Route Origin Authorization
$ rpki-client -vvf rsync.rp.ki/repo/clonoth/1/3139332e33322e3130302e302f32342d3234203d3e203537313936.roa
File: 3139332e33322e3130302e302f32342d3234203d3e203537313936.roa (raw, json)
Hash identifier: Q3QiqxUuMSp7WUu02mA+KyUsM0fons3AJE9l+1oNWeY=
Subject key identifier: 73:98:70:B4:C8:93:A3:CC:39:9F:07:21:8E:BA:DB:08:5A:8E:CE:B3
Certificate issuer: /CN=c23a7169f6499dd2815c9178a890bc4c0514ddf9
Certificate serial: 5942D55BA70B80050517F31446D06F88ACD1E1C2
Authority key identifier: C2:3A:71:69:F6:49:9D:D2:81:5C:91:78:A8:90:BC:4C:05:14:DD:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjpxafZJndKBXJF4qJC8TAUU3fk.cer
Subject info access: rsync://rsync.rp.ki/repo/clonoth/1/3139332e33322e3130302e302f32342d3234203d3e203537313936.roa
Signing time: Mon 06 May 2024 09:08:24 +0000
ROA not before: Mon 06 May 2024 09:03:24 +0000
ROA not after: Mon 05 May 2025 09:08:24 +0000
asID: 57196
IP address blocks: 193.32.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.rp.ki/repo/clonoth/1/C23A7169F6499DD2815C9178A890BC4C0514DDF9.crl
rsync://rsync.rp.ki/repo/clonoth/1/C23A7169F6499DD2815C9178A890BC4C0514DDF9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjpxafZJndKBXJF4qJC8TAUU3fk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:42:d5:5b:a7:0b:80:05:05:17:f3:14:46:d0:6f:88:ac:d1:e1:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c23a7169f6499dd2815c9178a890bc4c0514ddf9
Validity
Not Before: May 6 09:03:24 2024 GMT
Not After : May 5 09:08:24 2025 GMT
Subject: CN=739870B4C893A3CC399F07218EBADB085A8ECEB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b6:e0:ed:8d:ac:9c:1f:34:61:27:15:15:72:
ff:e3:43:31:fa:29:64:f5:4b:a6:68:1a:d9:b8:4e:
72:bb:58:04:65:67:ae:a3:21:ed:8a:dc:e3:a2:74:
fb:26:43:4a:af:5b:ee:d0:f1:df:9d:4a:99:76:fe:
41:6f:c7:da:ed:75:05:ed:26:13:52:d8:09:60:e0:
e7:8a:a9:25:8f:73:d8:41:f5:51:20:f7:22:32:f1:
e6:b6:b7:b0:c8:38:b8:13:91:6c:07:3f:3d:4a:40:
33:5e:69:10:99:17:59:76:dd:b6:91:ac:49:63:d2:
9f:0b:66:e1:3b:e9:c9:70:f8:c3:e0:bc:fa:2c:ea:
a0:56:59:00:08:33:e2:e1:54:50:05:a5:1d:70:cb:
6f:af:ab:c8:67:16:c2:86:68:7f:6e:c9:f0:58:d2:
14:1e:ee:c3:57:be:be:2e:72:f4:c8:b2:cc:5f:01:
ed:db:74:5f:19:a9:b3:a3:45:23:5c:e8:38:a3:1a:
55:d5:14:80:8c:61:d9:36:f8:e3:15:7f:54:53:3e:
d0:c6:74:89:44:dc:f4:6a:4b:7e:b7:e4:d4:5b:b3:
77:a0:95:8f:62:ae:c8:2f:3d:a0:58:be:8d:c9:46:
3d:a6:46:d6:e3:dd:35:1c:cf:12:e7:1a:db:7b:4f:
fa:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:98:70:B4:C8:93:A3:CC:39:9F:07:21:8E:BA:DB:08:5A:8E:CE:B3
X509v3 Authority Key Identifier:
keyid:C2:3A:71:69:F6:49:9D:D2:81:5C:91:78:A8:90:BC:4C:05:14:DD:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.rp.ki/repo/clonoth/1/C23A7169F6499DD2815C9178A890BC4C0514DDF9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjpxafZJndKBXJF4qJC8TAUU3fk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.rp.ki/repo/clonoth/1/3139332e33322e3130302e302f32342d3234203d3e203537313936.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.100.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:34:25:c3:8f:50:97:bf:26:8a:bb:3c:2b:76:7d:46:65:4a:
