Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3232332e302f32342d3234203d3e203432363839.roa
File: 3130392e3137352e3232332e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: 4OLju1DZUCefPsCLu30dadki2x2Fmz7hYcwZquZYjYs=
Subject key identifier: 50:AF:8A:C7:6D:62:C1:05:00:01:D5:B0:2C:05:67:B3:7F:FD:B3:C8
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 26D75E747FF42C6061CF5541C881642C297A54BE
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3232332e302f32342d3234203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:14:25 +0000
ROA not before: Thu 07 Nov 2024 11:09:25 +0000
ROA not after: Thu 06 Nov 2025 11:14:25 +0000
asID: 42689
IP address blocks: 109.175.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:d7:5e:74:7f:f4:2c:60:61:cf:55:41:c8:81:64:2c:29:7a:54:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:09:25 2024 GMT
Not After : Nov 6 11:14:25 2025 GMT
Subject: CN=50AF8AC76D62C1050001D5B02C0567B37FFDB3C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:fb:bd:b5:a8:5d:32:3d:fe:a5:d8:6a:45:c9:
70:91:e5:48:0f:ca:f0:65:bb:9f:bc:9d:0f:00:a0:
be:6a:09:1e:ed:79:38:d2:b6:90:e9:8d:1b:bd:60:
97:9f:5f:f1:6b:2c:72:a9:8c:ec:2f:be:b8:f2:6a:
cc:b4:ff:a2:8f:30:7c:21:3e:8d:b9:8d:ac:7b:26:
b3:16:d4:e5:09:03:56:88:30:75:d9:84:32:ed:9b:
7e:d2:07:94:50:66:73:dc:79:a9:ac:21:4e:af:44:
4a:e4:31:cd:ba:a8:3b:4c:cb:f7:7f:8e:07:cb:1e:
66:9c:37:e4:77:32:4e:5f:e8:87:6e:5c:9d:a9:86:
13:58:cb:78:b5:4b:8d:2a:c0:34:a1:18:96:8b:8f:
59:a7:1f:bb:19:d3:43:f2:88:c3:47:95:9e:64:4d:
97:ca:72:f3:16:3c:b4:9b:1b:6b:28:aa:55:50:60:
9f:6b:0a:bd:56:4d:be:08:1c:5a:a3:43:e0:6e:17:
1a:a8:b6:43:5e:55:ea:a4:1b:74:08:3b:70:73:5e:
76:f7:19:47:93:e9:42:b9:9f:08:fc:48:3e:a1:32:
34:5e:a5:0b:e1:46:2c:82:b8:c9:6b:2d:c2:62:45:
27:39:d9:56:df:11:b5:2b:9d:0b:b5:58:92:b0:cb:
83:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:AF:8A:C7:6D:62:C1:05:00:01:D5:B0:2C:05:67:B3:7F:FD:B3:C8
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3232332e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.223.0/24
Signature Algorithm: sha256WithRSAEncryption
64:bf:28:b1:5a:8e:b3:5a:fb:55:3f:bb:79:e1:ac:b5:70:ff:
f0:e1:54:b8:0c:36:3a:9d:f9:a9:a5:6a:ec:3d:80:db:0f:9f:
e6:f4:0c:c4:44:31:87:ef:25:7e:3c:26:eb:8c:5d:99:37:f3:
cd:9a:eb:88:66:1a:12:8a:af:74:38:52:d5:f1:9f:d3:97:70:
ab:53:e8:40:14:e6:35:e1:e5:17:87:17:cd:cc:5b:77:65:0e:
ce:88:07:e9:19:44:66:84:fa:89:90:79:10:19:d8:01:b9:f7:
80:d6:a2:fb:77:25:68:ec:ff:30:25:17:f8:f4:08:dc:cb:b0:
73:c5:18:a6:cd:88:d0:68:ce:ca:5c:f8:a8:16:6c:0d:bb:d7:
b7:04:26:c0:42:67:ec:7f:ac:01:bc:b7:a0:b1:83:a2:3c:96:
cd:3f:53:af:0f:a4:01:4d:a3:3d:86:41:62:46:5e:67:1b:43:
9d:bd:86:ac:a6:40:f8:7d:da:b5:cd:ec:5a:2d:83:8c:5a:e4:
e1:d1:3e:91:2b:4d:3c:04:c2:8d:59:eb:07:fc:07:6a:91:1f:
cc:22:a3:db:7c:a4:d2:de:9f:a2:86:74:70:b8:7f:4a:32:09:
2f:5f:b3:f9:9a:7e:e8:c0:0c:5d:76:a2:05:a4:3b:a0:ad:94:
e4:83:2b:29
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJtdedH/0LGBhz1VByIFkLCl6VL4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTA5MjVaFw0yNTExMDYxMTE0MjVaMDMxMTAvBgNV
BAMTKDUwQUY4QUM3NkQ2MkMxMDUwMDAxRDVCMDJDMDU2N0IzN0ZGREIzQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0+721qF0yPf6l2GpFyXCR5UgP
yvBlu5+8nQ8AoL5qCR7teTjStpDpjRu9YJefX/FrLHKpjOwvvrjyasy0/6KPMHwh
Po25jax7JrMW1OUJA1aIMHXZhDLtm37SB5RQZnPceamsIU6vRErkMc26qDtMy/d/
jgfLHmacN+R3Mk5f6IduXJ2phhNYy3i1S40qwDShGJaLj1mnH7sZ00PyiMNHlZ5k
TZfKcvMWPLSbG2soqlVQYJ9rCr1WTb4IHFqjQ+BuFxqotkNeVeqkG3QIO3BzXnb3
GUeT6UK5nwj8SD6hMjRepQvhRiyCuMlrLcJiRSc52VbfEbUrnQu1WJKwy4OjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUUK+Kx21iwQUAAdWwLAVns3/9s8gwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMTM3MzUyZTMy
MzIzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtr98wDQYJKoZIhvcNAQELBQADggEBAGS/KLFajrNa+1U/u3nhrLVw//DhVLgM
Njqd+amlauw9gNsPn+b0DMREMYfvJX48JuuMXZk3882a64hmGhKKr3Q4UtXxn9OX
cKtT6EAU5jXh5ReHF83MW3dlDs6IB+kZRGaE+omQeRAZ2AG594DWovt3JWjs/zAl
F/j0CNzLsHPFGKbNiNBozspc+KgWbA2717cEJsBCZ+x/rAG8t6Cxg6I8ls0/U68P
pAFNoz2GQWJGXmcbQ529hqymQPh92rXN7Fotg4xa5OHRPpErTTwEwo1Z6wf8B2qR
H8wio9t8pNLen6KGdHC4f0oyCS9fs/mafujADF12ogWkO6CtlOSDKyk=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org