Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3132382e302f31392d3139203d3e203432363839.roa
File: 3130392e3137352e3132382e302f31392d3139203d3e203432363839.roa (raw, json)
Hash identifier: GuMm+tYinpWx5uoOuUDVGZxwOJG3Qzm7vwmLTCwjwzc=
Subject key identifier: 4D:29:5A:23:CE:29:BD:9E:46:7F:79:2C:68:03:B1:5B:27:47:ED:C7
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 527316A544897F3351E26CCF0D418B10786AF9E7
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3132382e302f31392d3139203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:07:59 +0000
ROA not before: Thu 07 Nov 2024 11:02:59 +0000
ROA not after: Thu 06 Nov 2025 11:07:59 +0000
asID: 42689
IP address blocks: 109.175.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:73:16:a5:44:89:7f:33:51:e2:6c:cf:0d:41:8b:10:78:6a:f9:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:02:59 2024 GMT
Not After : Nov 6 11:07:59 2025 GMT
Subject: CN=4D295A23CE29BD9E467F792C6803B15B2747EDC7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8c:ff:7d:38:62:23:38:21:b0:1f:ba:98:07:
1f:45:8d:69:68:34:8a:a2:67:da:ce:15:8f:8a:4f:
fd:92:1f:df:fc:11:2e:9b:6f:82:60:af:30:05:f2:
37:7a:bd:a0:e3:be:75:c6:a5:27:64:36:67:54:42:
3a:47:09:33:ac:b6:24:6b:14:e1:56:a6:dd:ea:fa:
e2:70:89:6a:45:35:ac:68:83:7c:fe:d1:da:e3:99:
cd:00:7e:bc:7b:46:82:92:6a:2b:93:ac:88:f0:ab:
1a:ef:cf:91:00:e3:7c:be:b3:5a:76:e5:f7:d7:e7:
87:89:4c:e8:6a:b3:ad:32:24:9d:b7:c0:2d:95:02:
9e:d6:fb:dc:b2:ea:e9:2b:4c:92:87:95:4e:2b:c7:
d7:2e:e3:5a:53:c1:77:25:d9:77:25:74:8d:e4:51:
05:a1:1a:1f:31:10:f1:2d:80:8e:8e:6d:d0:0b:34:
80:d5:b7:b7:78:97:e9:8c:ce:78:5e:7e:16:87:2b:
0d:b8:14:7d:77:0c:a0:83:b0:96:f3:a1:0e:9e:a6:
46:99:18:5e:53:1a:b9:21:06:03:9f:47:e0:f4:22:
a2:24:12:a3:de:10:da:d3:0d:04:c6:6b:84:44:05:
a7:89:fc:03:4b:d5:02:0e:8d:13:04:60:65:8f:a8:
20:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:29:5A:23:CE:29:BD:9E:46:7F:79:2C:68:03:B1:5B:27:47:ED:C7
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3132382e302f31392d3139203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.128.0/19
Signature Algorithm: sha256WithRSAEncryption
7b:ff:e8:6d:6b:88:23:0a:dc:4a:d7:bc:b9:6e:4b:82:ca:6e:
e1:30:6d:c8:90:5d:ca:72:95:2e:85:49:8e:8b:a2:bc:c9:5f:
9f:86:80:ee:62:1b:86:fc:04:1b:34:1e:fb:d2:97:d0:c1:c0:
4e:ca:4a:35:18:56:05:83:23:d9:b2:cf:f4:ff:11:11:0a:b9:
da:12:31:57:37:e6:63:89:f9:67:b9:76:2c:a3:a9:ed:21:b3:
c0:dd:07:66:1f:01:db:31:de:26:9e:96:3c:d2:47:e4:95:e5:
be:41:63:a3:e4:ca:04:5b:66:c8:cb:6f:b0:56:8c:9b:55:ba:
a8:32:83:20:62:2f:c1:9e:2b:4d:42:7d:40:9b:98:dd:a9:4c:
b3:61:cb:e0:78:07:cd:bc:5d:cb:81:a5:11:b3:f7:7b:47:85:
48:a3:ed:c6:5d:df:ef:4a:14:b8:28:d7:59:40:b3:f6:fa:38:
63:19:35:b5:a7:90:56:12:5b:b2:dd:d0:ee:c6:a9:9a:7e:7b:
64:05:6c:a0:cc:ce:b5:29:d2:16:4e:f2:90:ec:28:0b:68:55:
fc:79:f3:b3:5d:76:02:83:40:ee:62:d9:2b:1e:36:b6:81:e1:
02:a5:3a:c9:29:46:87:da:62:bc:a7:60:01:93:cb:a5:58:ce:
ea:cb:56:05
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUnMWpUSJfzNR4mzPDUGLEHhq+ecwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTAyNTlaFw0yNTExMDYxMTA3NTlaMDMxMTAvBgNV
BAMTKDREMjk1QTIzQ0UyOUJEOUU0NjdGNzkyQzY4MDNCMTVCMjc0N0VEQzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4jP99OGIjOCGwH7qYBx9FjWlo
NIqiZ9rOFY+KT/2SH9/8ES6bb4JgrzAF8jd6vaDjvnXGpSdkNmdUQjpHCTOstiRr
FOFWpt3q+uJwiWpFNaxog3z+0drjmc0Afrx7RoKSaiuTrIjwqxrvz5EA43y+s1p2
5ffX54eJTOhqs60yJJ23wC2VAp7W+9yy6ukrTJKHlU4rx9cu41pTwXcl2XcldI3k
UQWhGh8xEPEtgI6ObdALNIDVt7d4l+mMznhefhaHKw24FH13DKCDsJbzoQ6epkaZ
GF5TGrkhBgOfR+D0IqIkEqPeENrTDQTGa4REBaeJ/ANL1QIOjRMEYGWPqCCLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUTSlaI84pvZ5Gf3ksaAOxWydH7ccwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMTM3MzUyZTMx
MzIzODJlMzAyZjMxMzkyZDMxMzkyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAVtr4AwDQYJKoZIhvcNAQELBQADggEBAHv/6G1riCMK3ErXvLluS4LKbuEwbciQ
XcpylS6FSY6LorzJX5+GgO5iG4b8BBs0HvvSl9DBwE7KSjUYVgWDI9myz/T/EREK
udoSMVc35mOJ+We5diyjqe0hs8DdB2YfAdsx3iaeljzSR+SV5b5BY6PkygRbZsjL
b7BWjJtVuqgygyBiL8GeK01CfUCbmN2pTLNhy+B4B828XcuBpRGz93tHhUij7cZd
3+9KFLgo11lAs/b6OGMZNbWnkFYSW7Ld0O7GqZp+e2QFbKDMzrUp0hZO8pDsKAto
Vfx587NddgKDQO5i2SseNraB4QKlOskpRofaYrynYAGTy6VYzurLVgU=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:50 2024 by rpki-client on console-fra.rpki-client.org