Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137332e302f32342d3234203d3e203233343730.roa
File: 3130392e3131302e3137332e302f32342d3234203d3e203233343730.roa (raw, json)
Hash identifier: 0PvorQUOg860glAVGYnHto5ofObYq2sCwbaj13RJuTI=
Subject key identifier: D1:8D:44:0B:2B:4A:E6:B6:F9:7C:B5:61:41:9D:71:F6:C1:02:40:D6
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 2AB769BCFA16A2B7BD4B18E539D201854BE89726
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137332e302f32342d3234203d3e203233343730.roa
Signing time: Thu 25 Jan 2024 05:06:44 +0000
ROA not before: Thu 25 Jan 2024 05:01:44 +0000
ROA not after: Thu 23 Jan 2025 05:06:44 +0000
asID: 23470
IP address blocks: 109.110.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:b7:69:bc:fa:16:a2:b7:bd:4b:18:e5:39:d2:01:85:4b:e8:97:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Jan 25 05:01:44 2024 GMT
Not After : Jan 23 05:06:44 2025 GMT
Subject: CN=D18D440B2B4AE6B6F97CB561419D71F6C10240D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a1:0a:09:3f:53:2d:02:3f:6f:03:9f:2e:00:
75:12:c7:8f:f6:49:af:87:99:4d:e1:26:cf:59:df:
c2:ad:12:7c:b8:64:d9:1c:7a:1b:56:3d:3a:9f:be:
c4:2c:a8:73:e7:3a:6d:61:c1:cc:f3:88:79:c4:ce:
9e:3e:88:b0:8b:25:ef:e2:ff:3f:e6:4c:1f:87:87:
3a:21:c9:2c:08:4b:e9:09:6c:9b:98:70:e9:ab:10:
7a:93:8c:b0:86:13:ab:c3:fc:76:42:ea:9c:4d:25:
53:75:8c:92:02:bb:2d:9b:66:90:7a:0e:b8:84:0b:
d6:66:c2:ae:fc:3b:bb:ef:9e:1b:19:e1:f8:2b:af:
12:8d:4f:c8:aa:f0:19:b6:d6:58:5c:83:66:49:5d:
ed:16:c4:3b:9f:ab:64:8f:a0:04:de:17:2f:de:a2:
0a:97:34:b7:ee:78:97:bd:f4:67:e0:e3:71:6f:d2:
02:f5:54:e1:77:f2:d8:b6:3f:12:aa:07:4f:ee:5e:
f6:ef:dc:42:b4:de:8b:cf:57:24:02:b9:a4:d0:3e:
57:d0:07:70:2e:f4:87:cf:c5:b0:d3:e8:26:11:d0:
09:21:c8:5f:5c:16:b1:e2:54:c9:51:44:1f:7b:17:
8a:33:71:30:58:a7:b5:44:46:8f:88:6d:76:3a:68:
a2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:8D:44:0B:2B:4A:E6:B6:F9:7C:B5:61:41:9D:71:F6:C1:02:40:D6
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137332e302f32342d3234203d3e203233343730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.173.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:b1:4e:6c:a5:7c:eb:ce:9d:1b:9b:1e:db:f5:eb:24:41:a3:
5e:c3:c9:26:67:6d:9d:5e:49:f1:42:d8:84:8f:ce:dc:3d:79:
a7:50:b9:c8:e6:44:78:10:e5:0a:53:df:f6:d4:6a:a9:75:21:
07:8f:db:f0:b8:c1:0e:eb:26:e5:8f:ef:a6:eb:85:fd:3b:2a:
2f:1f:5f:89:ee:10:d2:9d:09:97:a7:22:d9:91:c6:ba:a4:95:
49:36:ce:4e:8e:5f:2b:ff:7f:9b:04:84:fb:f2:5c:eb:dd:23:
c2:66:5f:32:6f:60:55:98:ec:9d:04:12:45:87:4d:00:b7:ba:
be:71:04:f5:d6:07:3d:ed:8b:e6:8f:8f:bb:3b:9f:70:92:0a:
04:89:ce:ee:91:e6:cd:f9:6e:86:93:69:f7:a8:df:a9:e0:d3:
2c:56:33:53:e1:ee:0b:d3:2b:55:f9:71:eb:11:34:8e:bb:f2:
62:70:1e:13:88:51:78:53:ba:c0:18:92:33:26:01:6b:9d:75:
08:08:e8:46:38:cd:b7:ca:6c:0a:a1:cc:aa:34:06:0d:b2:3c:
14:b5:9e:d7:d7:dd:14:8a:0a:b7:10:4e:3d:78:7d:93:74:78:
96:55:fa:dd:bc:04:6e:73:7d:f4:49:15:cc:0a:00:7c:85:a0:
63:63:f3:f9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKrdpvPoWore9SxjlOdIBhUvolyYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDAxMjUwNTAxNDRaFw0yNTAxMjMwNTA2NDRaMDMxMTAvBgNV
BAMTKEQxOEQ0NDBCMkI0QUU2QjZGOTdDQjU2MTQxOUQ3MUY2QzEwMjQwRDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+oQoJP1MtAj9vA58uAHUSx4/2
Sa+HmU3hJs9Z38KtEny4ZNkcehtWPTqfvsQsqHPnOm1hwczziHnEzp4+iLCLJe/i
/z/mTB+HhzohySwIS+kJbJuYcOmrEHqTjLCGE6vD/HZC6pxNJVN1jJICuy2bZpB6
DriEC9Zmwq78O7vvnhsZ4fgrrxKNT8iq8Bm21lhcg2ZJXe0WxDufq2SPoATeFy/e
ogqXNLfueJe99Gfg43Fv0gL1VOF38ti2PxKqB0/uXvbv3EK03ovPVyQCuaTQPlfQ
B3Au9IfPxbDT6CYR0AkhyF9cFrHiVMlRRB97F4ozcTBYp7VERo+IbXY6aKJ/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU0Y1ECytK5rb5fLVhQZ1x9sECQNYwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzczMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzMzNDM3MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtbq0wDQYJKoZIhvcNAQELBQADggEBAK2xTmylfOvOnRubHtv16yRBo17DySZn
bZ1eSfFC2ISPztw9eadQucjmRHgQ5QpT3/bUaql1IQeP2/C4wQ7rJuWP76brhf07
Ki8fX4nuENKdCZenItmRxrqklUk2zk6OXyv/f5sEhPvyXOvdI8JmXzJvYFWY7J0E
EkWHTQC3ur5xBPXWBz3ti+aPj7s7n3CSCgSJzu6R5s35boaTafeo36ng0yxWM1Ph
7gvTK1X5cesRNI678mJwHhOIUXhTusAYkjMmAWuddQgI6EY4zbfKbAqhzKo0Bg2y
PBS1ntfX3RSKCrcQTj14fZN0eJZV+t28BG5zffRJFcwKAHyFoGNj8/k=
-----END CERTIFICATE-----
Generated at Wed May 1 21:27:18 2024 by rpki-client on console-fra.rpki-client.org