Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3137362e302f32302d3230203d3e203432363839.roa
File: 3130392e3137352e3137362e302f32302d3230203d3e203432363839.roa (raw, json)
Hash identifier: K5QLCwHVhUaQCyaJbpU+j2P2E3dlWiUzAAOGazPMKyI=
Subject key identifier: FF:2F:C3:79:9B:DC:91:60:BE:5A:7B:53:95:3D:2C:6F:91:D7:2A:24
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 55BEDFF709E15638D51A03DB602C3059FB2FFAA7
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3137362e302f32302d3230203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:10:21 +0000
ROA not before: Thu 07 Nov 2024 11:05:21 +0000
ROA not after: Thu 06 Nov 2025 11:10:21 +0000
asID: 42689
IP address blocks: 109.175.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:be:df:f7:09:e1:56:38:d5:1a:03:db:60:2c:30:59:fb:2f:fa:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:05:21 2024 GMT
Not After : Nov 6 11:10:21 2025 GMT
Subject: CN=FF2FC3799BDC9160BE5A7B53953D2C6F91D72A24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b4:b6:04:dd:ab:8f:c3:85:55:e7:d5:d7:d2:
43:45:55:ae:95:82:73:8a:75:5e:3f:f5:96:13:6c:
58:86:36:d0:22:fc:d8:73:6d:f5:21:c7:9b:21:6f:
ff:ac:36:3f:d8:1c:95:b8:a4:70:e2:06:ad:bd:cc:
40:ff:1e:9a:83:be:a5:24:4e:95:88:7c:c8:27:8f:
e2:68:63:4c:da:fd:1b:8d:c4:b4:e6:b4:17:01:f8:
94:4d:a3:10:46:c9:cd:88:44:3e:1b:7e:c7:cc:2d:
61:d9:b4:e3:68:b2:fd:81:9a:1c:ba:44:23:dc:f0:
42:46:be:21:29:54:a6:c7:5f:aa:32:ce:82:ba:03:
f3:35:3b:cf:6b:9e:1a:01:55:e4:c2:a1:8c:92:2c:
f8:f3:c9:d4:05:c4:94:39:bd:fc:0f:94:68:21:fb:
17:6b:bb:2c:4c:b9:39:e2:d2:3e:22:13:63:22:bb:
3d:6e:20:d5:e2:7e:0d:c0:31:84:eb:cc:91:c1:f2:
e8:fe:86:5f:a2:17:5f:0d:95:10:e6:78:41:2d:e7:
03:1a:f6:4a:34:2e:36:6c:e1:3c:6d:6f:80:d6:f1:
6d:2f:5b:45:eb:7f:e8:5a:c4:42:ba:1b:b4:01:cd:
da:28:0f:73:f5:1c:64:0c:bd:75:a7:88:b7:4a:09:
53:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:2F:C3:79:9B:DC:91:60:BE:5A:7B:53:95:3D:2C:6F:91:D7:2A:24
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3137362e302f32302d3230203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.176.0/20
Signature Algorithm: sha256WithRSAEncryption
92:6e:2c:83:01:70:de:a2:67:0f:fd:ba:a2:2d:54:38:06:ba:
55:8a:df:a0:4f:3e:79:25:e8:cd:ac:df:57:4e:08:ff:2e:2f:
5d:da:f7:5b:c0:2f:e9:3b:c8:40:f0:e5:a7:61:98:71:19:8d:
29:38:63:f6:c2:c6:53:f0:9e:c9:00:68:6e:ef:45:bb:0a:a0:
aa:00:b3:1d:8e:19:f9:56:4a:47:94:17:5c:d1:7e:74:40:0c:
9c:28:cb:31:7e:12:ed:17:95:b4:4d:06:c4:30:7b:bc:e8:ba:
35:b6:a1:85:6d:91:87:3f:5d:d8:50:be:bb:77:33:34:74:e2:
12:36:a1:c8:68:7c:98:30:39:bf:b4:62:4f:ad:fb:ab:2c:27:
18:7b:32:ed:8a:29:60:6e:d8:27:4b:ef:58:43:d9:a1:c1:05:
90:95:13:5b:05:a3:eb:1a:52:76:0f:b8:20:8f:6b:dd:5a:c9:
3d:38:0e:6e:cb:5d:16:30:0f:b7:c0:dc:21:55:c4:49:60:4e:
59:51:b4:fc:83:82:8e:01:1a:90:71:7c:06:a0:d5:d1:4a:3b:
a9:c9:e5:4f:25:a1:cc:1a:bb:b9:76:40:09:f9:1a:90:f2:71:
84:4e:88:84:2c:db:0b:95:81:4b:b1:40:54:3e:c5:84:74:f0:
a6:be:61:8c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVb7f9wnhVjjVGgPbYCwwWfsv+qcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTA1MjFaFw0yNTExMDYxMTEwMjFaMDMxMTAvBgNV
BAMTKEZGMkZDMzc5OUJEQzkxNjBCRTVBN0I1Mzk1M0QyQzZGOTFENzJBMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1tLYE3auPw4VV59XX0kNFVa6V
gnOKdV4/9ZYTbFiGNtAi/NhzbfUhx5shb/+sNj/YHJW4pHDiBq29zED/HpqDvqUk
TpWIfMgnj+JoY0za/RuNxLTmtBcB+JRNoxBGyc2IRD4bfsfMLWHZtONosv2Bmhy6
RCPc8EJGviEpVKbHX6oyzoK6A/M1O89rnhoBVeTCoYySLPjzydQFxJQ5vfwPlGgh
+xdruyxMuTni0j4iE2Miuz1uINXifg3AMYTrzJHB8uj+hl+iF18NlRDmeEEt5wMa
9ko0LjZs4Txtb4DW8W0vW0Xrf+haxEK6G7QBzdooD3P1HGQMvXWniLdKCVPjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU/y/DeZvckWC+WntTlT0sb5HXKiQwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMTM3MzUyZTMx
MzczNjJlMzAyZjMyMzAyZDMyMzAyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BARtr7AwDQYJKoZIhvcNAQELBQADggEBAJJuLIMBcN6iZw/9uqItVDgGulWK36BP
Pnkl6M2s31dOCP8uL13a91vAL+k7yEDw5adhmHEZjSk4Y/bCxlPwnskAaG7vRbsK
oKoAsx2OGflWSkeUF1zRfnRADJwoyzF+Eu0XlbRNBsQwe7zoujW2oYVtkYc/XdhQ
vrt3MzR04hI2ochofJgwOb+0Yk+t+6ssJxh7Mu2KKWBu2CdL71hD2aHBBZCVE1sF
o+saUnYPuCCPa91ayT04Dm7LXRYwD7fA3CFVxElgTllRtPyDgo4BGpBxfAag1dFK
O6nJ5U8locwau7l2QAn5GpDycYROiIQs2wuVgUuxQFQ+xYR08Ka+YYw=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org