Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3230302e302f32322d3232203d3e203432363839.roa
File: 3130392e3137352e3230302e302f32322d3232203d3e203432363839.roa (raw, json)
Hash identifier: kZv2mMV/Ibr7IWSvNTtedIgdNyQ6RfIYcg4DfEp49UY=
Subject key identifier: 26:30:38:AA:A8:11:7B:AE:97:49:22:AE:F0:0F:30:3C:DE:78:AB:F4
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 08EEC3AFB174A65AEA2238CA11539BAA340EA5CD
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3230302e302f32322d3232203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:11:50 +0000
ROA not before: Thu 07 Nov 2024 11:06:50 +0000
ROA not after: Thu 06 Nov 2025 11:11:50 +0000
asID: 42689
IP address blocks: 109.175.200.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:ee:c3:af:b1:74:a6:5a:ea:22:38:ca:11:53:9b:aa:34:0e:a5:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:06:50 2024 GMT
Not After : Nov 6 11:11:50 2025 GMT
Subject: CN=263038AAA8117BAE974922AEF00F303CDE78ABF4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:16:fe:3e:7c:52:3e:1a:78:e1:16:ec:e8:e5:
f5:4f:2b:ea:83:45:bf:b9:d4:f6:eb:8b:b9:e9:b4:
95:1c:06:37:0a:6b:e3:f4:b6:62:4f:4d:c1:42:c2:
c9:ba:c3:19:af:3f:94:f6:71:f8:5e:8a:85:fd:54:
4d:98:11:2c:f8:43:27:06:3c:33:22:bb:a7:e5:43:
aa:69:d4:03:7f:e2:04:76:aa:ba:02:74:da:28:1e:
f3:af:aa:bc:94:98:40:44:70:2c:d1:36:89:69:bb:
f7:34:3e:7f:23:7d:67:8f:f4:8a:57:5b:28:b7:d6:
01:6f:12:23:85:9a:e8:15:cb:25:7f:1f:ed:b7:0c:
07:3f:20:bc:f7:e9:33:3e:a4:1f:c0:e6:ca:d4:c5:
1a:98:c8:56:b2:76:ae:da:2f:fd:25:b0:8d:d0:08:
0d:15:f0:63:bf:3d:56:61:d6:fc:b4:88:fa:ca:5d:
54:c0:31:ba:05:92:e2:70:55:c1:58:2a:d4:85:1e:
c7:2f:4c:11:ec:a3:1a:2b:14:9e:09:26:d4:d5:21:
2a:96:d3:fe:5c:90:4d:9d:dc:03:d9:9c:3d:c6:14:
8e:fe:78:54:40:14:0b:65:2a:a9:31:11:3c:fc:57:
d4:f0:87:81:ce:c0:ed:d8:b5:d1:b0:15:75:60:b5:
13:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:30:38:AA:A8:11:7B:AE:97:49:22:AE:F0:0F:30:3C:DE:78:AB:F4
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3230302e302f32322d3232203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.200.0/22
Signature Algorithm: sha256WithRSAEncryption
46:f3:a2:e9:cd:04:9d:4a:c9:ed:2e:45:bf:f1:02:59:c6:ba:
18:13:d5:14:44:87:49:2c:cb:41:5c:69:9a:da:53:7b:b3:11:
29:97:ef:86:bc:e4:9c:dd:54:74:70:02:e9:17:19:ab:23:22:
06:25:d2:23:19:bb:07:01:64:18:6c:0a:53:81:74:d1:80:16:
3e:87:bc:be:34:53:9e:48:cb:eb:f2:12:b9:ca:6e:a0:66:9d:
e0:27:26:2f:72:50:9d:67:e6:91:55:8b:6f:34:8e:6e:85:44:
e4:16:7d:a5:f2:82:76:bd:3e:76:4d:11:c9:90:f5:91:52:b0:
34:9a:9f:a0:25:82:03:1f:26:2f:c8:6a:52:6b:b0:c4:d6:2b:
2a:9a:34:a8:02:d9:26:1c:7e:d1:2f:04:db:09:80:93:ba:83:
f2:88:49:49:e6:0b:fe:46:44:89:88:84:92:7f:f1:0d:43:78:
cf:3c:f4:92:cb:a0:f5:70:05:80:ad:7b:13:8e:80:03:2f:2c:
d9:4a:e7:9f:b3:42:0d:d2:33:6b:f7:49:6e:b4:07:96:1a:cb:
b4:ca:c2:47:a5:83:c5:e3:3e:60:23:a6:b1:1d:53:93:18:aa:
30:14:b8:5b:54:77:32:da:f3:aa:11:3c:62:b9:e2:37:89:d6:
86:8d:73:80
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCO7Dr7F0plrqIjjKEVObqjQOpc0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTA2NTBaFw0yNTExMDYxMTExNTBaMDMxMTAvBgNV
BAMTKDI2MzAzOEFBQTgxMTdCQUU5NzQ5MjJBRUYwMEYzMDNDREU3OEFCRjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCFv4+fFI+GnjhFuzo5fVPK+qD
Rb+51Pbri7nptJUcBjcKa+P0tmJPTcFCwsm6wxmvP5T2cfheioX9VE2YESz4QycG
PDMiu6flQ6pp1AN/4gR2qroCdNooHvOvqryUmEBEcCzRNolpu/c0Pn8jfWeP9IpX
Wyi31gFvEiOFmugVyyV/H+23DAc/ILz36TM+pB/A5srUxRqYyFaydq7aL/0lsI3Q
CA0V8GO/PVZh1vy0iPrKXVTAMboFkuJwVcFYKtSFHscvTBHsoxorFJ4JJtTVISqW
0/5ckE2d3APZnD3GFI7+eFRAFAtlKqkxETz8V9Twh4HOwO3YtdGwFXVgtROJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUJjA4qqgRe66XSSKu8A8wPN54q/QwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMTM3MzUyZTMy
MzAzMDJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJtr8gwDQYJKoZIhvcNAQELBQADggEBAEbzounNBJ1Kye0uRb/xAlnGuhgT1RRE
h0ksy0FcaZraU3uzESmX74a85JzdVHRwAukXGasjIgYl0iMZuwcBZBhsClOBdNGA
Fj6HvL40U55Iy+vyErnKbqBmneAnJi9yUJ1n5pFVi280jm6FROQWfaXygna9PnZN
EcmQ9ZFSsDSan6AlggMfJi/IalJrsMTWKyqaNKgC2SYcftEvBNsJgJO6g/KISUnm
C/5GRImIhJJ/8Q1DeM889JLLoPVwBYCtexOOgAMvLNlK55+zQg3SM2v3SW60B5Ya
y7TKwkelg8XjPmAjprEdU5MYqjAUuFtUdzLa86oRPGK54jeJ1oaNc4A=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org