Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3230382e302f32332d3233203d3e203432363839.roa
File: 3130392e3137352e3230382e302f32332d3233203d3e203432363839.roa (raw, json)
Hash identifier: nsz8tuIuCBkFX0PDRKCJKHPdLkuVBhyza0AEYuX/Y+s=
Subject key identifier: F6:6E:D1:B1:D6:0B:92:39:B9:2C:E6:C1:17:7D:7E:54:A5:17:BE:BB
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 736B238D94F979E68B9EB28B6AF6994043481615
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3230382e302f32332d3233203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:12:32 +0000
ROA not before: Thu 07 Nov 2024 11:07:32 +0000
ROA not after: Thu 06 Nov 2025 11:12:32 +0000
asID: 42689
IP address blocks: 109.175.208.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:6b:23:8d:94:f9:79:e6:8b:9e:b2:8b:6a:f6:99:40:43:48:16:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:07:32 2024 GMT
Not After : Nov 6 11:12:32 2025 GMT
Subject: CN=F66ED1B1D60B9239B92CE6C1177D7E54A517BEBB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:30:9f:88:95:5b:6d:ed:8a:fe:95:f2:6d:77:
06:5b:c8:4e:c1:4e:87:f2:51:39:a9:e7:98:c8:a3:
fb:11:79:8e:af:84:20:86:10:a5:f8:04:36:d2:81:
ba:10:96:50:3b:ad:40:87:b7:c2:bb:a5:47:bd:5f:
2d:70:c6:1b:3a:4c:34:a8:fd:40:23:cf:24:7a:91:
c0:8d:60:1f:d0:1c:80:80:4f:83:64:27:ff:d9:d2:
fa:b7:af:d7:fc:6b:07:27:88:37:07:a2:66:02:4c:
d2:e4:b8:8b:c7:3c:fd:fe:88:62:4d:a6:9a:5f:a4:
48:ed:67:42:19:ef:d4:91:e6:01:ce:a2:61:3e:96:
39:c6:e6:93:8c:9d:4c:48:a7:29:bf:d3:7a:1f:61:
8c:1a:e3:7e:89:55:86:5b:55:b3:99:cd:80:fc:66:
1d:3e:83:f6:52:b7:f5:5d:aa:57:b2:7c:c5:54:ac:
bd:ea:99:07:db:06:fd:86:12:36:e3:2d:d2:31:a9:
ec:45:56:aa:9f:c4:7b:b4:fb:a0:f9:d1:3d:cf:69:
c5:c7:5d:67:28:8b:ee:a8:bd:9f:59:c6:6c:d7:bd:
7c:da:09:4b:b2:be:64:05:e1:32:fc:21:d3:dd:af:
1f:5e:84:b2:bf:1a:2d:b3:c6:3a:64:4b:cc:cf:4f:
3c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:6E:D1:B1:D6:0B:92:39:B9:2C:E6:C1:17:7D:7E:54:A5:17:BE:BB
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3230382e302f32332d3233203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.208.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:4a:ad:8d:e7:59:ca:e5:7c:40:7e:ad:76:fc:12:d8:14:3e:
e3:a3:17:65:34:12:95:72:39:91:6d:ca:b9:b5:c5:54:73:41:
0c:61:e4:61:15:1b:33:4a:58:16:23:e0:b2:58:42:37:92:ca:
bd:68:71:e8:85:cb:03:d5:7f:5e:d3:40:b8:fd:fd:4d:9d:58:
db:72:aa:ff:4f:cd:66:45:5c:b4:c7:27:24:f7:cd:8a:b2:82:
14:89:3b:ea:12:a7:55:97:cb:cc:e1:67:a9:2c:c2:2d:4e:ec:
7f:0c:14:3d:93:ca:ab:f6:1c:10:41:24:33:fd:36:4c:63:4c:
b1:e1:c3:47:9f:78:c2:de:59:8b:3f:8b:69:5f:b5:c6:f4:d8:
66:dc:19:de:3f:e7:be:ac:53:5f:45:c6:e3:8a:12:56:6a:e5:
89:46:d8:12:51:5d:b0:d9:d4:ec:8c:4e:5a:99:6f:e2:a6:12:
e0:1d:eb:ae:a5:b8:e9:08:f5:36:c2:75:21:aa:52:cd:79:b6:
ed:24:ac:c7:73:be:b7:0f:a7:9f:3a:e1:a7:2f:d8:4a:3c:13:
fd:85:c0:27:aa:40:3e:4f:52:25:0d:f9:ee:f9:a3:22:7b:fc:
5f:f8:c1:01:ed:46:27:27:02:a1:eb:ba:53:09:02:2a:bf:65:
48:90:89:41
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUc2sjjZT5eeaLnrKLavaZQENIFhUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTA3MzJaFw0yNTExMDYxMTEyMzJaMDMxMTAvBgNV
BAMTKEY2NkVEMUIxRDYwQjkyMzlCOTJDRTZDMTE3N0Q3RTU0QTUxN0JFQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBMJ+IlVtt7Yr+lfJtdwZbyE7B
TofyUTmp55jIo/sReY6vhCCGEKX4BDbSgboQllA7rUCHt8K7pUe9Xy1wxhs6TDSo
/UAjzyR6kcCNYB/QHICAT4NkJ//Z0vq3r9f8awcniDcHomYCTNLkuIvHPP3+iGJN
pppfpEjtZ0IZ79SR5gHOomE+ljnG5pOMnUxIpym/03ofYYwa436JVYZbVbOZzYD8
Zh0+g/ZSt/VdqleyfMVUrL3qmQfbBv2GEjbjLdIxqexFVqqfxHu0+6D50T3PacXH
XWcoi+6ovZ9ZxmzXvXzaCUuyvmQF4TL8IdPdrx9ehLK/Gi2zxjpkS8zPTzw7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU9m7RsdYLkjm5LObBF31+VKUXvrswHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMTM3MzUyZTMy
MzAzODJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFtr9AwDQYJKoZIhvcNAQELBQADggEBAAtKrY3nWcrlfEB+rXb8EtgUPuOjF2U0
EpVyOZFtyrm1xVRzQQxh5GEVGzNKWBYj4LJYQjeSyr1oceiFywPVf17TQLj9/U2d
WNtyqv9PzWZFXLTHJyT3zYqyghSJO+oSp1WXy8zhZ6kswi1O7H8MFD2Tyqv2HBBB
JDP9NkxjTLHhw0efeMLeWYs/i2lftcb02GbcGd4/576sU19FxuOKElZq5YlG2BJR
XbDZ1OyMTlqZb+KmEuAd666luOkI9TbCdSGqUs15tu0krMdzvrcPp5864acv2Eo8
E/2FwCeqQD5PUiUN+e75oyJ7/F/4wQHtRicnAqHrulMJAiq/ZUiQiUE=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org