Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3137362e3131332e37362e302f32322d3232203d3e20313336373837.roa
File: 3137362e3131332e37362e302f32322d3232203d3e20313336373837.roa (raw, json)
Hash identifier: nnCEaoBhNLzaQQ78b6LYyxz+VrRXOQYP64bckJQsvTI=
Subject key identifier: D3:E2:A0:DF:99:64:17:60:1F:EA:8F:BA:40:9D:EA:3A:63:50:2A:23
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 0722CEA747314780CFA72D3BA389099D491CC50E
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3137362e3131332e37362e302f32322d3232203d3e20313336373837.roa
Signing time: Wed 14 Feb 2024 06:17:36 +0000
ROA not before: Wed 14 Feb 2024 06:12:36 +0000
ROA not after: Wed 12 Feb 2025 06:17:36 +0000
asID: 136787
IP address blocks: 176.113.76.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 16:15:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:22:ce:a7:47:31:47:80:cf:a7:2d:3b:a3:89:09:9d:49:1c:c5:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Feb 14 06:12:36 2024 GMT
Not After : Feb 12 06:17:36 2025 GMT
Subject: CN=D3E2A0DF996417601FEA8FBA409DEA3A63502A23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7c:11:71:15:e6:4a:d1:f6:9f:57:e8:4b:70:
ca:98:59:98:e5:41:94:84:33:e9:9e:ab:bd:6d:89:
54:aa:e5:ed:70:3b:ac:d5:a4:eb:85:28:fd:24:9b:
6f:53:25:3a:e7:ec:cf:0f:c2:b9:50:c0:42:20:43:
2f:0c:36:cc:05:18:58:c0:81:5d:78:dd:ac:96:e5:
6e:24:50:4c:14:33:ea:50:82:d7:23:fe:6a:43:02:
63:44:50:e0:c2:ce:22:78:cb:23:1c:b1:a7:0b:ec:
5c:02:0e:ae:3a:02:16:6e:6f:ca:3a:8b:74:e1:18:
39:1c:68:7c:ee:07:f9:0d:64:0c:09:a5:28:a4:20:
87:99:a4:6b:bb:43:3f:ae:5c:d7:d9:81:00:10:03:
f2:90:03:26:e4:9e:bd:71:11:3f:e6:94:fd:b7:60:
07:26:11:f6:1a:85:14:5d:e5:9b:56:5d:73:89:08:
51:5f:e4:ac:fa:7f:35:4f:d7:6c:fe:02:20:53:ab:
83:a9:a5:10:4f:1e:cf:70:ee:9a:ed:0c:41:92:b5:
81:6d:4a:48:a6:a1:97:d7:25:10:91:8c:27:b0:48:
6f:c5:4d:1f:10:14:f0:9d:33:ba:bf:45:1c:81:6e:
12:6d:76:b9:db:99:26:67:46:9e:e8:11:ef:24:06:
fa:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:E2:A0:DF:99:64:17:60:1F:EA:8F:BA:40:9D:EA:3A:63:50:2A:23
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3137362e3131332e37362e302f32322d3232203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.113.76.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:80:6a:b4:9c:83:f3:0e:bb:a2:d0:7c:7f:00:da:94:80:ab:
ec:21:b4:23:86:89:9b:4f:16:a6:94:06:ce:fb:f6:fe:db:c0:
49:23:72:ba:74:ba:72:38:08:4e:6b:05:07:09:3e:82:02:c9:
9e:1b:28:93:bf:e5:26:fc:10:e7:48:97:b1:f3:14:e3:47:9a:
b9:53:1c:a2:e2:7f:40:17:26:be:fa:24:38:f5:96:d2:5a:54:
2b:75:5d:04:de:76:54:3f:61:a9:c8:8f:dd:86:7b:8b:7f:62:
97:3e:d1:16:71:cc:e1:af:40:49:6f:21:73:e9:86:af:62:3a:
11:2e:55:f0:6d:e9:7e:16:b4:20:90:b8:b1:84:05:3f:78:64:
53:7f:4f:a7:fc:3c:21:f5:5b:d2:7e:6d:df:0c:83:51:dc:d5:
29:03:fb:7d:99:cc:3b:64:84:c2:b0:26:1d:7d:9f:40:c9:ff:
47:8b:94:14:01:4c:89:a0:17:91:0b:e7:b0:98:fb:73:12:88:
c3:b6:b8:58:8b:2e:86:bd:4e:ad:22:99:dd:cd:0c:c2:46:08:
86:4d:02:24:5d:3b:f4:11:f3:0d:e6:4f:5c:0b:5f:be:5f:5c:
8a:70:6c:25:a7:6f:ca:a2:9c:48:08:63:6b:f9:09:d2:c1:1b:
ba:08:89:2f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUByLOp0cxR4DPpy07o4kJnUkcxQ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDAyMTQwNjEyMzZaFw0yNTAyMTIwNjE3MzZaMDMxMTAvBgNV
BAMTKEQzRTJBMERGOTk2NDE3NjAxRkVBOEZCQTQwOURFQTNBNjM1MDJBMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxfBFxFeZK0fafV+hLcMqYWZjl
QZSEM+meq71tiVSq5e1wO6zVpOuFKP0km29TJTrn7M8PwrlQwEIgQy8MNswFGFjA
gV143ayW5W4kUEwUM+pQgtcj/mpDAmNEUODCziJ4yyMcsacL7FwCDq46AhZub8o6
i3ThGDkcaHzuB/kNZAwJpSikIIeZpGu7Qz+uXNfZgQAQA/KQAybknr1xET/mlP23
YAcmEfYahRRd5ZtWXXOJCFFf5Kz6fzVP12z+AiBTq4OppRBPHs9w7prtDEGStYFt
SkimoZfXJRCRjCewSG/FTR8QFPCdM7q/RRyBbhJtdrnbmSZnRp7oEe8kBvqdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU0+Kg35lkF2Af6o+6QJ3qOmNQKiMwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzNzM2MmUzMTMxMzMyZTM3
MzYyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAKwcUwwDQYJKoZIhvcNAQELBQADggEBAHuAarScg/MOu6LQfH8A2pSAq+whtCOG
iZtPFqaUBs779v7bwEkjcrp0unI4CE5rBQcJPoICyZ4bKJO/5Sb8EOdIl7HzFONH
mrlTHKLif0AXJr76JDj1ltJaVCt1XQTedlQ/YanIj92Ge4t/Ypc+0RZxzOGvQElv
IXPphq9iOhEuVfBt6X4WtCCQuLGEBT94ZFN/T6f8PCH1W9J+bd8Mg1Hc1SkD+32Z
zDtkhMKwJh19n0DJ/0eLlBQBTImgF5EL57CY+3MSiMO2uFiLLoa9Tq0imd3NDMJG
CIZNAiRdO/QR8w3mT1wLX75fXIpwbCWnb8qinEgIY2v5CdLBG7oIiS8=
-----END CERTIFICATE-----
Generated at Wed May 8 00:13:15 2024 by rpki-client on console-fra.rpki-client.org