Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3232302e302f32332d3233203d3e203432363839.roa
File: 3130392e3137352e3232302e302f32332d3233203d3e203432363839.roa (raw, json)
Hash identifier: fP/hBV2NH3he1msoB+dwTS3+TTJDqQRUg6NiaDpA7to=
Subject key identifier: C6:7C:44:32:3B:8D:DD:A9:F4:D8:06:4B:57:98:E8:7E:9F:10:51:74
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 15C85CB57388066234FBF60E953C625E94239655
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3232302e302f32332d3233203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:14:11 +0000
ROA not before: Thu 07 Nov 2024 11:09:11 +0000
ROA not after: Thu 06 Nov 2025 11:14:11 +0000
asID: 42689
IP address blocks: 109.175.220.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:c8:5c:b5:73:88:06:62:34:fb:f6:0e:95:3c:62:5e:94:23:96:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:09:11 2024 GMT
Not After : Nov 6 11:14:11 2025 GMT
Subject: CN=C67C44323B8DDDA9F4D8064B5798E87E9F105174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:32:51:0f:88:7f:47:ee:3c:e0:63:53:7f:be:
64:68:de:ef:4d:c2:6a:1c:28:b5:fd:5b:fd:e0:11:
74:e4:9a:2e:e8:d1:38:79:0d:96:77:e6:ad:01:4e:
f9:6c:49:93:c4:df:ea:38:73:59:ad:e4:3b:45:ba:
42:18:3f:94:55:cc:0a:92:f0:b0:96:df:f7:74:ee:
97:af:a2:a4:f5:81:1a:d5:80:26:c4:61:da:98:2a:
5d:19:4c:4d:77:c2:fb:ca:79:8f:9c:13:84:e1:b6:
06:ab:4f:88:b1:b2:79:ad:17:ea:52:6a:d8:c4:5f:
cb:6a:3d:58:9c:1e:23:0c:57:23:a9:c0:d6:14:c2:
85:0f:e6:2d:4e:2b:b4:66:47:6e:5d:bd:f3:43:f6:
01:59:c5:99:22:aa:9a:93:a8:20:fc:72:67:bd:bf:
a3:c5:d3:a2:a9:87:4a:8c:a3:98:08:5a:d8:a3:57:
42:9a:67:1a:88:8c:d3:f2:fe:cb:0b:df:b0:77:ec:
38:7e:65:dd:fb:84:06:13:5a:d5:2a:0e:08:77:c9:
f9:04:b7:4c:e4:f3:cc:d2:3a:ff:ac:63:0b:dd:3c:
8c:7a:44:9e:ca:17:32:80:2f:16:7b:5f:2a:4b:ba:
2d:67:37:e7:fe:22:79:0d:43:29:4d:93:f0:c4:1d:
90:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:7C:44:32:3B:8D:DD:A9:F4:D8:06:4B:57:98:E8:7E:9F:10:51:74
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3232302e302f32332d3233203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.220.0/23
Signature Algorithm: sha256WithRSAEncryption
30:21:38:b7:84:26:a9:69:dd:54:5b:27:2b:98:23:1d:40:44:
fe:48:54:89:d8:ed:34:ba:d2:f0:35:be:27:87:eb:77:1e:8d:
10:35:5c:0c:36:ab:35:a5:be:8f:22:fa:26:5f:f0:fa:1e:8b:
30:28:ac:be:2d:7b:0f:29:75:b1:ca:a0:03:4d:7b:98:49:23:
54:f0:53:2f:b2:3a:e8:7f:a8:99:07:60:96:75:67:c3:9a:32:
fe:40:58:4a:98:cc:16:87:92:72:a1:f0:d2:b8:0c:79:ca:d5:
b6:9a:c2:60:d7:f7:c4:14:69:c7:87:f1:c6:e5:92:e8:58:2c:
f0:ca:fc:c7:76:17:e8:18:a5:5b:93:4e:57:da:cc:94:0f:8d:
2a:5f:66:c3:09:5c:8c:6a:6c:e4:1f:38:24:cb:94:fe:7b:21:
ec:9a:55:42:2f:db:40:d2:27:1c:89:58:ff:0f:3f:be:ea:21:
73:cc:af:a1:2b:42:dc:aa:8f:fe:ef:54:a1:5c:eb:73:c4:73:
e9:80:3b:53:b1:ca:43:01:4e:24:02:41:54:10:e5:2d:8c:ce:
97:51:5e:5b:d9:7f:de:c5:c0:0d:99:d9:cd:10:18:49:2b:64:
cd:ad:65:1f:8e:6a:4f:7b:75:ef:d3:ae:1e:b9:55:59:c1:4c:
9a:42:21:98
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFchctXOIBmI0+/YOlTxiXpQjllUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTA5MTFaFw0yNTExMDYxMTE0MTFaMDMxMTAvBgNV
BAMTKEM2N0M0NDMyM0I4REREQTlGNEQ4MDY0QjU3OThFODdFOUYxMDUxNzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkMlEPiH9H7jzgY1N/vmRo3u9N
wmocKLX9W/3gEXTkmi7o0Th5DZZ35q0BTvlsSZPE3+o4c1mt5DtFukIYP5RVzAqS
8LCW3/d07pevoqT1gRrVgCbEYdqYKl0ZTE13wvvKeY+cE4ThtgarT4ixsnmtF+pS
atjEX8tqPVicHiMMVyOpwNYUwoUP5i1OK7RmR25dvfND9gFZxZkiqpqTqCD8cme9
v6PF06Kph0qMo5gIWtijV0KaZxqIjNPy/ssL37B37Dh+Zd37hAYTWtUqDgh3yfkE
t0zk88zSOv+sYwvdPIx6RJ7KFzKALxZ7XypLui1nN+f+InkNQylNk/DEHZDBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUxnxEMjuN3an02AZLV5jofp8QUXQwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMTM3MzUyZTMy
MzIzMDJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFtr9wwDQYJKoZIhvcNAQELBQADggEBADAhOLeEJqlp3VRbJyuYIx1ARP5IVInY
7TS60vA1vieH63cejRA1XAw2qzWlvo8i+iZf8PoeizAorL4tew8pdbHKoANNe5hJ
I1TwUy+yOuh/qJkHYJZ1Z8OaMv5AWEqYzBaHknKh8NK4DHnK1baawmDX98QUaceH
8cblkuhYLPDK/Md2F+gYpVuTTlfazJQPjSpfZsMJXIxqbOQfOCTLlP57IeyaVUIv
20DSJxyJWP8PP77qIXPMr6ErQtyqj/7vVKFc63PEc+mAO1OxykMBTiQCQVQQ5S2M
zpdRXlvZf97FwA2Z2c0QGEkrZM2tZR+Oak97de/Trh65VVnBTJpCIZg=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org