Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36332e302f32342d3234203d3e20313336373837.roa
File: 3130392e3233362e36332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: CzSPnsiRXHK9gKJ2nMr7HBXbyguV18qdBcXSg9/Rbm4=
Subject key identifier: 3A:32:03:7F:D1:A4:84:B2:D6:5B:5C:A0:A5:14:31:62:44:73:EC:72
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 13402A1D6B35C3E7312DCFF524066DF2839C7635
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36332e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:21 +0000
ROA not before: Mon 01 Apr 2024 13:58:21 +0000
ROA not after: Mon 31 Mar 2025 14:03:21 +0000
asID: 136787
IP address blocks: 109.236.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:40:2a:1d:6b:35:c3:e7:31:2d:cf:f5:24:06:6d:f2:83:9c:76:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Apr 1 13:58:21 2024 GMT
Not After : Mar 31 14:03:21 2025 GMT
Subject: CN=3A32037FD1A484B2D65B5CA0A51431624473EC72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4d:69:72:3d:49:9b:c0:4f:ec:7b:e0:67:6f:
af:05:b5:05:6c:9f:91:d3:67:cc:01:d3:67:e4:03:
95:e7:88:a8:66:18:5f:15:67:35:a1:62:7c:dd:91:
79:b2:28:7a:96:95:8a:9a:88:65:e1:16:f1:08:22:
24:19:e6:12:57:43:94:c3:d6:a0:82:ff:d8:54:03:
9a:2c:2e:0a:e8:7c:8c:d0:01:c0:84:d0:77:6c:1d:
30:89:6f:d3:3c:6a:bd:76:07:a5:0a:a2:be:ab:00:
b5:de:14:05:35:38:4c:b5:d6:b5:c5:05:a5:4b:e4:
e8:80:97:cf:f0:d0:52:18:ef:90:c3:87:81:3a:2d:
27:33:e2:1b:fe:22:22:cc:a8:0d:2a:ea:93:c0:ff:
b1:c1:d5:b1:b6:7c:7b:df:81:c6:c0:16:80:76:bd:
41:43:15:4f:cc:54:9a:c8:b8:1b:32:8b:37:37:9a:
45:39:93:c6:8f:0b:bd:d9:db:29:ca:0a:d8:ab:9d:
ac:f2:90:da:c0:f2:0f:61:79:b9:44:2d:32:d4:bc:
1f:f8:ec:7a:95:6f:af:1e:65:1a:da:09:dc:99:f5:
39:34:87:61:6b:84:8e:57:02:c0:b4:c2:27:a4:03:
6c:2b:27:ab:84:f5:ec:7d:59:78:c4:3c:8c:7d:21:
5e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:32:03:7F:D1:A4:84:B2:D6:5B:5C:A0:A5:14:31:62:44:73:EC:72
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.63.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:cf:61:6c:c8:bd:98:35:d8:e0:9a:3e:6c:fc:06:d3:2e:58:
45:7e:07:23:c4:73:4f:bd:e4:db:fd:8c:a7:0e:f4:46:05:48:
85:06:ef:49:ff:72:73:f3:ab:9c:9e:60:29:7c:4d:02:80:35:
e9:76:78:47:c7:e9:ed:82:f1:c7:eb:c1:f7:21:3b:b1:f5:a9:
62:87:43:23:a5:79:72:18:ab:a0:f2:67:47:52:ce:5b:6f:bc:
28:63:44:cf:4c:3f:5d:08:85:75:bf:9f:76:10:b4:56:72:d4:
62:2e:2a:0d:8f:4c:b0:fa:23:38:86:8f:d3:7e:57:b2:94:d1:
c9:16:a7:fd:2c:6b:7a:e7:ae:fd:f3:70:be:59:85:f6:16:ab:
5f:f7:3d:09:3a:be:b6:61:2b:3a:fa:6b:82:12:bb:a8:f8:51:
03:a0:e2:1f:8b:63:23:d7:83:ff:dd:ff:b4:b4:2b:83:cf:4d:
07:b7:cd:cc:f4:d4:25:10:7a:ae:f2:84:88:77:dd:68:75:f3:
fc:78:04:7f:b6:9a:0b:0e:3c:d7:09:2e:e3:3d:f7:fb:6a:25:
d7:b6:37:e4:04:a5:bd:08:c7:7e:ba:f8:b6:1f:28:4a:3e:e3:
90:29:55:8f:2f:c9:5d:b4:10:ec:88:b1:04:d8:af:3f:01:9d:
4a:ef:eb:d9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUE0AqHWs1w+cxLc/1JAZt8oOcdjUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDA0MDExMzU4MjFaFw0yNTAzMzExNDAzMjFaMDMxMTAvBgNV
BAMTKDNBMzIwMzdGRDFBNDg0QjJENjVCNUNBMEE1MTQzMTYyNDQ3M0VDNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0TWlyPUmbwE/se+Bnb68FtQVs
n5HTZ8wB02fkA5XniKhmGF8VZzWhYnzdkXmyKHqWlYqaiGXhFvEIIiQZ5hJXQ5TD
1qCC/9hUA5osLgrofIzQAcCE0HdsHTCJb9M8ar12B6UKor6rALXeFAU1OEy11rXF
BaVL5OiAl8/w0FIY75DDh4E6LScz4hv+IiLMqA0q6pPA/7HB1bG2fHvfgcbAFoB2
vUFDFU/MVJrIuBsyizc3mkU5k8aPC73Z2ynKCtirnazykNrA8g9heblELTLUvB/4
7HqVb68eZRraCdyZ9Tk0h2FrhI5XAsC0wiekA2wrJ6uE9ex9WXjEPIx9IV49AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUOjIDf9GkhLLWW1ygpRQxYkRz7HIwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzMDM5MmUzMjMzMzYyZTM2
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABt7D8wDQYJKoZIhvcNAQELBQADggEBALXPYWzIvZg12OCaPmz8BtMuWEV+ByPE
c0+95Nv9jKcO9EYFSIUG70n/cnPzq5yeYCl8TQKANel2eEfH6e2C8cfrwfchO7H1
qWKHQyOleXIYq6DyZ0dSzltvvChjRM9MP10IhXW/n3YQtFZy1GIuKg2PTLD6IziG
j9N+V7KU0ckWp/0sa3rnrv3zcL5ZhfYWq1/3PQk6vrZhKzr6a4ISu6j4UQOg4h+L
YyPXg//d/7S0K4PPTQe3zcz01CUQeq7yhIh33Wh18/x4BH+2mgsOPNcJLuM99/tq
Jde2N+QEpb0Ix366+LYfKEo+45ApVY8vyV20EOyIsQTYrz8BnUrv69k=
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:59:03 2024 by rpki-client on console-ams.rpki-client.org