Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3130392e3130372e33322e302f31392d3139203d3e203531303539.roa
File: 3130392e3130372e33322e302f31392d3139203d3e203531303539.roa (raw, json)
Hash identifier: 2E4nBS5s2NGTijFuTBl7PtdK4ANb5WSsjCnYlIZeVaM=
Subject key identifier: 86:4D:7B:D9:43:F7:43:BB:4F:99:BC:F7:E7:2C:3D:9D:C4:03:8A:3E
Certificate issuer: /CN=4502e63ce01cad239ac397bc2bb5e6c347dceeea
Certificate serial: 511579CD6D9AC390575C62023EA2251EE9D990B7
Authority key identifier: 45:02:E6:3C:E0:1C:AD:23:9A:C3:97:BC:2B:B5:E6:C3:47:DC:EE:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3130392e3130372e33322e302f31392d3139203d3e203531303539.roa
Signing time: Tue 07 Nov 2023 09:46:47 +0000
ROA not before: Tue 07 Nov 2023 09:41:47 +0000
ROA not after: Tue 05 Nov 2024 09:46:47 +0000
asID: 51059
IP address blocks: 109.107.32.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:15:79:cd:6d:9a:c3:90:57:5c:62:02:3e:a2:25:1e:e9:d9:90:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4502e63ce01cad239ac397bc2bb5e6c347dceeea
Validity
Not Before: Nov 7 09:41:47 2023 GMT
Not After : Nov 5 09:46:47 2024 GMT
Subject: CN=864D7BD943F743BB4F99BCF7E72C3D9DC4038A3E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0d:db:2e:05:7c:83:37:d5:45:1b:0e:c5:2a:
b8:42:47:26:02:32:a2:82:99:ed:91:dc:2b:e7:e3:
10:8a:86:21:6d:4a:ac:00:54:21:f4:fb:fd:7b:f0:
3e:8a:78:a2:78:09:60:9b:dc:60:40:c3:f6:93:c4:
d5:c4:6e:60:82:e2:c7:4c:9e:7f:64:77:71:fb:52:
db:ad:8b:f8:3f:2d:53:3b:7c:31:79:a7:f8:43:6c:
60:10:00:99:36:e2:a4:45:ec:bd:f0:74:10:64:30:
3e:d8:e4:3f:55:53:1a:96:a7:87:07:21:e9:1e:45:
dd:b6:de:25:43:e9:26:33:94:2c:eb:27:cc:59:c1:
99:db:43:c0:60:31:69:03:76:88:ec:54:5e:f6:04:
40:8f:d5:49:03:dc:47:44:d1:fb:e7:de:57:6d:c5:
85:75:cd:a8:3d:f8:e0:8d:13:50:26:0e:cb:4f:63:
79:df:14:dd:dc:e5:55:9a:d9:53:ce:78:59:38:54:
1e:c4:33:78:c1:d2:a6:59:6d:b6:38:c6:5e:99:02:
56:c4:f4:7b:e8:59:ec:c1:4c:98:6c:28:ef:f9:d2:
99:42:eb:a7:cb:22:24:3a:41:a6:4f:a1:1f:08:91:
39:1f:d8:13:fd:be:d8:f9:81:93:44:af:6f:8e:d4:
8b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:4D:7B:D9:43:F7:43:BB:4F:99:BC:F7:E7:2C:3D:9D:C4:03:8A:3E
X509v3 Authority Key Identifier:
keyid:45:02:E6:3C:E0:1C:AD:23:9A:C3:97:BC:2B:B5:E6:C3:47:DC:EE:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3130392e3130372e33322e302f31392d3139203d3e203531303539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.32.0/19
Signature Algorithm: sha256WithRSAEncryption
61:48:22:95:31:f3:18:c7:c8:d5:eb:43:63:32:0e:4c:12:fe:
