Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3231342e302f32342d3234203d3e203432363839.roa
File: 3130392e3137352e3231342e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: TdlbKdxLdn/Hxml+1wBB0TePmZGei+6XlIhxcUYJQK0=
Subject key identifier: 5B:5F:06:C0:17:1A:6C:B7:B4:39:AA:3F:25:DA:71:A5:DB:F8:C9:32
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 4C9F85BBBB9D55AB2C600563CB8ABC39D74E7B69
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3231342e302f32342d3234203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:13:45 +0000
ROA not before: Thu 07 Nov 2024 11:08:45 +0000
ROA not after: Thu 06 Nov 2025 11:13:45 +0000
asID: 42689
IP address blocks: 109.175.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:9f:85:bb:bb:9d:55:ab:2c:60:05:63:cb:8a:bc:39:d7:4e:7b:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:08:45 2024 GMT
Not After : Nov 6 11:13:45 2025 GMT
Subject: CN=5B5F06C0171A6CB7B439AA3F25DA71A5DBF8C932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:62:03:84:6b:b7:88:f8:bb:e6:f0:9c:ed:b2:
43:84:47:d4:be:19:76:ba:ee:55:f1:43:b7:c0:85:
e3:8a:7f:51:af:05:c8:45:65:f9:88:16:98:1c:b1:
88:c7:0c:42:69:6b:3a:8f:a2:10:c9:24:72:a5:a1:
dd:67:40:ad:b5:46:2b:1d:13:fd:44:5c:a9:e8:6e:
81:6e:2a:83:35:e3:4d:e3:b1:bf:e9:f6:81:08:5c:
00:2d:8d:73:e3:fb:90:b8:6d:cc:8e:79:b9:11:f6:
a2:f8:03:75:8e:7f:a3:86:00:3d:cf:f6:3b:e1:31:
d8:50:16:d9:e7:38:29:a9:42:1f:ce:9f:9e:ae:2b:
00:41:19:e6:36:73:2f:39:78:67:35:4d:15:01:d1:
5c:37:15:3f:bd:1e:1c:e6:9c:68:70:7c:66:0a:aa:
05:b3:b8:a2:b2:e1:6e:97:63:bc:63:8f:04:8e:9f:
89:97:1b:95:b4:52:ab:e8:2f:d6:ee:c6:06:88:74:
be:4d:e8:74:65:2f:ad:7b:22:c0:98:67:ae:00:01:
f0:4b:9b:c0:6e:01:0f:51:91:89:11:fe:b1:e2:38:
9f:e4:4f:16:ca:91:ff:91:34:3e:4f:2a:f9:bb:22:
ca:7e:5d:5b:7e:f3:2b:48:f2:b1:7b:df:b4:61:4a:
62:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:5F:06:C0:17:1A:6C:B7:B4:39:AA:3F:25:DA:71:A5:DB:F8:C9:32
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3231342e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.214.0/24
Signature Algorithm: sha256WithRSAEncryption
17:34:d9:e9:3f:96:d5:1a:6e:e1:aa:ae:0a:4c:e5:30:d7:88:
6a:fc:53:be:3f:ba:bf:c5:77:7a:0c:f8:7b:a4:78:0b:1d:d3:
92:df:92:e2:1c:5f:a1:a2:07:93:52:45:73:8c:f9:f1:13:30:
bb:a4:ec:f3:0a:53:d8:33:e7:d1:31:5d:24:aa:b3:03:a1:67:
61:98:b5:92:8c:31:d2:a5:e4:16:1d:39:f1:d1:53:f3:fe:73:
ff:38:c6:58:95:b9:a7:c7:e6:0e:c0:5d:93:5a:f8:06:9b:0e:
42:15:41:f7:b3:da:2c:4e:9e:04:32:16:e0:7a:d5:91:55:64:
f0:81:5d:ac:1c:a0:52:6c:4a:45:c9:e6:d2:05:93:18:3e:9b:
74:99:7b:6e:ca:8f:9c:33:0f:30:95:3d:55:f4:51:4c:a2:eb:
ff:9b:7e:b4:3b:59:a4:85:d6:a3:10:a3:19:5a:38:0e:9b:46:
5a:82:d2:cf:c9:b1:97:69:59:2c:56:72:7d:11:72:05:6b:8d:
86:ef:5e:6a:5a:55:60:bc:b4:26:32:57:94:a9:6e:92:e1:de:
60:03:83:4a:59:17:5c:f1:3b:66:65:60:41:43:cf:ff:6a:25:
49:eb:9c:d8:be:90:fc:ab:b2:b0:02:e6:9b:9b:f6:9f:e1:13:
61:5b:06:fe
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTJ+Fu7udVassYAVjy4q8OddOe2kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTA4NDVaFw0yNTExMDYxMTEzNDVaMDMxMTAvBgNV
BAMTKDVCNUYwNkMwMTcxQTZDQjdCNDM5QUEzRjI1REE3MUE1REJGOEM5MzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJYgOEa7eI+Lvm8JztskOER9S+
GXa67lXxQ7fAheOKf1GvBchFZfmIFpgcsYjHDEJpazqPohDJJHKlod1nQK21Risd
E/1EXKnoboFuKoM1403jsb/p9oEIXAAtjXPj+5C4bcyOebkR9qL4A3WOf6OGAD3P
9jvhMdhQFtnnOCmpQh/On56uKwBBGeY2cy85eGc1TRUB0Vw3FT+9HhzmnGhwfGYK
qgWzuKKy4W6XY7xjjwSOn4mXG5W0UqvoL9buxgaIdL5N6HRlL617IsCYZ64AAfBL
m8BuAQ9RkYkR/rHiOJ/kTxbKkf+RND5PKvm7Isp+XVt+8ytI8rF737RhSmItAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUW18GwBcabLe0Oao/Jdpxpdv4yTIwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMTM3MzUyZTMy
MzEzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtr9YwDQYJKoZIhvcNAQELBQADggEBABc02ek/ltUabuGqrgpM5TDXiGr8U74/
ur/Fd3oM+HukeAsd05LfkuIcX6GiB5NSRXOM+fETMLuk7PMKU9gz59ExXSSqswOh
Z2GYtZKMMdKl5BYdOfHRU/P+c/84xliVuafH5g7AXZNa+AabDkIVQfez2ixOngQy
FuB61ZFVZPCBXawcoFJsSkXJ5tIFkxg+m3SZe27Kj5wzDzCVPVX0UUyi6/+bfrQ7
WaSF1qMQoxlaOA6bRlqC0s/JsZdpWSxWcn0RcgVrjYbvXmpaVWC8tCYyV5SpbpLh
3mADg0pZF1zxO2ZlYEFDz/9qJUnrnNi+kPyrsrAC5pub9p/hE2FbBv4=
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:18:34 2024 by rpki-client on console-ams.rpki-client.org