Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36322e302f32342d3234203d3e20313336373837.roa
File: 3130392e3233362e36322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: xlr55C8iBkfQAaM9S0f7rW+Th10mwSpTDBINzmYqjXk=
Subject key identifier: 79:0E:04:D0:43:71:19:58:9F:B0:C6:0D:D3:AF:BD:E4:7F:5F:B1:F0
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 6A3F55D2C8CD4E20BB4C47B61C5E8535611250A7
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36322e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:21 +0000
ROA not before: Mon 01 Apr 2024 13:58:21 +0000
ROA not after: Mon 31 Mar 2025 14:03:21 +0000
asID: 136787
IP address blocks: 109.236.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:3f:55:d2:c8:cd:4e:20:bb:4c:47:b6:1c:5e:85:35:61:12:50:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Apr 1 13:58:21 2024 GMT
Not After : Mar 31 14:03:21 2025 GMT
Subject: CN=790E04D0437119589FB0C60DD3AFBDE47F5FB1F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:11:53:34:06:4f:eb:ea:2c:af:d7:63:42:a5:
6e:90:d1:5f:93:57:bd:22:98:e9:20:d9:c1:77:1a:
8a:bc:cc:61:8a:cd:7b:8c:bc:11:66:ab:a8:0b:92:
67:b2:f9:fd:60:72:f8:3e:1a:65:8b:64:b8:8b:99:
7a:db:7c:bd:73:a3:e4:e0:72:61:59:71:7f:5f:5b:
e0:c2:a6:0f:4d:a3:ad:48:d7:37:3e:24:92:2d:45:
37:75:ac:15:04:72:96:89:6e:38:c8:77:c4:54:d5:
ee:c2:14:78:d9:f2:3d:c4:b0:7a:6b:4b:c3:e9:23:
aa:28:b7:48:73:83:7f:b9:b6:62:e5:5b:2f:28:c3:
d9:76:26:32:68:6d:10:9d:8b:a8:0b:e9:21:c1:81:
2d:e4:41:90:8e:c7:12:61:d9:b3:a2:b5:fe:44:89:
0a:b3:a2:22:1b:2e:c1:2c:b8:40:cc:e7:f7:b6:3e:
8e:a9:96:db:4c:75:7a:ff:39:be:73:9a:56:8e:1c:
65:6c:24:5e:be:eb:8b:07:96:7e:79:89:15:18:17:
1f:6d:b4:c0:c1:c6:a3:0a:59:1e:07:78:2d:ce:6a:
2e:68:96:69:1b:d7:2b:e3:4a:bf:70:25:7d:39:98:
c6:17:84:7a:46:13:90:31:2c:ad:0d:6c:30:87:62:
2c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:0E:04:D0:43:71:19:58:9F:B0:C6:0D:D3:AF:BD:E4:7F:5F:B1:F0
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.62.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:0e:0f:ef:4c:d8:5e:07:81:01:72:95:81:23:20:eb:b1:95:
58:56:83:19:43:1b:cb:6c:47:80:ee:b1:00:e1:f8:df:e9:e1:
ed:f4:9e:0d:43:23:b8:29:c3:d2:c9:3c:2d:4d:87:5d:14:f6:
07:0c:4b:75:c1:5c:26:0c:10:b9:76:69:b9:5f:b1:19:47:70:
5b:7f:6a:86:c3:84:41:23:c5:f5:48:d9:d4:e0:f0:42:c8:80:
47:9f:72:a8:52:db:33:26:27:a3:2b:82:37:f2:9b:84:28:a3:
db:83:e6:18:d0:0c:9f:c5:bf:f7:c5:5a:0d:9d:94:e2:3a:af:
72:b7:e1:6d:10:17:ba:5b:81:2d:84:67:00:d5:7f:93:4f:34:
ab:39:64:ec:d1:54:c7:25:3f:53:df:ae:78:0a:b6:8c:c0:95:
f9:8d:7b:99:b9:00:5e:7e:5b:62:e6:0c:0b:a2:cf:ce:66:d5:
b5:fd:4b:49:bb:0e:4d:b8:b9:2d:5c:2e:47:34:91:d0:0b:c3:
d6:59:18:c0:d2:e1:42:99:eb:17:69:a9:20:8e:aa:7d:41:56:
65:45:90:e3:6a:fe:b8:21:3b:4f:0c:19:ff:fd:f7:25:f4:13:
2f:67:0e:89:42:0c:b3:b9:0c:2b:26:f5:2f:3e:6f:98:a3:21:
78:e7:b2:82
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUaj9V0sjNTiC7TEe2HF6FNWESUKcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDA0MDExMzU4MjFaFw0yNTAzMzExNDAzMjFaMDMxMTAvBgNV
BAMTKDc5MEUwNEQwNDM3MTE5NTg5RkIwQzYwREQzQUZCREU0N0Y1RkIxRjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDEVM0Bk/r6iyv12NCpW6Q0V+T
V70imOkg2cF3Goq8zGGKzXuMvBFmq6gLkmey+f1gcvg+GmWLZLiLmXrbfL1zo+Tg
cmFZcX9fW+DCpg9No61I1zc+JJItRTd1rBUEcpaJbjjId8RU1e7CFHjZ8j3EsHpr
S8PpI6oot0hzg3+5tmLlWy8ow9l2JjJobRCdi6gL6SHBgS3kQZCOxxJh2bOitf5E
iQqzoiIbLsEsuEDM5/e2Po6plttMdXr/Ob5zmlaOHGVsJF6+64sHln55iRUYFx9t
tMDBxqMKWR4HeC3Oai5olmkb1yvjSr9wJX05mMYXhHpGE5AxLK0NbDCHYiwZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUeQ4E0ENxGVifsMYN06+95H9fsfAwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzMDM5MmUzMjMzMzYyZTM2
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABt7D4wDQYJKoZIhvcNAQELBQADggEBAKYOD+9M2F4HgQFylYEjIOuxlVhWgxlD
G8tsR4DusQDh+N/p4e30ng1DI7gpw9LJPC1Nh10U9gcMS3XBXCYMELl2ablfsRlH
cFt/aobDhEEjxfVI2dTg8ELIgEefcqhS2zMmJ6Mrgjfym4Qoo9uD5hjQDJ/Fv/fF
Wg2dlOI6r3K34W0QF7pbgS2EZwDVf5NPNKs5ZOzRVMclP1PfrngKtozAlfmNe5m5
AF5+W2LmDAuiz85m1bX9S0m7Dk24uS1cLkc0kdALw9ZZGMDS4UKZ6xdpqSCOqn1B
VmVFkONq/rghO08MGf/99yX0Ey9nDolCDLO5DCsm9S8+b5ijIXjnsoI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org