Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3230372e302f32342d3234203d3e203432363839.roa
File: 3130392e3137352e3230372e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: ujgSwBVkASwGTzeRnZ9vYMcJ3PQVo7elF5yVzTpiWoo=
Subject key identifier: 55:10:F4:D4:DA:9D:09:46:F1:E1:48:58:C9:82:7C:82:AD:E4:C8:F8
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 257836A34D83630EE453EA82C73E173613CE2AF9
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3230372e302f32342d3234203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:12:19 +0000
ROA not before: Thu 07 Nov 2024 11:07:19 +0000
ROA not after: Thu 06 Nov 2025 11:12:19 +0000
asID: 42689
IP address blocks: 109.175.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:78:36:a3:4d:83:63:0e:e4:53:ea:82:c7:3e:17:36:13:ce:2a:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:07:19 2024 GMT
Not After : Nov 6 11:12:19 2025 GMT
Subject: CN=5510F4D4DA9D0946F1E14858C9827C82ADE4C8F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6f:2c:f4:a1:71:a7:dc:1c:1d:dd:22:cb:db:
a2:de:e1:ac:59:c9:63:80:52:21:8d:fe:9a:ad:bb:
da:08:79:1d:77:d4:c7:04:57:7b:e1:fd:73:d7:42:
69:9c:c5:f3:3b:50:a7:2a:60:c0:d9:dc:e4:61:a7:
11:4c:3f:83:ee:ae:ec:35:95:1c:10:8d:ee:5d:ee:
7d:2b:6a:86:0e:2e:a3:4e:e1:7b:ed:46:93:7a:81:
d9:99:aa:37:9d:d9:51:f0:72:d4:ac:92:1d:39:84:
b1:ce:eb:f9:ac:73:02:e7:89:c0:34:07:ca:7b:15:
bc:3f:94:d2:d4:c6:90:83:e1:fa:30:68:ff:85:2c:
e9:78:3e:08:e6:2c:0a:df:aa:f3:cc:63:d5:b9:34:
77:f2:68:6a:33:f3:49:78:20:dc:37:0b:94:6c:34:
ff:ff:1c:e4:5f:5f:3a:76:28:35:89:d1:34:03:91:
eb:9e:fd:59:26:ab:46:da:ae:cc:0c:89:e3:5b:09:
b8:49:91:4a:0c:7a:53:ad:65:e7:4a:ea:8c:5b:38:
f2:d7:d6:ce:38:4e:49:a3:63:bf:97:9d:5c:58:88:
64:80:ab:26:ef:35:33:39:f1:ec:d7:a1:74:d4:e2:
56:2f:72:90:2e:d0:9b:80:65:9c:ee:0f:40:68:32:
15:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:10:F4:D4:DA:9D:09:46:F1:E1:48:58:C9:82:7C:82:AD:E4:C8:F8
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3230372e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.207.0/24
Signature Algorithm: sha256WithRSAEncryption
89:bd:0f:73:01:89:25:1e:8c:8f:96:28:32:08:da:29:b1:5c:
1f:b4:6e:75:94:a8:d4:f3:b9:fe:40:96:62:d6:56:0f:7b:d6:
a3:39:43:21:c7:ac:82:2f:c8:5e:8a:6f:ea:57:9b:0e:a9:f9:
8b:7e:35:71:8d:28:2a:70:77:8a:b2:14:64:90:7a:9a:b6:18:
80:af:1a:0b:c3:8c:f7:68:78:12:8b:99:d1:91:bb:e7:01:58:
c4:a2:c8:ff:da:1b:a7:92:03:22:97:0d:b0:ca:13:d7:cd:eb:
93:97:5a:00:f7:a3:81:c3:39:e1:0f:dd:15:ad:c9:df:38:52:
a1:a7:eb:1e:b3:db:ec:55:50:fc:aa:4f:81:c1:4d:c5:9f:db:
5e:22:aa:95:a3:9f:66:e8:a5:f8:0a:da:8d:08:da:3a:59:44:
aa:9c:09:b7:28:91:53:64:af:fd:fa:aa:87:13:42:d7:c3:82:
58:17:de:88:7d:be:43:33:51:e5:f0:96:dd:e6:18:04:09:a0:
2f:33:72:c4:4a:9d:84:81:8b:46:17:f0:22:9d:93:20:6c:e2:
4f:84:5b:dd:e7:dc:f5:d2:bf:16:57:a8:6a:61:0f:eb:94:81:
88:c3:8c:16:7d:b1:04:b4:bd:8a:45:38:ed:a6:5c:75:a4:91:
be:02:6b:a8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJXg2o02DYw7kU+qCxz4XNhPOKvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTA3MTlaFw0yNTExMDYxMTEyMTlaMDMxMTAvBgNV
BAMTKDU1MTBGNEQ0REE5RDA5NDZGMUUxNDg1OEM5ODI3QzgyQURFNEM4RjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNbyz0oXGn3Bwd3SLL26Le4axZ
yWOAUiGN/pqtu9oIeR131McEV3vh/XPXQmmcxfM7UKcqYMDZ3ORhpxFMP4Puruw1
lRwQje5d7n0raoYOLqNO4XvtRpN6gdmZqjed2VHwctSskh05hLHO6/mscwLnicA0
B8p7Fbw/lNLUxpCD4fowaP+FLOl4PgjmLArfqvPMY9W5NHfyaGoz80l4INw3C5Rs
NP//HORfXzp2KDWJ0TQDkeue/Vkmq0barswMieNbCbhJkUoMelOtZedK6oxbOPLX
1s44TkmjY7+XnVxYiGSAqybvNTM58ezXoXTU4lYvcpAu0JuAZZzuD0BoMhVjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUVRD01NqdCUbx4UhYyYJ8gq3kyPgwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMTM3MzUyZTMy
MzAzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtr88wDQYJKoZIhvcNAQELBQADggEBAIm9D3MBiSUejI+WKDII2imxXB+0bnWU
qNTzuf5AlmLWVg971qM5QyHHrIIvyF6Kb+pXmw6p+Yt+NXGNKCpwd4qyFGSQepq2
GICvGgvDjPdoeBKLmdGRu+cBWMSiyP/aG6eSAyKXDbDKE9fN65OXWgD3o4HDOeEP
3RWtyd84UqGn6x6z2+xVUPyqT4HBTcWf214iqpWjn2bopfgK2o0I2jpZRKqcCbco
kVNkr/36qocTQtfDglgX3oh9vkMzUeXwlt3mGAQJoC8zcsRKnYSBi0YX8CKdkyBs
4k+EW93n3PXSvxZXqGphD+uUgYjDjBZ9sQS0vYpFOO2mXHWkkb4Ca6g=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org