Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3139322e302f32312d3231203d3e203432363839.roa
File: 3130392e3137352e3139322e302f32312d3231203d3e203432363839.roa (raw, json)
Hash identifier: f0ClU26fu8l5UqG6tRVRedtKiyLz2XMGjBKnqsDc/UY=
Subject key identifier: B7:CB:FA:08:0B:50:DF:22:B6:83:97:3F:18:B7:6D:EC:61:1F:C6:B8
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 0EF794A87CE773787FCA7C35289C2EAD27FFF963
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3139322e302f32312d3231203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:11:33 +0000
ROA not before: Thu 07 Nov 2024 11:06:33 +0000
ROA not after: Thu 06 Nov 2025 11:11:33 +0000
asID: 42689
IP address blocks: 109.175.192.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:f7:94:a8:7c:e7:73:78:7f:ca:7c:35:28:9c:2e:ad:27:ff:f9:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:06:33 2024 GMT
Not After : Nov 6 11:11:33 2025 GMT
Subject: CN=B7CBFA080B50DF22B683973F18B76DEC611FC6B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:89:72:51:86:81:72:f5:b6:01:9b:d9:17:af:
40:71:35:2e:51:a4:f9:ab:cb:ec:88:99:1f:55:63:
5e:07:be:9c:6b:86:9d:e8:f9:5a:a9:96:72:0c:23:
03:26:65:f2:1c:b9:f4:6b:71:9a:06:40:c5:1c:b3:
53:8b:c4:40:35:f1:57:43:6a:5c:44:00:e9:37:6d:
8b:54:ec:5b:cf:83:b8:89:fe:79:c6:61:00:67:03:
8c:7d:7a:45:5f:a5:d7:49:66:2a:d0:03:84:23:83:
67:27:95:6e:57:82:e5:e6:14:a9:6a:71:af:aa:1e:
b5:a5:5b:fd:7e:6d:6a:35:e9:06:57:3a:20:25:8e:
d2:62:47:e8:5a:df:c0:2b:e4:80:dd:36:38:cb:20:
b3:f8:8f:3d:5f:5b:fe:b4:ef:bb:dd:ac:56:2e:94:
ca:08:50:57:e8:c0:09:1a:40:7d:56:f5:9a:70:ed:
57:fe:07:d5:60:9d:4c:44:3c:20:41:b4:fa:44:f4:
36:7e:5e:bc:ee:25:77:64:bc:71:a3:ad:ac:83:7c:
57:bf:c5:89:4f:05:ed:ad:75:0e:46:5a:39:58:df:
0c:f2:b6:38:65:81:2b:6e:8f:3f:3f:2b:ae:b7:89:
cd:2a:d1:21:b0:15:50:2c:a5:16:ac:b1:5b:c3:6d:
de:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:CB:FA:08:0B:50:DF:22:B6:83:97:3F:18:B7:6D:EC:61:1F:C6:B8
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3139322e302f32312d3231203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.192.0/21
Signature Algorithm: sha256WithRSAEncryption
64:f7:6f:da:dc:a4:dd:e9:44:1e:60:b5:94:99:c6:9b:c0:6c:
ff:5f:f7:98:29:3e:07:d1:0a:19:ce:cb:a9:7f:96:e3:8f:44:
ca:af:a8:96:47:7b:97:f6:8b:28:45:46:b6:6e:0a:27:2b:a2:
6f:5e:2b:d1:68:4a:ca:2b:19:e9:f9:78:05:92:ab:99:3a:6f:
09:46:65:1a:42:08:11:1f:ab:75:b1:b9:83:33:b6:d4:7a:bd:
f1:fc:24:ec:68:6c:5c:91:cb:31:f2:47:99:d5:4f:73:f0:b8:
9c:78:21:1a:e1:0b:61:d1:0e:28:a3:e0:e3:87:d0:2a:2c:c8:
61:90:17:99:3a:5c:24:6a:63:80:1e:9d:26:0d:03:9b:94:01:
1a:7c:e4:f6:b4:7d:44:c0:5a:8a:76:5f:08:04:d5:d5:bd:a0:
1e:bf:fa:ef:e4:e9:f9:3f:49:7d:6e:c2:0b:8e:21:23:6b:65:
82:c1:70:e0:49:d3:b9:28:5f:d4:21:72:b4:17:90:6f:26:d9:
29:64:8d:99:be:79:95:5a:d8:a8:7d:1c:bd:1b:46:85:20:07:
bb:a7:ec:aa:b9:dd:94:dc:6c:68:00:1b:cd:22:c5:37:04:1e:
18:94:a6:c6:cb:5f:82:17:42:cd:f2:ed:04:05:46:fb:84:b9:
89:4f:7a:32
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDveUqHznc3h/ynw1KJwurSf/+WMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTA2MzNaFw0yNTExMDYxMTExMzNaMDMxMTAvBgNV
BAMTKEI3Q0JGQTA4MEI1MERGMjJCNjgzOTczRjE4Qjc2REVDNjExRkM2QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgiXJRhoFy9bYBm9kXr0BxNS5R
pPmry+yImR9VY14Hvpxrhp3o+VqplnIMIwMmZfIcufRrcZoGQMUcs1OLxEA18VdD
alxEAOk3bYtU7FvPg7iJ/nnGYQBnA4x9ekVfpddJZirQA4Qjg2cnlW5XguXmFKlq
ca+qHrWlW/1+bWo16QZXOiAljtJiR+ha38Ar5IDdNjjLILP4jz1fW/6077vdrFYu
lMoIUFfowAkaQH1W9Zpw7Vf+B9VgnUxEPCBBtPpE9DZ+XrzuJXdkvHGjrayDfFe/
xYlPBe2tdQ5GWjlY3wzytjhlgStujz8/K663ic0q0SGwFVAspRassVvDbd6jAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUt8v6CAtQ3yK2g5c/GLdt7GEfxrgwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMTM3MzUyZTMx
MzkzMjJlMzAyZjMyMzEyZDMyMzEyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BANtr8AwDQYJKoZIhvcNAQELBQADggEBAGT3b9rcpN3pRB5gtZSZxpvAbP9f95gp
PgfRChnOy6l/luOPRMqvqJZHe5f2iyhFRrZuCicrom9eK9FoSsorGen5eAWSq5k6
bwlGZRpCCBEfq3WxuYMzttR6vfH8JOxobFyRyzHyR5nVT3PwuJx4IRrhC2HRDiij
4OOH0CosyGGQF5k6XCRqY4AenSYNA5uUARp85Pa0fUTAWop2XwgE1dW9oB6/+u/k
6fk/SX1uwguOISNrZYLBcOBJ07koX9QhcrQXkG8m2SlkjZm+eZVa2Kh9HL0bRoUg
B7un7Kq53ZTcbGgAG80ixTcEHhiUpsbLX4IXQs3y7QQFRvuEuYlPejI=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org