Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137322e302f32342d3234203d3e203233343730.roa
File: 3130392e3131302e3137322e302f32342d3234203d3e203233343730.roa (raw, json)
Hash identifier: YDyyTJlilKG0SHwTAl93fynIMosY5k9xg9SAzVVodWE=
Subject key identifier: 2E:EA:23:F6:53:E6:FB:30:F1:52:39:AB:FD:9D:4E:56:2B:29:9F:5B
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 3DA4D6C9088F91C1635E676617F2EB7560FDC77E
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137322e302f32342d3234203d3e203233343730.roa
Signing time: Mon 29 Jan 2024 05:52:17 +0000
ROA not before: Mon 29 Jan 2024 05:47:17 +0000
ROA not after: Mon 27 Jan 2025 05:52:17 +0000
asID: 23470
IP address blocks: 109.110.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:a4:d6:c9:08:8f:91:c1:63:5e:67:66:17:f2:eb:75:60:fd:c7:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Jan 29 05:47:17 2024 GMT
Not After : Jan 27 05:52:17 2025 GMT
Subject: CN=2EEA23F653E6FB30F15239ABFD9D4E562B299F5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2b:16:4e:55:e5:7d:29:15:62:44:52:c2:81:
6f:a8:82:1e:95:e9:e3:05:09:e3:46:7d:bb:98:1d:
d1:8a:47:67:2a:02:ea:20:04:6f:ed:d0:b3:99:65:
88:02:e1:c0:00:d3:e0:34:f9:e5:a5:a6:1b:96:b2:
99:c9:ce:4e:74:68:95:ca:49:73:cb:90:11:a7:91:
c3:9d:5a:55:7b:0a:7e:be:69:70:c5:bb:81:de:92:
62:dd:66:b9:7b:22:82:4f:94:81:52:22:23:bb:f3:
9b:43:db:ba:8f:ee:58:a6:6f:f5:a6:1d:d0:88:2a:
6a:3c:91:4e:93:c2:e9:01:42:41:0b:7d:ac:0c:72:
2d:2b:9e:f9:c1:37:3f:f6:eb:c2:bf:18:cf:6d:13:
32:1d:d6:0f:97:df:be:93:bd:84:85:e6:45:19:b9:
03:7b:f1:61:71:23:8c:b3:76:7c:c2:3a:97:b7:da:
bd:28:c8:10:b0:e4:bc:bf:ce:4c:e1:81:3a:ce:4b:
a7:c4:5e:0a:cf:ac:64:bd:ae:65:e7:84:a3:ac:47:
98:7a:4d:a3:0a:f6:a2:63:a3:6e:4b:d1:f6:da:87:
c3:bf:ba:c6:a7:0b:c1:3b:3a:d5:34:68:04:c4:a1:
2a:ca:bb:22:c2:d8:09:51:10:2c:64:4a:19:dc:43:
46:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:EA:23:F6:53:E6:FB:30:F1:52:39:AB:FD:9D:4E:56:2B:29:9F:5B
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137322e302f32342d3234203d3e203233343730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.172.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:87:a9:d1:a4:9f:a9:04:82:c2:71:c0:4f:1c:51:b2:52:4d:
bc:d1:a8:6e:45:7f:66:aa:70:16:de:40:54:52:52:48:0c:89:
35:f3:45:b6:91:9a:7a:76:5e:7c:16:b7:f6:70:89:8d:a1:f1:
48:e1:31:df:d1:eb:90:e6:f6:83:44:56:3d:b3:8d:4e:2a:52:
25:bc:9d:67:ed:ab:2a:1d:a7:7c:74:f7:fb:db:54:50:20:04:
c4:b6:8d:f9:f5:b2:7d:b6:f9:1f:97:a2:0f:3f:75:d7:3f:42:
04:b2:b3:44:c5:67:25:08:d3:47:8a:13:79:5b:1a:68:48:d3:
3a:bd:8e:3f:02:6f:ca:39:38:35:07:d6:2d:52:b7:e8:24:47:
7e:9e:da:0a:0c:da:e4:54:cc:f6:da:67:aa:59:6d:22:ee:56:
53:c0:38:2b:75:c0:d1:8b:41:bc:b1:bd:28:fd:ca:b3:70:14:
da:6c:6b:c8:96:17:43:1c:a4:0f:b4:fa:bc:e8:ce:4d:60:ff:
67:54:05:63:9f:0a:c0:ee:e6:93:4b:e7:d0:27:1e:7a:42:5d:
76:fc:9d:52:1f:1d:e2:a4:b9:b2:94:b3:f3:ff:f9:6f:d2:e5:
ff:fe:c4:8b:f8:d0:a3:c2:07:6a:5c:77:00:e1:90:ba:d8:6a:
c5:47:93:8b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPaTWyQiPkcFjXmdmF/LrdWD9x34wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDAxMjkwNTQ3MTdaFw0yNTAxMjcwNTUyMTdaMDMxMTAvBgNV
BAMTKDJFRUEyM0Y2NTNFNkZCMzBGMTUyMzlBQkZEOUQ0RTU2MkIyOTlGNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7KxZOVeV9KRViRFLCgW+ogh6V
6eMFCeNGfbuYHdGKR2cqAuogBG/t0LOZZYgC4cAA0+A0+eWlphuWspnJzk50aJXK
SXPLkBGnkcOdWlV7Cn6+aXDFu4HekmLdZrl7IoJPlIFSIiO785tD27qP7limb/Wm
HdCIKmo8kU6TwukBQkELfawMci0rnvnBNz/268K/GM9tEzId1g+X376TvYSF5kUZ
uQN78WFxI4yzdnzCOpe32r0oyBCw5Ly/zkzhgTrOS6fEXgrPrGS9rmXnhKOsR5h6
TaMK9qJjo25L0fbah8O/usanC8E7OtU0aATEoSrKuyLC2AlRECxkShncQ0ZzAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQULuoj9lPm+zDxUjmr/Z1OVispn1swHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzczMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzMzNDM3MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtbqwwDQYJKoZIhvcNAQELBQADggEBAD+HqdGkn6kEgsJxwE8cUbJSTbzRqG5F
f2aqcBbeQFRSUkgMiTXzRbaRmnp2XnwWt/ZwiY2h8UjhMd/R65Dm9oNEVj2zjU4q
UiW8nWftqyodp3x09/vbVFAgBMS2jfn1sn22+R+Xog8/ddc/QgSys0TFZyUI00eK
E3lbGmhI0zq9jj8Cb8o5ODUH1i1St+gkR36e2goM2uRUzPbaZ6pZbSLuVlPAOCt1
wNGLQbyxvSj9yrNwFNpsa8iWF0McpA+0+rzozk1g/2dUBWOfCsDu5pNL59AnHnpC
XXb8nVIfHeKkubKUs/P/+W/S5f/+xIv40KPCB2pcdwDhkLrYasVHk4s=
-----END CERTIFICATE-----
Generated at Wed May 1 21:27:18 2024 by rpki-client on console-fra.rpki-client.org