Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3231302e302f32342d3234203d3e203432363839.roa
File: 3130392e3137352e3231302e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: Vq7o5M8DrpE7/EsQX6idUBM7e/Hr6webFzDkqTUB/lE=
Subject key identifier: 26:56:E2:23:E0:74:07:47:86:0E:48:E2:67:02:38:22:23:82:49:D3
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 0657857BFA07E803812FB061E5A59D9D64045ED2
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3231302e302f32342d3234203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:12:45 +0000
ROA not before: Thu 07 Nov 2024 11:07:45 +0000
ROA not after: Thu 06 Nov 2025 11:12:45 +0000
asID: 42689
IP address blocks: 109.175.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:57:85:7b:fa:07:e8:03:81:2f:b0:61:e5:a5:9d:9d:64:04:5e:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:07:45 2024 GMT
Not After : Nov 6 11:12:45 2025 GMT
Subject: CN=2656E223E0740747860E48E267023822238249D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:72:b8:4d:cb:ee:79:fd:b0:39:e0:97:83:e0:
c9:b2:12:a6:fa:07:61:33:f5:37:0c:31:0c:94:cf:
a1:0f:c3:fc:d7:05:fa:54:ac:b4:30:9e:70:55:c3:
79:a6:5a:7a:e7:e5:01:b7:ca:aa:55:b5:ee:cf:ba:
1d:e7:e3:b1:3f:74:41:c1:51:2b:8e:58:a2:12:ba:
38:51:9e:3c:d8:e0:e0:07:bc:0d:ca:54:d6:18:18:
2b:63:0e:df:48:fe:e8:a1:a7:b7:5a:22:33:be:2c:
bc:b8:10:f3:f5:ee:b5:8d:6e:a9:98:e7:95:cb:16:
02:ec:e7:4a:bc:f3:93:4b:cb:f3:92:f8:ec:7f:d9:
41:9e:ad:a4:ee:c4:d7:42:88:ac:b2:38:65:2b:46:
62:e5:20:71:1e:e3:e9:d6:70:24:76:24:ec:c5:e5:
92:e7:50:93:6f:b2:a0:71:bb:18:bb:a9:82:4e:ae:
e8:d9:4d:ce:1b:1e:fc:a4:e7:ba:ba:ce:a9:68:cc:
85:4a:f9:1f:55:fc:b5:88:5f:78:ac:be:43:68:db:
19:93:d8:1d:bc:ab:14:ec:3c:f8:7c:02:0b:27:40:
0a:eb:09:0a:0e:9c:9f:4c:45:0e:c2:42:f5:5f:e8:
11:45:a8:99:83:b2:b7:7d:5a:5e:9b:d9:e1:27:d4:
57:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:56:E2:23:E0:74:07:47:86:0E:48:E2:67:02:38:22:23:82:49:D3
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3231302e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.210.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:2d:bd:9c:17:33:3f:7c:c6:6c:ca:dc:64:08:e8:da:ad:0c:
4a:49:3d:5f:d3:40:c9:7e:06:21:3b:05:21:85:3e:e8:e5:71:
42:12:99:05:4a:65:a7:48:d2:5b:02:73:7b:dd:e3:6a:7a:b7:
49:44:b1:45:f7:16:11:b6:c3:5f:04:d2:6b:ab:79:c8:71:eb:
1e:7a:12:cc:3d:89:d6:73:0b:ad:80:c1:e9:3d:53:3a:cb:fa:
1f:1b:e0:f2:a3:86:0d:97:c0:1b:0c:6d:48:40:0e:31:26:c2:
86:da:c4:4e:b9:63:f2:a5:48:ba:6f:f8:fa:1f:a4:3a:0b:a8:
82:93:b4:22:75:9b:0c:f5:3c:88:f6:ac:50:2f:ba:ed:11:af:
59:f6:93:d3:c9:ec:a4:b8:c6:e9:71:3e:6b:8f:37:9a:4c:24:
94:f4:ae:cf:b1:45:e4:a5:af:13:52:7d:02:2a:7b:1b:07:9d:
89:92:f7:8a:3a:eb:61:e2:b6:cf:b5:26:c3:9a:e1:c0:f3:b8:
bb:d1:1d:27:64:fa:83:62:8d:9e:df:84:64:34:3f:a2:15:e5:
ae:0e:dd:c8:1c:d5:bd:60:f4:32:4b:b7:da:08:3a:38:70:42:
17:a9:5a:ea:9b:d1:46:f8:6d:01:41:93:4d:3f:6c:22:de:fd:
38:79:24:33
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUBleFe/oH6AOBL7Bh5aWdnWQEXtIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTA3NDVaFw0yNTExMDYxMTEyNDVaMDMxMTAvBgNV
BAMTKDI2NTZFMjIzRTA3NDA3NDc4NjBFNDhFMjY3MDIzODIyMjM4MjQ5RDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlcrhNy+55/bA54JeD4MmyEqb6
B2Ez9TcMMQyUz6EPw/zXBfpUrLQwnnBVw3mmWnrn5QG3yqpVte7Puh3n47E/dEHB
USuOWKISujhRnjzY4OAHvA3KVNYYGCtjDt9I/uihp7daIjO+LLy4EPP17rWNbqmY
55XLFgLs50q885NLy/OS+Ox/2UGeraTuxNdCiKyyOGUrRmLlIHEe4+nWcCR2JOzF
5ZLnUJNvsqBxuxi7qYJOrujZTc4bHvyk57q6zqlozIVK+R9V/LWIX3isvkNo2xmT
2B28qxTsPPh8AgsnQArrCQoOnJ9MRQ7CQvVf6BFFqJmDsrd9Wl6b2eEn1FfPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUJlbiI+B0B0eGDkjiZwI4IiOCSdMwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMTM3MzUyZTMy
MzEzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtr9IwDQYJKoZIhvcNAQELBQADggEBABotvZwXMz98xmzK3GQI6NqtDEpJPV/T
QMl+BiE7BSGFPujlcUISmQVKZadI0lsCc3vd42p6t0lEsUX3FhG2w18E0murechx
6x56Esw9idZzC62Awek9UzrL+h8b4PKjhg2XwBsMbUhADjEmwobaxE65Y/KlSLpv
+PofpDoLqIKTtCJ1mwz1PIj2rFAvuu0Rr1n2k9PJ7KS4xulxPmuPN5pMJJT0rs+x
ReSlrxNSfQIqexsHnYmS94o662Hits+1JsOa4cDzuLvRHSdk+oNijZ7fhGQ0P6IV
5a4O3cgc1b1g9DJLt9oIOjhwQhepWuqb0Ub4bQFBk00/bCLe/Th5JDM=
-----END CERTIFICATE-----
Generated at Sun Nov 24 18:42:04 2024 by rpki-client on console-fra.rpki-client.org