Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3136302e302f32312d3231203d3e203432363839.roa
File: 3130392e3137352e3136302e302f32312d3231203d3e203432363839.roa (raw, json)
Hash identifier: CMga5jmFOXidDptuA/pEmdI/u5hgYjUZCHmUqYMJ58g=
Subject key identifier: D0:3B:91:3C:56:12:77:EA:37:E0:E1:6A:EB:F7:85:1B:D2:C1:43:2C
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 5E5D95440FD9C61F91109972C4E26BC5A45C36EE
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3136302e302f32312d3231203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:08:25 +0000
ROA not before: Thu 07 Nov 2024 11:03:25 +0000
ROA not after: Thu 06 Nov 2025 11:08:25 +0000
asID: 42689
IP address blocks: 109.175.160.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:5d:95:44:0f:d9:c6:1f:91:10:99:72:c4:e2:6b:c5:a4:5c:36:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:03:25 2024 GMT
Not After : Nov 6 11:08:25 2025 GMT
Subject: CN=D03B913C561277EA37E0E16AEBF7851BD2C1432C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:42:40:bf:8c:95:34:ae:50:30:e8:d4:6b:b4:
f0:f0:28:ab:4b:16:f3:25:b9:9c:ff:5c:b1:d9:00:
f2:67:cb:8c:f1:9b:6f:b3:5e:ee:21:ce:28:a8:de:
f8:1c:e0:c8:9f:13:5d:ca:94:ca:cd:a5:85:fb:4b:
51:d1:63:e7:a1:16:f7:54:5a:db:3e:2b:66:e5:f7:
df:b3:c7:de:dd:29:b6:ba:29:72:82:0e:b5:01:d5:
4b:b4:e9:9e:52:17:6c:e0:31:3e:75:63:c7:53:98:
3b:52:b2:8a:6f:6e:a2:d4:db:94:51:03:47:c6:19:
10:9b:e2:06:06:f7:4d:ed:43:56:da:c4:45:84:ed:
03:d5:b6:1e:6e:fd:26:c7:0c:36:6f:e7:ff:e0:d7:
07:a2:62:9d:f8:31:22:34:c6:3b:9e:7c:cb:48:de:
d4:16:a0:38:dd:f8:e2:22:7a:5c:b9:b4:82:2e:52:
7c:f5:88:10:ae:9c:88:86:e3:50:03:d1:f0:9f:54:
e5:3d:1f:4a:cc:b7:28:ef:56:92:27:da:48:07:3d:
5e:e1:bb:12:b8:55:72:b8:e0:95:71:ba:c9:ae:a2:
eb:32:44:80:16:cb:08:0e:29:56:df:b5:58:50:5f:
2c:26:8b:03:4b:b3:d9:bc:ef:80:83:e3:fc:67:fd:
44:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:3B:91:3C:56:12:77:EA:37:E0:E1:6A:EB:F7:85:1B:D2:C1:43:2C
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3136302e302f32312d3231203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.160.0/21
Signature Algorithm: sha256WithRSAEncryption
99:a9:ee:92:7f:9c:04:58:04:fa:64:96:43:fb:e4:94:30:92:
9e:87:03:f4:c0:2f:72:c1:0e:1a:25:b8:fa:db:9f:58:f7:ea:
28:ed:c8:2d:b4:af:a0:fe:c2:d7:e9:34:a9:2a:c0:14:52:b9:
a9:fe:d9:fd:0f:39:ca:60:c8:10:9d:85:7f:73:bc:74:13:78:
f5:e0:d3:6c:8e:e0:f0:d4:e6:35:9c:9c:c5:eb:4b:00:6d:01:
4d:f4:46:df:86:d2:25:a1:e8:85:5c:c4:6a:d1:27:4c:a6:75:
d4:a1:3c:bd:e7:1e:88:4e:26:16:ec:db:e5:c0:a0:f0:e7:93:
ac:97:a3:91:df:90:84:32:4e:d4:40:3a:fe:d1:07:dc:27:37:
1c:38:b5:f4:c6:de:83:5b:fb:f3:3e:1c:3b:f7:e2:d9:f1:a9:
04:ba:bd:6d:a1:a2:29:81:95:9e:b6:58:73:27:1a:5c:46:b2:
bb:d1:1f:67:ec:6c:1e:38:3d:9c:40:f5:d4:bf:3b:c7:18:ab:
bf:07:ca:bd:2f:86:20:84:a2:60:b6:6e:a7:e1:3c:ac:a9:64:
f1:86:05:9d:66:a6:6c:8d:0a:92:40:e2:b1:36:64:35:eb:34:
3f:f9:e8:83:d4:aa:df:d7:7c:14:70:e0:64:f7:69:ac:c4:11:
68:ef:e6:ce
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXl2VRA/Zxh+REJlyxOJrxaRcNu4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTAzMjVaFw0yNTExMDYxMTA4MjVaMDMxMTAvBgNV
BAMTKEQwM0I5MTNDNTYxMjc3RUEzN0UwRTE2QUVCRjc4NTFCRDJDMTQzMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6QkC/jJU0rlAw6NRrtPDwKKtL
FvMluZz/XLHZAPJny4zxm2+zXu4hziio3vgc4MifE13KlMrNpYX7S1HRY+ehFvdU
Wts+K2bl99+zx97dKba6KXKCDrUB1Uu06Z5SF2zgMT51Y8dTmDtSsopvbqLU25RR
A0fGGRCb4gYG903tQ1baxEWE7QPVth5u/SbHDDZv5//g1weiYp34MSI0xjuefMtI
3tQWoDjd+OIiely5tIIuUnz1iBCunIiG41AD0fCfVOU9H0rMtyjvVpIn2kgHPV7h
uxK4VXK44JVxusmuousyRIAWywgOKVbftVhQXywmiwNLs9m874CD4/xn/UTJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU0DuRPFYSd+o34OFq6/eFG9LBQywwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMTM3MzUyZTMx
MzYzMDJlMzAyZjMyMzEyZDMyMzEyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BANtr6AwDQYJKoZIhvcNAQELBQADggEBAJmp7pJ/nARYBPpklkP75JQwkp6HA/TA
L3LBDholuPrbn1j36ijtyC20r6D+wtfpNKkqwBRSuan+2f0POcpgyBCdhX9zvHQT
ePXg02yO4PDU5jWcnMXrSwBtAU30Rt+G0iWh6IVcxGrRJ0ymddShPL3nHohOJhbs
2+XAoPDnk6yXo5HfkIQyTtRAOv7RB9wnNxw4tfTG3oNb+/M+HDv34tnxqQS6vW2h
oimBlZ62WHMnGlxGsrvRH2fsbB44PZxA9dS/O8cYq78Hyr0vhiCEomC2bqfhPKyp
ZPGGBZ1mpmyNCpJA4rE2ZDXrND/56IPUqt/XfBRw4GT3aazEEWjv5s4=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:50 2024 by rpki-client on console-fra.rpki-client.org