Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3230342e302f32332d3233203d3e203432363839.roa
File: 3130392e3137352e3230342e302f32332d3233203d3e203432363839.roa (raw, json)
Hash identifier: abGdIAHthYGdhEWxDzK3RY8NqSsjQ9SZW4DEa8Uc8fw=
Subject key identifier: 64:81:84:4F:C6:C6:46:6E:CC:64:92:18:EB:E0:D4:BF:2A:64:8C:67
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 55138D66B4AC677166BE07CCD3EA91B385F5F8CF
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3230342e302f32332d3233203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:12:03 +0000
ROA not before: Thu 07 Nov 2024 11:07:03 +0000
ROA not after: Thu 06 Nov 2025 11:12:03 +0000
asID: 42689
IP address blocks: 109.175.204.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:13:8d:66:b4:ac:67:71:66:be:07:cc:d3:ea:91:b3:85:f5:f8:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:07:03 2024 GMT
Not After : Nov 6 11:12:03 2025 GMT
Subject: CN=6481844FC6C6466ECC649218EBE0D4BF2A648C67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:e9:4a:32:f7:fd:7a:33:c8:f6:15:38:49:1e:
73:39:98:c7:a8:31:04:3e:e9:e0:85:1b:d3:29:ce:
15:01:4e:72:ef:11:3a:07:e2:4c:0d:27:8a:f2:2a:
6c:9e:a4:e6:7f:8d:70:80:9c:29:cf:37:18:77:6a:
df:35:4f:44:b9:ba:98:0f:34:6e:7d:24:cd:09:b3:
c6:92:29:0e:e1:c9:07:51:06:d5:5b:03:39:13:25:
2c:c0:a4:31:28:df:3a:e9:7a:f2:76:a3:b7:d4:a0:
41:d2:bf:3b:93:8a:30:10:d7:98:62:85:30:46:26:
ae:64:dd:9b:b5:01:34:19:f5:57:09:b7:e4:a8:a6:
42:52:2e:bb:fe:89:ca:73:79:eb:86:61:d1:cf:28:
8f:46:16:f8:fb:8e:99:5d:d1:16:74:88:e0:30:6f:
fe:f4:5e:a0:ac:b9:f3:13:14:56:64:ed:36:01:2b:
39:e1:be:d5:67:57:5e:d2:44:51:21:9c:e2:25:55:
19:c9:bd:39:b5:58:cd:54:24:d5:b5:9f:58:c7:87:
64:1f:93:5b:b2:ba:bc:c8:b0:dc:e5:5b:da:ad:f5:
6f:bb:e0:57:fc:0d:0e:69:17:37:26:ab:04:d5:69:
8d:c1:70:3f:86:e5:06:6d:c0:fe:57:d0:0b:b8:0c:
fa:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:81:84:4F:C6:C6:46:6E:CC:64:92:18:EB:E0:D4:BF:2A:64:8C:67
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3230342e302f32332d3233203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.204.0/23
Signature Algorithm: sha256WithRSAEncryption
20:44:5c:e7:28:f3:f6:51:2d:a8:e1:cb:ac:ac:57:c4:1c:44:
86:62:ef:ec:fd:53:90:25:19:a7:24:61:ea:30:13:3c:32:4e:
d0:8c:4c:f6:b9:f9:cb:32:45:74:23:25:04:f7:97:72:29:83:
b6:9e:67:d0:b9:1f:f4:f5:3c:99:d2:77:06:ab:0e:b7:ae:44:
a3:15:b9:1c:b7:4f:0b:8c:fe:0c:01:bc:aa:e5:16:73:69:df:
7b:dc:1a:f2:65:f6:a5:74:ee:ed:7e:9e:40:dc:1c:6a:ad:7d:
ca:c0:78:0f:64:67:9e:5c:23:6c:eb:de:1f:5b:42:27:0a:c9:
04:d9:ab:ea:95:13:f9:34:e3:45:dc:04:3d:c5:f9:79:e5:8f:
48:bb:65:e0:ba:a8:14:6f:4c:6b:ca:15:eb:a3:fb:25:a9:74:
19:67:4f:b2:10:d5:71:cf:02:fd:5b:df:3a:25:ff:72:09:2d:
ca:cf:58:b7:20:60:6a:43:53:be:0c:fb:2a:10:c9:e4:83:f2:
cd:ca:63:e1:f1:b7:0b:86:df:61:ad:b0:d8:be:4c:ed:50:1e:
7a:d8:c6:78:db:d3:5b:f4:32:0a:94:7a:96:9e:67:86:99:be:
fc:0e:4c:2e:bb:57:06:7e:14:eb:d2:34:b8:94:90:3e:ab:d0:
a1:a9:37:ec
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVRONZrSsZ3FmvgfM0+qRs4X1+M8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTA3MDNaFw0yNTExMDYxMTEyMDNaMDMxMTAvBgNV
BAMTKDY0ODE4NDRGQzZDNjQ2NkVDQzY0OTIxOEVCRTBENEJGMkE2NDhDNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo6Uoy9/16M8j2FThJHnM5mMeo
MQQ+6eCFG9MpzhUBTnLvEToH4kwNJ4ryKmyepOZ/jXCAnCnPNxh3at81T0S5upgP
NG59JM0Js8aSKQ7hyQdRBtVbAzkTJSzApDEo3zrpevJ2o7fUoEHSvzuTijAQ15hi
hTBGJq5k3Zu1ATQZ9VcJt+SopkJSLrv+icpzeeuGYdHPKI9GFvj7jpld0RZ0iOAw
b/70XqCsufMTFFZk7TYBKznhvtVnV17SRFEhnOIlVRnJvTm1WM1UJNW1n1jHh2Qf
k1uyurzIsNzlW9qt9W+74Ff8DQ5pFzcmqwTVaY3BcD+G5QZtwP5X0Au4DPqlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUZIGET8bGRm7MZJIY6+DUvypkjGcwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMTM3MzUyZTMy
MzAzNDJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFtr8wwDQYJKoZIhvcNAQELBQADggEBACBEXOco8/ZRLajhy6ysV8QcRIZi7+z9
U5AlGackYeowEzwyTtCMTPa5+csyRXQjJQT3l3Ipg7aeZ9C5H/T1PJnSdwarDreu
RKMVuRy3TwuM/gwBvKrlFnNp33vcGvJl9qV07u1+nkDcHGqtfcrAeA9kZ55cI2zr
3h9bQicKyQTZq+qVE/k040XcBD3F+Xnlj0i7ZeC6qBRvTGvKFeuj+yWpdBlnT7IQ
1XHPAv1b3zol/3IJLcrPWLcgYGpDU74M+yoQyeSD8s3KY+HxtwuG32GtsNi+TO1Q
HnrYxnjb01v0MgqUepaeZ4aZvvwOTC67VwZ+FOvSNLiUkD6r0KGpN+w=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:50 2024 by rpki-client on console-fra.rpki-client.org