Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39342e3130312e3131332e302f32342d3332203d3e203531313637.roa
File: 39342e3130312e3131332e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: RL4ecySh+PEqOuvw1jl9/zvJ600uRvaYOuJYchNPBwc=
Subject key identifier: 4D:30:08:F8:01:F8:C2:6A:CB:9F:18:3F:0D:F7:92:81:5C:A9:8A:A0
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 36C8FA63FCDFE7DD46DC5519B7BE4E4ED217005F
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39342e3130312e3131332e302f32342d3332203d3e203531313637.roa
Signing time: Fri 21 Jul 2023 07:19:26 +0000
ROA not before: Fri 21 Jul 2023 07:14:26 +0000
ROA not after: Fri 19 Jul 2024 07:19:26 +0000
asID: 51167
IP address blocks: 94.101.113.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:c8:fa:63:fc:df:e7:dd:46:dc:55:19:b7:be:4e:4e:d2:17:00:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Jul 21 07:14:26 2023 GMT
Not After : Jul 19 07:19:26 2024 GMT
Subject: CN=4D3008F801F8C26ACB9F183F0DF792815CA98AA0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a7:ee:2a:cf:b9:1a:01:55:bd:9b:5e:6f:8f:
ac:cc:0b:88:b6:27:aa:44:65:60:7e:d9:08:66:ad:
ea:46:de:93:ce:99:df:fc:9b:e8:8c:4c:e1:6d:54:
88:03:68:14:9b:98:fc:24:7e:90:f9:15:7f:e2:de:
43:cc:17:ad:9e:74:68:8e:ab:c9:6a:88:5c:02:be:
ae:46:67:3a:a5:6b:f6:a5:2d:aa:89:21:99:9a:9b:
73:d4:b3:d3:f6:d8:c3:97:a3:f5:71:44:00:5b:6c:
01:bc:c1:8f:3e:f8:47:b9:13:93:f7:bc:25:0b:ef:
8e:4c:f4:27:4a:ce:0d:e1:9f:6a:b6:80:96:6f:27:
b5:2a:bf:7d:f4:45:3b:51:de:22:7d:5f:18:5e:ad:
4a:80:86:91:a7:af:02:c7:34:3c:28:d4:c4:05:5c:
6d:4a:dd:d4:9f:5f:de:20:a6:af:a0:69:55:e9:37:
f6:20:1b:eb:1d:bd:e1:e3:77:1e:3d:50:dd:02:e6:
d0:5e:ce:be:79:e1:29:07:db:30:46:2c:04:16:6c:
e3:a1:db:ce:06:66:67:94:ac:25:a9:b3:a9:20:99:
96:88:ef:b3:81:17:e0:88:29:fc:89:a9:c0:5c:5f:
6b:1b:57:29:af:d3:8c:8d:07:1d:9e:a7:dd:41:d5:
24:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:30:08:F8:01:F8:C2:6A:CB:9F:18:3F:0D:F7:92:81:5C:A9:8A:A0
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39342e3130312e3131332e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.101.113.0/24
Signature Algorithm: sha256WithRSAEncryption
84:53:01:a3:9c:d4:66:d0:c7:b1:64:fc:50:34:8c:3f:b7:02:
36:7b:46:94:24:fc:8c:cc:d1:90:f4:b7:f4:05:d8:58:ad:64:
4e:84:c7:a5:a3:9d:34:a3:9c:5c:f6:c8:f2:ef:86:cb:3b:94:
e5:a4:bd:8d:45:ff:11:06:73:65:2a:fd:55:ae:20:2f:76:6a:
c8:90:8f:80:4c:74:b9:85:0e:5e:56:48:42:1b:6f:ed:d0:c5:
74:38:c2:e0:94:e8:19:7f:3b:4b:14:c5:c8:5d:f3:40:b1:b8:
23:94:a6:11:f5:63:ef:38:19:7f:2e:56:6b:48:ed:1c:fb:0b:
f1:39:41:32:2d:68:1a:50:64:a9:77:0c:44:c9:d1:f8:f6:cf:
5c:71:bd:73:bd:e0:2c:4e:41:23:87:51:da:96:3f:0a:81:75:
62:51:6a:76:8c:56:d0:5b:32:c3:1d:3e:cd:49:52:6d:aa:26:
73:9d:94:9c:31:77:64:be:d4:c2:14:be:73:b6:44:92:53:f6:
ac:84:c8:bb:b9:eb:d5:d4:94:2a:3d:b8:04:8a:17:6c:70:0b:
9f:82:1f:14:c0:7f:67:93:b6:d2:8e:39:c8:c3:28:3e:94:53:
dd:a1:c8:36:11:c4:50:c6:76:99:f8:4e:ed:36:12:4a:3f:30:
e9:59:29:2b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUNsj6Y/zf591G3FUZt75OTtIXAF8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzA3MjEwNzE0MjZaFw0yNDA3MTkwNzE5MjZaMDMxMTAvBgNV
BAMTKDREMzAwOEY4MDFGOEMyNkFDQjlGMTgzRjBERjc5MjgxNUNBOThBQTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTp+4qz7kaAVW9m15vj6zMC4i2
J6pEZWB+2QhmrepG3pPOmd/8m+iMTOFtVIgDaBSbmPwkfpD5FX/i3kPMF62edGiO
q8lqiFwCvq5GZzqla/alLaqJIZmam3PUs9P22MOXo/VxRABbbAG8wY8++Ee5E5P3
vCUL745M9CdKzg3hn2q2gJZvJ7Uqv330RTtR3iJ9XxherUqAhpGnrwLHNDwo1MQF
XG1K3dSfX94gpq+gaVXpN/YgG+sdveHjdx49UN0C5tBezr554SkH2zBGLAQWbOOh
284GZmeUrCWps6kgmZaI77OBF+CIKfyJqcBcX2sbVymv04yNBx2ep91B1SQVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUTTAI+AH4wmrLnxg/DfeSgVypiqAwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzkzNDJlMzEzMDMxMmUzMTMx
MzMyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
XmVxMA0GCSqGSIb3DQEBCwUAA4IBAQCEUwGjnNRm0MexZPxQNIw/twI2e0aUJPyM
zNGQ9Lf0BdhYrWROhMelo500o5xc9sjy74bLO5TlpL2NRf8RBnNlKv1VriAvdmrI
kI+ATHS5hQ5eVkhCG2/t0MV0OMLglOgZfztLFMXIXfNAsbgjlKYR9WPvOBl/LlZr
SO0c+wvxOUEyLWgaUGSpdwxEydH49s9ccb1zveAsTkEjh1Halj8KgXViUWp2jFbQ
WzLDHT7NSVJtqiZznZScMXdkvtTCFL5ztkSSU/ashMi7uevV1JQqPbgEihdscAuf
gh8UwH9nk7bSjjnIwyg+lFPdocg2EcRQxnaZ+E7tNhJKPzDpWSkr
-----END CERTIFICATE-----
Generated at Sat May 11 08:13:55 2024 by rpki-client on console-ams.rpki-client.org