a8:2e:64:cb:8b:b0:2e:83:be:ea:c1:53:fa:2d:7d:f6:b6:a1:
a2:dd:c6:5d:98:fd:8c:44:93:dc:f3:34:74:d3:69:62:4d:37:
a0:da:21:8f:98:a4:7a:21:8d:1e:be:4c:53:58:d3:c3:f8:69:
0d:74:8a:d7:4b:da:bf:75:06:e4:d0:04:c5:d0:6b:53:ce:30:
91:f5:b5:5c:67:7c:87:53:ee:08:0e:cc:5c:a9:0c:79:13:94:
1e:18:cd:44:03:22:6c:9c:1d:db:83:42:d5:83:30:5c:33:82:
d4:e1:cc:8e:c3:05:ba:65:69:74:3b:25:b2:aa:b4:d3:ca:6f:
ed:c1:ae:93:33:60:de:7e:32:5d:5c:9d:d0:f2:55:08:48:60:
58:3a:d6:6b:11:36:1f:00:b1:6f:2c:e3:3d:54:b7:51:9d:d8:
f6:33:78:ae:0d:f9:ea:b1:86:28:57:a4:83:4a:20:a1:3c:4d:
03:9b:a2:e3:20:5c:ff:dc:e0:67:3f:bd:b1:5f:e3:b6:fc:8f:
bc:20:b2:b2:29:39:56:7f:ba:1d:3a:34:8c:bb:03:bc:e5:cc:
ab:8d:51:08:a9:ae:73:6b:f0:df:af:0b:7a:e6:a1:18:b6:37:
58:7a:b3:7d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUURV5zW2aw5BXXGICPqIlHunZkLcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUwMmU2M2NlMDFjYWQyMzlhYzM5N2JjMmJiNWU2YzM0
N2RjZWVlYTAeFw0yMzExMDcwOTQxNDdaFw0yNDExMDUwOTQ2NDdaMDMxMTAvBgNV
BAMTKDg2NEQ3QkQ5NDNGNzQzQkI0Rjk5QkNGN0U3MkMzRDlEQzQwMzhBM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdDdsuBXyDN9VFGw7FKrhCRyYC
MqKCme2R3Cvn4xCKhiFtSqwAVCH0+/178D6KeKJ4CWCb3GBAw/aTxNXEbmCC4sdM
nn9kd3H7Ututi/g/LVM7fDF5p/hDbGAQAJk24qRF7L3wdBBkMD7Y5D9VUxqWp4cH
IekeRd223iVD6SYzlCzrJ8xZwZnbQ8BgMWkDdojsVF72BECP1UkD3EdE0fvn3ldt
xYV1zag9+OCNE1AmDstPY3nfFN3c5VWa2VPOeFk4VB7EM3jB0qZZbbY4xl6ZAlbE
9HvoWezBTJhsKO/50plC66fLIiQ6QaZPoR8IkTkf2BP9vtj5gZNEr2+O1IutAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUhk172UP3Q7tPmbz35yw9ncQDij4wHwYDVR0j
BBgwFoAURQLmPOAcrSOaw5e8K7Xmw0fc7uowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWRmMzNhNTctN2U0Zi00ODQ0LTg0ZTItYjcxNTNiNTUx
MWI0LzAvNDUwMkU2M0NFMDFDQUQyMzlBQzM5N0JDMkJCNUU2QzM0N0RDRUVFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JRTG1QT0FjclNPYXc1ZThLN1htdzBm
Yzd1by5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOWRmMzNhNTct
N2U0Zi00ODQ0LTg0ZTItYjcxNTNiNTUxMWI0LzAvMzEzMDM5MmUzMTMwMzcyZTMz
MzIyZTMwMmYzMTM5MmQzMTM5MjAzZDNlMjAzNTMxMzAzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF
bWsgMA0GCSqGSIb3DQEBCwUAA4IBAQBhSCKVMfMYx8jV60NjMg5MEv6oLmTLi7Au
g77qwVP6LX32tqGi3cZdmP2MRJPc8zR002liTTeg2iGPmKR6IY0evkxTWNPD+GkN
dIrXS9q/dQbk0ATF0GtTzjCR9bVcZ3yHU+4IDsxcqQx5E5QeGM1EAyJsnB3bg0LV
gzBcM4LU4cyOwwW6ZWl0OyWyqrTTym/twa6TM2DefjJdXJ3Q8lUISGBYOtZrETYf
ALFvLOM9VLdRndj2M3iuDfnqsYYoV6SDSiChPE0Dm6LjIFz/3OBnP72xX+O2/I+8
ILKyKTlWf7odOjSMuwO85cyrjVEIqa5za/Dfrwt65qEYtjdYerN9
-----END CERTIFICATE-----
Generated at Fri May 31 23:16:06 2024 by rpki-client on console-ams.rpki-client.org