a0:36:14:5c:d1:37:69:e2:a6:20:60:f8:e2:c9:6a:85:21:d0:
e2:8e:6d:57:d2:be:0a:4f:9c:0b:0c:40:67:98:8f:bf:f4:8a:
1d:fe:9e:f4:77:ef:3b:11:f3:4b:c9:b9:4b:30:65:73:0b:f8:
cf:3b:26:ec:78:b9:bf:47:03:3e:21:28:15:29:02:7e:91:1a:
7d:db:04:3c:c2:15:33:8c:2f:1a:3f:dd:0f:04:1c:c7:29:a0:
98:11:d0:a9:df:18:e1:7e:0b:7d:92:39:25:c3:56:ec:92:07:
11:c0:0b:9d:51:3d:1a:69:be:77:e1:8b:bc:78:0a:77:8a:fb:
04:92:44:a2:c9:be:8a:2a:e3:ed:b2:4f:3c:81:fb:b5:1a:57:
b9:73:8c:2c:d8:df:0b:e4:b2:ec:31:44:a1:e7:94:75:1c:94:
47:0c:12:21:78:2b:21:a2:46:a1:cb:a1:f1:29:a8:1e:8c:9e:
5b:12:a6:de:35:49:11:ec:b7:2a:7e:45:28:15:12:7c:75:e1:
84:45:46:ed:ae:59:66:05:bf:91:58:57:be:88:f4:63:fc:c3:
64:fd:68:2e:26:10:46:7e:ad:f5:35:dd:b2:36:90:f3:23:63:
e1:cf:e1:91
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIUWULVW6cLgAUFF/MURtBviKzR4cIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzYTcxNjlmNjQ5OWRkMjgxNWM5MTc4YTg5MGJjNGMw
NTE0ZGRmOTAeFw0yNDA1MDYwOTAzMjRaFw0yNTA1MDUwOTA4MjRaMDMxMTAvBgNV
BAMTKDczOTg3MEI0Qzg5M0EzQ0MzOTlGMDcyMThFQkFEQjA4NUE4RUNFQjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKtuDtjaycHzRhJxUVcv/jQzH6
KWT1S6ZoGtm4TnK7WARlZ66jIe2K3OOidPsmQ0qvW+7Q8d+dSpl2/kFvx9rtdQXt
JhNS2Alg4OeKqSWPc9hB9VEg9yIy8ea2t7DIOLgTkWwHPz1KQDNeaRCZF1l23baR
rElj0p8LZuE76clw+MPgvPos6qBWWQAIM+LhVFAFpR1wy2+vq8hnFsKGaH9uyfBY
0hQe7sNXvr4ucvTIssxfAe3bdF8ZqbOjRSNc6DijGlXVFICMYdk2+OMVf1RTPtDG
dIlE3PRqS3635NRbs3eglY9irsgvPaBYvo3JRj2mRtbj3TUczxLnGtt7T/oxAgMB
AAGjggHSMIIBzjAdBgNVHQ4EFgQUc5hwtMiTo8w5nwchjrrbCFqOzrMwHwYDVR0j
BBgwFoAUwjpxafZJndKBXJF4qJC8TAUU3fkwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud
HwRZMFcwVaBToFGGT3JzeW5jOi8vcnN5bmMucnAua2kvcmVwby9jbG9ub3RoLzEv
QzIzQTcxNjlGNjQ5OUREMjgxNUM5MTc4QTg5MEJDNEMwNTE0RERGOS5jcmwwZAYI
KwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9ERUZBVUxUL3dqcHhhZlpKbmRLQlhKRjRxSkM4VEFVVTNmay5j
ZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3JzeW5jLnJw
LmtpL3JlcG8vY2xvbm90aC8xLzMxMzkzMzJlMzMzMjJlMzEzMDMwMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzUzNzMxMzkzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEgZDANBgkqhkiG
9w0BAQsFAAOCAQEAtTQlw49Ql78mirs8K3Z9RmVKoDYUXNE3aeKmIGD44slqhSHQ
4o5tV9K+Ck+cCwxAZ5iPv/SKHf6e9HfvOxHzS8m5SzBlcwv4zzsm7Hi5v0cDPiEo
FSkCfpEafdsEPMIVM4wvGj/dDwQcxymgmBHQqd8Y4X4LfZI5JcNW7JIHEcALnVE9
Gmm+d+GLvHgKd4r7BJJEosm+iirj7bJPPIH7tRpXuXOMLNjfC+Sy7DFEoeeUdRyU
RwwSIXgrIaJGocuh8SmoHoyeWxKm3jVJEey3Kn5FKBUSfHXhhEVG7a5ZZgW/kVhX
voj0Y/zDZP1oLiYQRn6t9TXdsjaQ8yNj4c/hkQ==
-----END CERTIFICATE-----
Generated at Fri Jun 7 10:21:42 2024 by rpki-client on console-fra.rpki-client.org