzZBpEZ9fznZsXW0/Try+
LmQ6z89fkZ6BJUvOYCSPV7veaIBcgZpp2tScF6gzm5ZM+EetxcT0
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org