Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3232342e302f32342d3234203d3e203432363839.roa
File: 3130392e3137352e3232342e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: mhd2UI1CwQ7Td0WH5yUyc4m4m7kLvuAFPEG016XYAOk=
Subject key identifier: 9D:23:20:B9:89:F9:28:51:FF:6D:17:6E:AF:12:8F:E5:03:71:1D:C3
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 303560FF5BFB7BC32B42A03A94C0288C6B41BE1E
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3232342e302f32342d3234203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:14:38 +0000
ROA not before: Thu 07 Nov 2024 11:09:38 +0000
ROA not after: Thu 06 Nov 2025 11:14:38 +0000
asID: 42689
IP address blocks: 109.175.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:35:60:ff:5b:fb:7b:c3:2b:42:a0:3a:94:c0:28:8c:6b:41:be:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:09:38 2024 GMT
Not After : Nov 6 11:14:38 2025 GMT
Subject: CN=9D2320B989F92851FF6D176EAF128FE503711DC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b1:ba:17:df:a0:58:19:e5:5f:11:a3:5b:7d:
69:48:d2:3d:19:02:7c:f1:f7:6f:c8:b4:9d:af:fb:
5e:2e:80:06:af:1a:66:d3:fb:67:b6:9a:a4:a4:25:
33:7a:1d:48:a3:fb:38:8a:a8:c3:25:b7:2e:31:7b:
6f:09:53:64:ae:8d:ef:5f:07:47:bd:54:42:2f:7e:
10:05:ee:dc:85:1c:1a:e4:90:b6:30:4f:ba:22:42:
d8:69:4d:86:74:24:2e:8d:f2:89:96:b8:5d:33:e4:
b7:c2:65:7c:f3:cf:9c:21:ea:89:14:04:20:ba:c9:
37:29:c4:35:e6:6d:b8:e1:d8:c4:ff:30:1a:c6:df:
9f:ee:4e:00:ac:f8:5b:e2:9e:12:9c:7e:a3:42:c6:
96:d7:0e:60:da:14:e8:c7:76:41:e0:b8:87:1e:54:
9e:af:76:27:a0:56:2c:0e:88:79:a4:0f:42:e4:e6:
e7:72:99:a6:b2:1f:a0:92:30:0d:dd:9a:c0:f2:da:
ab:06:61:a8:3d:de:9d:ab:ba:89:1f:92:60:32:91:
ee:b4:44:a9:3d:ff:14:df:99:b6:77:81:3c:9f:1b:
ee:8d:51:94:63:d3:b8:f2:37:0f:f2:c6:c0:f6:5e:
29:90:fc:ca:d8:89:c7:96:75:c7:12:82:9c:e0:aa:
fe:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:23:20:B9:89:F9:28:51:FF:6D:17:6E:AF:12:8F:E5:03:71:1D:C3
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3232342e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.224.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:41:b3:0e:81:4c:05:a9:c2:d6:3b:08:1b:c4:35:35:87:cb:
eb:52:5d:e5:f7:07:2d:66:5e:c9:5a:e0:9d:1d:2f:cf:8c:d6:
dc:3c:1e:7a:da:3a:62:1b:40:49:62:ba:aa:83:a4:80:0c:e0:
db:38:e3:be:28:6f:8d:19:5b:9b:61:bd:7c:c9:d2:6b:35:09:
54:f4:7f:2e:d1:4a:09:0e:3d:7f:18:ea:1d:8d:8e:49:a2:60:
4f:8c:19:43:2e:af:c1:b4:04:32:bc:8b:99:73:08:8c:6f:6d:
bb:9b:35:98:7d:60:1c:ef:59:9e:f4:14:f2:ce:52:ce:c7:fe:
aa:35:04:a6:22:96:e3:fc:f5:b0:45:23:91:0c:de:c7:d3:2b:
fb:d9:f9:ca:e8:95:ea:9f:41:e4:0d:e5:22:45:93:e0:ae:9e:
92:51:ea:98:42:b3:b8:05:1d:ac:1d:0e:8b:2d:b4:c8:bb:31:
00:e5:83:f0:87:e8:23:45:25:46:ba:cf:ae:e9:e9:e5:df:cc:
53:8e:81:44:b0:0f:10:d6:25:3f:74:a6:77:8d:2b:52:c7:eb:
e4:0b:ce:e9:d5:d2:95:67:95:e6:5d:9f:c3:ff:58:65:c4:2c:
be:42:b2:36:5d:2c:a9:a7:c6:c8:92:17:da:ad:28:13:b0:5d:
04:db:f8:a1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMDVg/1v7e8MrQqA6lMAojGtBvh4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTA5MzhaFw0yNTExMDYxMTE0MzhaMDMxMTAvBgNV
BAMTKDlEMjMyMEI5ODlGOTI4NTFGRjZEMTc2RUFGMTI4RkU1MDM3MTFEQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFsboX36BYGeVfEaNbfWlI0j0Z
Anzx92/ItJ2v+14ugAavGmbT+2e2mqSkJTN6HUij+ziKqMMlty4xe28JU2Suje9f
B0e9VEIvfhAF7tyFHBrkkLYwT7oiQthpTYZ0JC6N8omWuF0z5LfCZXzzz5wh6okU
BCC6yTcpxDXmbbjh2MT/MBrG35/uTgCs+FvinhKcfqNCxpbXDmDaFOjHdkHguIce
VJ6vdiegViwOiHmkD0Lk5udymaayH6CSMA3dmsDy2qsGYag93p2ruokfkmAyke60
RKk9/xTfmbZ3gTyfG+6NUZRj07jyNw/yxsD2XimQ/MrYiceWdccSgpzgqv4LAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUnSMguYn5KFH/bRdurxKP5QNxHcMwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMTM3MzUyZTMy
MzIzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtr+AwDQYJKoZIhvcNAQELBQADggEBAB9Bsw6BTAWpwtY7CBvENTWHy+tSXeX3
By1mXsla4J0dL8+M1tw8HnraOmIbQEliuqqDpIAM4Ns4474ob40ZW5thvXzJ0ms1
CVT0fy7RSgkOPX8Y6h2NjkmiYE+MGUMur8G0BDK8i5lzCIxvbbubNZh9YBzvWZ70
FPLOUs7H/qo1BKYiluP89bBFI5EM3sfTK/vZ+croleqfQeQN5SJFk+CunpJR6phC
s7gFHawdDosttMi7MQDlg/CH6CNFJUa6z67p6eXfzFOOgUSwDxDWJT90pneNK1LH
6+QLzunV0pVnleZdn8P/WGXELL5CsjZdLKmnxsiSF9qtKBOwXQTb+KE=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org