Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3137362e3131332e37372e302f32342d3234203d3e20313336373837.roa
File: 3137362e3131332e37372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: G9+BUCSO31j8b2hpoSOXEUAdJpctXuKV+GUrgdDmqSI=
Subject key identifier: 69:D8:E6:DA:1C:B3:C0:A6:D2:D5:67:8C:B9:98:45:98:DA:40:15:44
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 38BB3CC647C1362F6237F20A09962EE35087DCC4
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3137362e3131332e37372e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 13 Feb 2024 12:54:11 +0000
ROA not before: Tue 13 Feb 2024 12:49:11 +0000
ROA not after: Tue 11 Feb 2025 12:54:11 +0000
asID: 136787
IP address blocks: 176.113.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:bb:3c:c6:47:c1:36:2f:62:37:f2:0a:09:96:2e:e3:50:87:dc:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Feb 13 12:49:11 2024 GMT
Not After : Feb 11 12:54:11 2025 GMT
Subject: CN=69D8E6DA1CB3C0A6D2D5678CB9984598DA401544
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ee:6a:55:22:d6:ee:7c:7a:80:c9:c7:6e:7f:
04:fa:47:52:1a:dd:b6:24:62:c8:bc:33:41:a8:fd:
3d:0b:a7:0a:9f:bd:93:f8:13:bc:c9:cf:b0:64:af:
c6:4b:dd:65:e7:47:29:8b:6a:55:89:d9:03:62:93:
89:11:37:3d:92:4e:48:18:87:1f:84:c5:0f:f2:9a:
07:9e:45:18:5e:5d:aa:48:13:7a:4f:20:ae:02:e1:
71:ce:a8:c9:b1:5d:12:24:0c:d4:f4:eb:47:96:20:
37:73:82:bc:e3:64:1f:b0:3e:1b:c8:e5:a4:9f:a0:
8e:b6:0f:c9:b1:d2:22:81:2d:11:47:43:19:dd:e6:
32:4b:dd:e5:15:1b:4c:57:a5:26:a3:39:1f:ce:1f:
ce:73:e6:61:8f:de:ef:02:79:13:68:ae:ea:4b:e9:
3d:9f:ad:76:05:14:7c:0d:6d:00:47:a5:7f:16:d0:
ba:b5:70:22:84:cf:6a:1d:9d:5d:d2:06:d8:d6:be:
fd:68:78:33:c6:3e:e3:bd:5b:dd:b1:66:f4:ba:e9:
1b:89:6c:bb:9b:63:6a:ef:b3:7e:d5:4c:6b:f6:fb:
ed:29:54:15:0d:46:1c:15:16:c0:2d:82:7c:25:39:
1d:38:bd:19:bd:ce:30:75:8a:4e:29:8b:d9:f7:56:
ab:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:D8:E6:DA:1C:B3:C0:A6:D2:D5:67:8C:B9:98:45:98:DA:40:15:44
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3137362e3131332e37372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.113.77.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:b7:cf:7c:53:cd:a2:1e:77:8d:9b:87:55:7c:ce:a5:10:54:
f2:5d:6c:1e:9a:10:79:c0:a2:a2:aa:af:3d:08:ee:cf:c1:4a:
7c:0b:29:d7:2f:65:1b:13:ce:ef:fd:8f:43:7e:38:a3:96:ae:
61:92:a1:c8:6a:10:4e:e2:22:39:53:3c:8e:71:9e:c8:72:fd:
0c:af:c7:6e:24:bd:2b:5a:a8:a8:d5:b4:9f:69:50:99:bb:ca:
57:b8:ab:be:c9:ed:fb:93:aa:a6:e9:5f:2f:e9:04:b7:90:85:
2d:b2:31:c2:85:e2:a0:c7:8b:4d:b9:0c:99:c6:e8:f5:be:ff:
ea:5d:ed:7b:d8:ca:17:e7:e3:f9:5f:34:49:62:d1:bf:b9:7a:
42:03:13:3c:43:28:61:89:ed:77:08:ed:9e:aa:dd:87:15:b3:
4a:3e:d0:fa:d9:c4:e2:d5:8d:29:20:d8:e2:4d:d5:bc:89:4a:
95:75:c4:a7:b9:90:36:6d:41:3a:f4:eb:31:ce:69:52:34:c0:
3b:cf:ed:65:97:53:80:6f:ab:33:0a:5d:7e:03:89:21:0f:bb:
df:c9:ed:2e:37:dc:d9:19:3b:6c:33:44:ff:a3:01:d7:e0:8d:
63:8d:ca:aa:67:a6:ed:50:9a:a4:f7:ca:78:b9:9c:47:72:ba:
5c:b6:45:83
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOLs8xkfBNi9iN/IKCZYu41CH3MQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDAyMTMxMjQ5MTFaFw0yNTAyMTExMjU0MTFaMDMxMTAvBgNV
BAMTKDY5RDhFNkRBMUNCM0MwQTZEMkQ1Njc4Q0I5OTg0NTk4REE0MDE1NDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC7mpVItbufHqAycdufwT6R1Ia
3bYkYsi8M0Go/T0LpwqfvZP4E7zJz7Bkr8ZL3WXnRymLalWJ2QNik4kRNz2STkgY
hx+ExQ/ymgeeRRheXapIE3pPIK4C4XHOqMmxXRIkDNT060eWIDdzgrzjZB+wPhvI
5aSfoI62D8mx0iKBLRFHQxnd5jJL3eUVG0xXpSajOR/OH85z5mGP3u8CeRNorupL
6T2frXYFFHwNbQBHpX8W0Lq1cCKEz2odnV3SBtjWvv1oeDPGPuO9W92xZvS66RuJ
bLubY2rvs37VTGv2++0pVBUNRhwVFsAtgnwlOR04vRm9zjB1ik4pi9n3VqtFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUadjm2hyzwKbS1WeMuZhFmNpAFUQwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzNzM2MmUzMTMxMzMyZTM3
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACwcU0wDQYJKoZIhvcNAQELBQADggEBAEy3z3xTzaIed42bh1V8zqUQVPJdbB6a
EHnAoqKqrz0I7s/BSnwLKdcvZRsTzu/9j0N+OKOWrmGSochqEE7iIjlTPI5xnshy
/Qyvx24kvStaqKjVtJ9pUJm7yle4q77J7fuTqqbpXy/pBLeQhS2yMcKF4qDHi025
DJnG6PW+/+pd7XvYyhfn4/lfNEli0b+5ekIDEzxDKGGJ7XcI7Z6q3YcVs0o+0PrZ
xOLVjSkg2OJN1byJSpV1xKe5kDZtQTr06zHOaVI0wDvP7WWXU4BvqzMKXX4DiSEP
u9/J7S433NkZO2wzRP+jAdfgjWONyqpnpu1QmqT3yni5nEdyuly2RYM=
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:25 2024 by rpki-client on console-fra.rpki-client.org