Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3231392e302f32342d3234203d3e203432363839.roa
File: 3130392e3137352e3231392e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: SOJHQDaJHi2h83gd+JztfVNiBLXpqXCOzl/TWzFsfgY=
Subject key identifier: 49:C2:EA:5A:F3:DB:0A:E9:AF:83:FC:7C:EB:B7:46:3A:E3:F3:17:2A
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 0FD5FB1D4364CDC008593F967A75407031364096
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3231392e302f32342d3234203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:13:58 +0000
ROA not before: Thu 07 Nov 2024 11:08:58 +0000
ROA not after: Thu 06 Nov 2025 11:13:58 +0000
asID: 42689
IP address blocks: 109.175.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:d5:fb:1d:43:64:cd:c0:08:59:3f:96:7a:75:40:70:31:36:40:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:08:58 2024 GMT
Not After : Nov 6 11:13:58 2025 GMT
Subject: CN=49C2EA5AF3DB0AE9AF83FC7CEBB7463AE3F3172A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:34:b1:95:79:2e:c5:43:aa:f4:42:f1:11:8d:
29:a4:2d:d6:31:41:f4:63:ef:e6:c5:a1:1a:d9:da:
95:95:18:e6:d6:4a:7b:28:7e:b8:db:05:86:b1:a5:
1d:fa:0a:b2:56:f8:10:81:42:19:2a:d5:11:df:d2:
32:01:a9:f8:6f:d6:1a:86:a4:24:e4:4a:f3:e3:d6:
3f:43:54:d8:92:54:90:50:05:02:3f:6b:fc:42:3f:
bf:1e:8e:df:47:13:a2:09:83:c1:22:d3:c7:09:76:
3c:81:c8:3b:4c:f5:20:29:1a:82:9b:21:e1:e1:23:
2b:ce:5f:3c:a9:be:56:1f:3d:32:cd:3b:86:5a:51:
68:43:c6:13:e8:bf:0b:54:08:32:a4:62:db:4f:5b:
1a:30:57:22:ff:8f:21:46:be:39:40:52:a9:95:38:
7d:b6:04:73:03:f3:70:5f:28:87:af:66:f9:92:5f:
41:1c:dd:8a:8e:a3:26:38:27:43:73:fe:22:80:5d:
a6:74:bd:88:f0:5c:fb:29:d1:bd:c3:19:96:d9:8a:
e3:e6:ec:95:45:5f:5e:36:fc:26:16:56:3c:59:29:
ff:9c:3f:76:d1:53:fc:4d:17:15:a3:77:65:a4:21:
19:5c:1b:c7:11:d6:82:a9:6c:92:fd:66:22:f7:bf:
7e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:C2:EA:5A:F3:DB:0A:E9:AF:83:FC:7C:EB:B7:46:3A:E3:F3:17:2A
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3231392e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.219.0/24
Signature Algorithm: sha256WithRSAEncryption
79:d9:af:60:2c:38:c3:c9:8e:d8:8f:7f:76:21:df:4f:59:ce:
1d:8c:c9:a7:aa:d1:49:9b:73:e3:49:49:7f:15:b6:b3:26:f4:
4b:9a:39:7b:19:ac:aa:0d:ca:df:c1:54:1a:ce:b2:c8:77:e7:
d9:ff:85:3c:0b:e5:f7:47:c4:a9:47:73:0a:dc:0f:71:8b:14:
e9:86:ed:0b:1d:c7:0e:0b:3f:e3:32:47:64:f7:7e:2f:82:24:
c4:f1:3e:31:45:a9:d6:85:63:73:d7:ef:49:d0:91:8c:cd:e0:
02:b6:d3:7a:c0:ba:0a:66:65:ef:b6:e0:45:52:25:f3:9f:32:
70:86:de:ab:b3:01:22:97:9d:c9:4b:4f:66:26:2d:61:f6:bf:
77:9a:89:f6:c9:c1:91:36:ae:a7:b3:c9:ba:e5:74:72:d3:72:
18:49:d1:c4:53:ed:3c:70:71:a8:bd:e4:bb:4e:0a:67:e4:b4:
74:99:a6:d3:08:86:0e:18:60:dd:21:63:99:c2:41:e1:e0:a3:
b2:83:bf:50:64:28:5c:81:f7:e8:66:d0:c9:81:66:d1:ff:01:
61:16:ac:cb:8e:51:5e:af:39:47:f3:a0:8d:db:23:e2:8f:5e:
2a:f1:b5:47:50:cb:07:69:fc:5f:f6:e8:5b:8e:38:ed:5b:26:
5e:7b:9c:aa
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUD9X7HUNkzcAIWT+WenVAcDE2QJYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTA4NThaFw0yNTExMDYxMTEzNThaMDMxMTAvBgNV
BAMTKDQ5QzJFQTVBRjNEQjBBRTlBRjgzRkM3Q0VCQjc0NjNBRTNGMzE3MkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFNLGVeS7FQ6r0QvERjSmkLdYx
QfRj7+bFoRrZ2pWVGObWSnsofrjbBYaxpR36CrJW+BCBQhkq1RHf0jIBqfhv1hqG
pCTkSvPj1j9DVNiSVJBQBQI/a/xCP78ejt9HE6IJg8Ei08cJdjyByDtM9SApGoKb
IeHhIyvOXzypvlYfPTLNO4ZaUWhDxhPovwtUCDKkYttPWxowVyL/jyFGvjlAUqmV
OH22BHMD83BfKIevZvmSX0Ec3YqOoyY4J0Nz/iKAXaZ0vYjwXPsp0b3DGZbZiuPm
7JVFX142/CYWVjxZKf+cP3bRU/xNFxWjd2WkIRlcG8cR1oKpbJL9ZiL3v35HAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUScLqWvPbCumvg/x867dGOuPzFyowHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMTM3MzUyZTMy
MzEzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtr9swDQYJKoZIhvcNAQELBQADggEBAHnZr2AsOMPJjtiPf3Yh309Zzh2Myaeq
0Umbc+NJSX8VtrMm9EuaOXsZrKoNyt/BVBrOssh359n/hTwL5fdHxKlHcwrcD3GL
FOmG7Qsdxw4LP+MyR2T3fi+CJMTxPjFFqdaFY3PX70nQkYzN4AK203rAugpmZe+2
4EVSJfOfMnCG3quzASKXnclLT2YmLWH2v3eaifbJwZE2rqezybrldHLTchhJ0cRT
7Txwcai95LtOCmfktHSZptMIhg4YYN0hY5nCQeHgo7KDv1BkKFyB9+hm0MmBZtH/
AWEWrMuOUV6vOUfzoI3bI+KPXirxtUdQywdp/F/26FuOOO1bJl57nKo=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org