Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3137382e3231322e33352e302f32342d3332203d3e20313431393935.roa
File: 3137382e3231322e33352e302f32342d3332203d3e20313431393935.roa (raw, json)
Hash identifier: uzITk+dVRMHGshc4uO0AeL5hL97T2zj8W6GCZkUgLac=
Subject key identifier: DA:21:09:39:0C:C4:09:4A:1F:CF:36:A8:EC:50:D9:9B:AA:84:5F:37
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 71931C84905E4408918B7BDEBCC9A5225764C01D
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3137382e3231322e33352e302f32342d3332203d3e20313431393935.roa
Signing time: Mon 10 Jun 2024 11:02:44 +0000
ROA not before: Mon 10 Jun 2024 10:57:44 +0000
ROA not after: Mon 09 Jun 2025 11:02:44 +0000
asID: 141995
IP address blocks: 178.212.35.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:93:1c:84:90:5e:44:08:91:8b:7b:de:bc:c9:a5:22:57:64:c0:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Jun 10 10:57:44 2024 GMT
Not After : Jun 9 11:02:44 2025 GMT
Subject: CN=DA2109390CC4094A1FCF36A8EC50D99BAA845F37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d6:8c:09:5f:7f:d8:9c:c8:c5:90:da:df:04:
ca:39:d3:42:28:4a:44:55:4e:64:cc:a1:be:f1:79:
a9:0a:e1:b0:39:4a:95:62:71:28:6d:b4:c4:a8:78:
8a:a8:79:05:9e:64:c2:aa:8c:18:a8:78:74:66:83:
0f:ba:6c:29:b2:de:da:63:b9:93:38:89:cf:4d:e8:
34:9b:5b:1c:12:c2:dc:cd:33:f0:92:e8:17:4f:0e:
19:44:19:dd:00:39:1f:d7:86:45:cf:4d:d3:bd:60:
de:9c:7b:b1:a2:fe:15:9c:62:21:69:10:b9:93:c9:
b4:f8:5e:39:ce:d0:da:45:c3:ed:68:c1:77:9d:b5:
28:02:be:27:92:ee:cc:45:26:c2:8a:f6:af:54:de:
d7:c8:37:24:42:25:64:7d:ac:0b:2a:5e:d8:99:e0:
a0:74:43:f4:95:72:3b:7e:aa:3c:32:47:1e:8e:bd:
29:18:c5:53:7e:85:64:e6:81:2d:1e:a9:69:2a:10:
b0:8a:7e:65:fc:2d:fe:a9:b0:be:66:bd:07:b7:48:
67:6f:44:d2:20:49:8f:4e:e1:06:a9:ef:c6:41:ee:
78:5b:b6:8a:5e:96:86:9d:36:8c:88:76:be:23:de:
47:c3:18:23:54:69:b1:2e:bc:9c:02:3f:d2:8e:09:
01:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:21:09:39:0C:C4:09:4A:1F:CF:36:A8:EC:50:D9:9B:AA:84:5F:37
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3137382e3231322e33352e302f32342d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.212.35.0/24
Signature Algorithm: sha256WithRSAEncryption
15:a2:6b:95:86:da:2a:07:26:38:91:c8:ed:32:02:c8:ce:1e:
ce:a8:3c:02:69:44:ac:3e:04:25:5d:b0:e2:e1:46:8c:f7:06:
19:db:a7:e6:31:86:f2:49:de:f6:d4:89:7a:0b:dd:03:e3:c7:
b0:f6:95:28:e5:64:29:7a:29:55:ec:d6:73:d3:6a:c8:48:19:
45:15:63:69:f8:95:f5:6b:3e:6d:8e:56:0f:38:6a:0f:f8:b4:
e5:4a:6a:66:7e:dd:12:03:41:4a:ac:a1:91:84:4e:d1:8c:ab:
9d:03:d8:f4:c0:84:6e:ba:9d:a5:8c:ee:46:04:29:40:9f:b9:
32:85:6c:44:cc:7e:17:25:0d:d3:9a:64:f4:4d:c7:ea:f6:8d:
a5:22:7e:a0:7e:54:31:ad:19:f2:fd:19:0b:84:ee:75:04:e6:
13:56:4c:36:de:94:c1:58:79:81:74:44:39:f0:f6:83:fc:dc:
b2:e9:47:f8:94:6a:53:62:df:36:4d:79:00:ec:87:23:dd:b4:
35:d6:51:bb:03:ed:d4:79:a8:15:80:a2:d4:d6:79:f8:c3:84:
bb:70:fd:e7:66:df:dc:ed:61:b5:88:20:91:e1:c1:b8:34:13:
7d:82:3b:f5:1d:36:bc:0b:45:9e:9c:fd:14:07:f0:66:0c:fe:
1d:b9:78:67
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcZMchJBeRAiRi3vevMmlIldkwB0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDA2MTAxMDU3NDRaFw0yNTA2MDkxMTAyNDRaMDMxMTAvBgNV
BAMTKERBMjEwOTM5MENDNDA5NEExRkNGMzZBOEVDNTBEOTlCQUE4NDVGMzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC21owJX3/YnMjFkNrfBMo500Io
SkRVTmTMob7xeakK4bA5SpVicShttMSoeIqoeQWeZMKqjBioeHRmgw+6bCmy3tpj
uZM4ic9N6DSbWxwSwtzNM/CS6BdPDhlEGd0AOR/XhkXPTdO9YN6ce7Gi/hWcYiFp
ELmTybT4XjnO0NpFw+1owXedtSgCvieS7sxFJsKK9q9U3tfINyRCJWR9rAsqXtiZ
4KB0Q/SVcjt+qjwyRx6OvSkYxVN+hWTmgS0eqWkqELCKfmX8Lf6psL5mvQe3SGdv
RNIgSY9O4Qap78ZB7nhbtopeloadNoyIdr4j3kfDGCNUabEuvJwCP9KOCQEpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU2iEJOQzECUofzzao7FDZm6qEXzcwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzNzM4MmUzMjMxMzIyZTMz
MzUyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACy1CMwDQYJKoZIhvcNAQELBQADggEBABWia5WG2ioHJjiRyO0yAsjOHs6oPAJp
RKw+BCVdsOLhRoz3Bhnbp+YxhvJJ3vbUiXoL3QPjx7D2lSjlZCl6KVXs1nPTashI
GUUVY2n4lfVrPm2OVg84ag/4tOVKamZ+3RIDQUqsoZGETtGMq50D2PTAhG66naWM
7kYEKUCfuTKFbETMfhclDdOaZPRNx+r2jaUifqB+VDGtGfL9GQuE7nUE5hNWTDbe
lMFYeYF0RDnw9oP83LLpR/iUalNi3zZNeQDshyPdtDXWUbsD7dR5qBWAotTWefjD
hLtw/edm39ztYbWIIJHhwbg0E32CO/UdNrwLRZ6c/RQH8GYM/h25eGc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:05 2024 by rpki-client on console-fra.rpki-client.org