Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3231322e302f32342d3234203d3e203432363839.roa
File: 3130392e3137352e3231322e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: tY1lbJ9LZealP+lpsw1xXKbjBFxj5LPAyw7t6q135DM=
Subject key identifier: CB:4C:63:20:33:AA:FB:84:BE:47:73:B5:3F:68:B8:45:EE:F2:D3:3B
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 7E6B00DB2B2BED0311591077C3B6E2447B5A5012
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3231322e302f32342d3234203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:13:31 +0000
ROA not before: Thu 07 Nov 2024 11:08:31 +0000
ROA not after: Thu 06 Nov 2025 11:13:31 +0000
asID: 42689
IP address blocks: 109.175.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:6b:00:db:2b:2b:ed:03:11:59:10:77:c3:b6:e2:44:7b:5a:50:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:08:31 2024 GMT
Not After : Nov 6 11:13:31 2025 GMT
Subject: CN=CB4C632033AAFB84BE4773B53F68B845EEF2D33B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a3:ca:a6:28:bc:74:6a:04:4f:2b:b8:52:46:
7c:1b:0b:cc:8d:76:08:05:bd:2a:fc:5a:23:2d:74:
b7:93:96:70:02:3b:a0:e1:43:db:0c:7b:39:1b:ae:
b2:a3:cd:89:28:71:18:86:4d:fa:cd:eb:15:1d:3a:
26:bd:e0:94:e4:f0:cd:14:76:0b:7a:b4:3a:7e:53:
02:07:da:70:af:da:a3:a9:0b:ba:25:39:fb:c3:03:
17:f3:da:50:21:24:4c:26:d1:91:2c:eb:ce:83:cf:
e5:8e:5e:ac:91:91:9b:65:58:88:4a:ad:da:2c:eb:
ae:0e:cc:07:bf:f0:c4:43:ca:97:f5:73:44:f8:77:
28:b3:74:c0:93:de:61:8b:2e:61:05:b3:33:d2:c5:
ef:92:be:b2:62:a6:c7:6b:f5:b9:58:d2:23:a8:a5:
ea:d2:c3:11:65:6b:34:3b:45:e6:2d:ef:3e:21:d6:
d5:f5:d3:e7:9c:48:65:58:39:9b:5d:39:80:e7:67:
61:55:1f:1f:9a:53:75:e3:df:2f:b4:7c:91:1d:07:
99:7d:d4:aa:e5:ec:c7:92:2b:83:a8:6e:b0:8d:67:
cf:43:6a:5e:2d:b2:27:40:25:3c:0c:b0:0a:0c:78:
a9:68:c4:b6:a1:3b:3b:1c:3a:c5:b1:24:90:a9:bb:
42:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:4C:63:20:33:AA:FB:84:BE:47:73:B5:3F:68:B8:45:EE:F2:D3:3B
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3231322e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.212.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:6e:84:99:f6:15:54:ab:67:98:46:9c:c6:f0:ce:5f:0a:bb:
cb:fb:00:df:3a:02:3d:97:44:60:13:b1:ec:05:42:15:dd:e9:
b7:09:b7:7d:77:39:81:fb:80:d0:f2:18:83:ed:e3:91:3b:b2:
a9:5b:8f:40:2f:60:a4:2d:c6:0f:22:ee:40:21:18:c2:38:38:
38:a5:59:15:e2:ee:0b:13:86:cc:98:42:88:c1:53:1c:50:79:
3f:e7:b8:c4:f7:ae:56:69:bb:83:89:33:bd:2e:ca:da:13:7e:
b4:35:1e:88:81:a9:f2:13:31:8b:14:f4:b3:1c:9f:e8:b7:24:
d9:6e:52:3d:ec:6a:16:f9:5c:2f:05:83:49:6e:1e:81:af:9b:
40:cb:4a:07:63:ac:a1:a0:9b:aa:ea:20:33:e7:aa:9f:24:4f:
33:b1:c9:ff:0e:3a:ca:23:18:36:f7:5d:85:a9:63:88:89:b8:
40:f0:17:54:e2:79:c6:96:4a:3f:de:f7:e5:ee:c2:ca:d9:8f:
b6:6a:15:ac:a0:56:82:14:5c:54:1d:a6:0d:fd:5c:01:67:77:
16:8f:6b:20:6e:72:c6:c2:73:79:0b:4b:ac:5c:5d:6e:9d:37:
d1:29:78:8c:5f:11:3c:20:ea:04:18:14:ea:d3:04:ab:7b:7e:
9d:6d:18:3b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfmsA2ysr7QMRWRB3w7biRHtaUBIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTA4MzFaFw0yNTExMDYxMTEzMzFaMDMxMTAvBgNV
BAMTKENCNEM2MzIwMzNBQUZCODRCRTQ3NzNCNTNGNjhCODQ1RUVGMkQzM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClo8qmKLx0agRPK7hSRnwbC8yN
dggFvSr8WiMtdLeTlnACO6DhQ9sMezkbrrKjzYkocRiGTfrN6xUdOia94JTk8M0U
dgt6tDp+UwIH2nCv2qOpC7olOfvDAxfz2lAhJEwm0ZEs686Dz+WOXqyRkZtlWIhK
rdos664OzAe/8MRDypf1c0T4dyizdMCT3mGLLmEFszPSxe+SvrJipsdr9blY0iOo
perSwxFlazQ7ReYt7z4h1tX10+ecSGVYOZtdOYDnZ2FVHx+aU3Xj3y+0fJEdB5l9
1Krl7MeSK4OobrCNZ89Dal4tsidAJTwMsAoMeKloxLahOzscOsWxJJCpu0LZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUy0xjIDOq+4S+R3O1P2i4Re7y0zswHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMTM3MzUyZTMy
MzEzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtr9QwDQYJKoZIhvcNAQELBQADggEBAA9uhJn2FVSrZ5hGnMbwzl8Ku8v7AN86
Aj2XRGATsewFQhXd6bcJt313OYH7gNDyGIPt45E7sqlbj0AvYKQtxg8i7kAhGMI4
ODilWRXi7gsThsyYQojBUxxQeT/nuMT3rlZpu4OJM70uytoTfrQ1HoiBqfITMYsU
9LMcn+i3JNluUj3sahb5XC8Fg0luHoGvm0DLSgdjrKGgm6rqIDPnqp8kTzOxyf8O
OsojGDb3XYWpY4iJuEDwF1TiecaWSj/e9+XuwsrZj7ZqFaygVoIUXFQdpg39XAFn
dxaPayBucsbCc3kLS6xcXW6dN9EpeIxfETwg6gQYFOrTBKt7fp1tGDs=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org