Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3137322e302f32332d3233203d3e203432363839.roa
File: 3130392e3137352e3137322e302f32332d3233203d3e203432363839.roa (raw, json)
Hash identifier: gP1Uy7c1DllZEkwXdOXXb8l3HXU+5qs17cbL/e6bmVI=
Subject key identifier: D4:03:9C:4E:D0:D9:6C:CC:3F:14:60:C8:F2:56:1E:20:C4:64:72:0F
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 066AE18212734EF1C403880ADE2715D06C6EFA48
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3137322e302f32332d3233203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:10:08 +0000
ROA not before: Thu 07 Nov 2024 11:05:08 +0000
ROA not after: Thu 06 Nov 2025 11:10:08 +0000
asID: 42689
IP address blocks: 109.175.172.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:6a:e1:82:12:73:4e:f1:c4:03:88:0a:de:27:15:d0:6c:6e:fa:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:05:08 2024 GMT
Not After : Nov 6 11:10:08 2025 GMT
Subject: CN=D4039C4ED0D96CCC3F1460C8F2561E20C464720F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d3:2b:90:2e:d0:2f:a9:b9:0d:fe:44:78:75:
c8:82:01:20:e7:e8:67:d4:de:9a:1c:b5:9f:11:a7:
51:79:b1:46:9c:f2:b7:27:a9:31:3d:e5:d0:77:87:
7b:39:9a:30:4d:49:7d:aa:a6:bd:7d:aa:a2:4d:19:
b2:55:ff:fb:da:88:de:32:53:46:cc:b3:c2:5f:5c:
3b:fb:94:06:d7:15:5c:35:bd:34:d2:98:86:1d:00:
0c:92:26:66:b1:64:31:ce:55:af:f9:82:cd:81:7b:
ac:a2:d7:0a:5e:94:4d:f9:55:26:28:d5:10:14:96:
d0:42:c3:41:40:7f:d1:a5:d0:b0:1a:29:24:a8:b9:
62:bc:35:ca:47:a5:3d:43:84:c5:3d:21:e0:76:a1:
7c:e2:d9:9c:08:69:b7:c6:34:3b:db:e6:0e:e4:01:
ac:bb:36:7f:4d:92:ce:86:be:a8:ab:41:2e:84:2c:
c5:63:16:bb:50:08:eb:22:d6:d7:7f:35:b7:88:4b:
c6:de:99:2f:81:b9:12:0e:4e:6e:6c:55:d1:6d:9b:
db:35:fa:fc:80:3b:c9:54:cd:ff:4d:5b:0e:85:0f:
1f:55:bf:dc:46:40:6a:8e:eb:15:be:aa:a9:39:06:
1c:17:56:ce:b2:34:c1:18:58:e4:6a:32:92:64:64:
12:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:03:9C:4E:D0:D9:6C:CC:3F:14:60:C8:F2:56:1E:20:C4:64:72:0F
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3137322e302f32332d3233203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.172.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:db:e3:35:6c:a9:6d:9e:1f:ed:13:de:2b:09:8c:c9:ad:c8:
0c:21:ba:52:47:c7:7b:35:71:9e:8d:7d:8c:73:df:eb:39:ad:
13:5d:a8:ed:98:89:be:f3:f7:9f:f9:0f:d1:9f:00:94:c6:1f:
c7:4d:11:b1:08:1d:19:28:64:4e:6b:69:06:80:de:37:c9:82:
e9:f8:8f:41:d1:82:7c:b2:13:ab:ca:2a:36:75:1f:99:8f:28:
78:25:f2:4a:1c:70:b6:44:99:9a:0a:57:fc:a3:44:a2:e3:a2:
f3:ba:90:79:9c:c6:55:eb:0d:76:fa:48:bc:1b:0a:c2:1d:cb:
8b:2b:9b:de:bd:aa:b4:e9:6a:a4:7d:18:4b:54:23:51:40:7a:
63:24:c5:64:f3:79:ce:34:df:50:3e:2f:9e:85:7c:f5:ba:f1:
a4:28:47:bd:f4:e4:9b:cb:cc:40:32:bb:ae:cf:99:ca:e0:2e:
1c:0c:34:d8:20:e1:b9:0c:9b:01:8e:b6:3e:9a:51:f2:59:41:
09:56:3e:8c:a5:6e:a9:ec:33:96:f9:7f:95:bb:37:4a:97:0d:
50:11:0f:14:36:71:7b:ea:b2:77:0b:86:f4:5d:ae:e4:85:d6:
64:42:f8:bd:19:cf:1d:52:ba:83:ab:a8:71:cb:d2:70:38:4d:
fd:0a:53:66
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUBmrhghJzTvHEA4gK3icV0Gxu+kgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTA1MDhaFw0yNTExMDYxMTEwMDhaMDMxMTAvBgNV
BAMTKEQ0MDM5QzRFRDBEOTZDQ0MzRjE0NjBDOEYyNTYxRTIwQzQ2NDcyMEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI0yuQLtAvqbkN/kR4dciCASDn
6GfU3poctZ8Rp1F5sUac8rcnqTE95dB3h3s5mjBNSX2qpr19qqJNGbJV//vaiN4y
U0bMs8JfXDv7lAbXFVw1vTTSmIYdAAySJmaxZDHOVa/5gs2Be6yi1wpelE35VSYo
1RAUltBCw0FAf9Gl0LAaKSSouWK8NcpHpT1DhMU9IeB2oXzi2ZwIabfGNDvb5g7k
Aay7Nn9Nks6GvqirQS6ELMVjFrtQCOsi1td/NbeIS8bemS+BuRIOTm5sVdFtm9s1
+vyAO8lUzf9NWw6FDx9Vv9xGQGqO6xW+qqk5BhwXVs6yNMEYWORqMpJkZBJJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU1AOcTtDZbMw/FGDI8lYeIMRkcg8wHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMTM3MzUyZTMx
MzczMjJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFtr6wwDQYJKoZIhvcNAQELBQADggEBAH/b4zVsqW2eH+0T3isJjMmtyAwhulJH
x3s1cZ6NfYxz3+s5rRNdqO2Yib7z95/5D9GfAJTGH8dNEbEIHRkoZE5raQaA3jfJ
gun4j0HRgnyyE6vKKjZ1H5mPKHgl8koccLZEmZoKV/yjRKLjovO6kHmcxlXrDXb6
SLwbCsIdy4srm969qrTpaqR9GEtUI1FAemMkxWTzec4031A+L56FfPW68aQoR730
5JvLzEAyu67PmcrgLhwMNNgg4bkMmwGOtj6aUfJZQQlWPoylbqnsM5b5f5W7N0qX
DVARDxQ2cXvqsncLhvRdruSF1mRC+L0Zzx1SuoOrqHHL0nA4Tf0KU2Y=
-----END CERTIFICATE-----
Generated at Sun Nov 24 18:42:04 2024 by rpki-client on console-fra.rpki-client.org