Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3234302e302f32342d3234203d3e203432363839.roa
File: 3130392e3137352e3234302e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: X34eP8jOGwL2KQyg8wD1ZWYyOlxDOwMpnWuTW7CKgp4=
Subject key identifier: 7C:E6:94:B5:4B:49:FF:DC:8B:67:B9:98:8F:E6:F9:31:20:AF:47:94
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 5115A4590162375A23F519AF960642FEC9570B7F
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3234302e302f32342d3234203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:15:22 +0000
ROA not before: Thu 07 Nov 2024 11:10:22 +0000
ROA not after: Thu 06 Nov 2025 11:15:22 +0000
asID: 42689
IP address blocks: 109.175.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:15:a4:59:01:62:37:5a:23:f5:19:af:96:06:42:fe:c9:57:0b:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:10:22 2024 GMT
Not After : Nov 6 11:15:22 2025 GMT
Subject: CN=7CE694B54B49FFDC8B67B9988FE6F93120AF4794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:05:9b:74:4c:10:aa:d5:d6:14:3a:78:2c:15:
cf:49:37:4a:1c:d1:10:bc:60:32:2f:7f:cb:b7:95:
f0:c0:0c:f0:18:6e:f0:e7:c8:98:51:7d:0a:65:fb:
22:26:97:db:b2:8a:f5:93:99:95:a3:b1:8b:bf:6c:
90:84:75:6a:a8:59:54:a4:92:d5:e1:a2:66:6d:8d:
4e:96:45:74:b9:cc:0f:22:dc:90:02:26:cd:66:3f:
89:d1:b7:e0:cb:42:0a:83:6a:52:f0:b7:a6:19:68:
36:55:d7:6b:7d:c0:3d:73:5b:42:41:b4:c2:34:d9:
4a:e9:59:67:cd:45:85:99:c0:37:e4:ed:83:37:b7:
c5:28:d0:f9:06:81:50:19:ce:59:69:5e:a0:7b:2e:
9a:5b:07:36:87:ed:67:94:4c:55:b3:e3:91:5c:a7:
46:a7:da:da:c0:df:ae:c0:11:02:4f:0f:83:24:63:
7b:f6:b8:4a:5b:74:bb:49:e2:5d:6d:4e:72:00:7e:
cc:81:9f:9a:ff:9c:a9:aa:1b:fb:b5:38:e9:a5:82:
50:ae:8a:81:2c:05:1e:69:e1:50:0f:6a:b8:7c:67:
42:6a:2b:18:e9:ec:58:df:a0:c6:51:67:d6:ce:2c:
51:c9:06:82:3e:a2:bb:e2:94:48:4a:20:bd:9e:e3:
84:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:E6:94:B5:4B:49:FF:DC:8B:67:B9:98:8F:E6:F9:31:20:AF:47:94
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3234302e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.240.0/24
Signature Algorithm: sha256WithRSAEncryption
81:bc:c4:9c:ab:0e:25:1b:3a:29:53:17:05:22:0b:0c:22:dd:
eb:53:14:d9:47:b2:79:f1:b8:0b:f2:7a:7d:71:a7:99:7f:9d:
28:31:ae:c0:f5:5f:5c:6e:f3:ff:c1:a7:04:6e:38:28:94:7b:
f5:5f:f6:35:fb:c7:00:2e:e2:86:ae:ae:05:71:3e:c9:5a:a5:
fa:78:73:43:df:57:54:17:6f:23:c9:10:56:7d:64:57:e3:ed:
87:c4:1d:6f:c2:31:91:d5:da:ae:8c:9d:d1:cb:27:c4:a1:85:
68:96:0a:6f:11:93:43:57:88:46:63:d5:fe:fb:eb:0d:bd:05:
85:86:45:10:41:59:cd:9d:7a:25:fa:ab:1b:32:a3:6a:f8:3b:
29:ab:54:c6:96:e5:9b:98:4d:b3:35:af:74:32:db:ce:0a:d8:
9b:f1:61:23:cd:3a:a6:b6:01:ba:4e:80:d3:78:ab:7c:b0:33:
a6:cb:8f:9a:26:ac:fb:21:84:4d:80:d3:f5:52:44:78:b8:5d:
10:b3:85:98:d8:c9:08:00:53:3b:cd:07:61:46:54:fe:c4:fc:
8a:33:f2:6f:0c:56:2e:f5:6c:71:3b:a1:64:27:6d:1c:81:87:
4d:37:1f:68:40:08:8e:de:ad:5a:06:c9:86:b7:e7:1b:60:fe:
87:1c:54:12
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUURWkWQFiN1oj9RmvlgZC/slXC38wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTEwMjJaFw0yNTExMDYxMTE1MjJaMDMxMTAvBgNV
BAMTKDdDRTY5NEI1NEI0OUZGREM4QjY3Qjk5ODhGRTZGOTMxMjBBRjQ3OTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClBZt0TBCq1dYUOngsFc9JN0oc
0RC8YDIvf8u3lfDADPAYbvDnyJhRfQpl+yIml9uyivWTmZWjsYu/bJCEdWqoWVSk
ktXhomZtjU6WRXS5zA8i3JACJs1mP4nRt+DLQgqDalLwt6YZaDZV12t9wD1zW0JB
tMI02UrpWWfNRYWZwDfk7YM3t8Uo0PkGgVAZzllpXqB7LppbBzaH7WeUTFWz45Fc
p0an2trA367AEQJPD4MkY3v2uEpbdLtJ4l1tTnIAfsyBn5r/nKmqG/u1OOmlglCu
ioEsBR5p4VAParh8Z0JqKxjp7FjfoMZRZ9bOLFHJBoI+orvilEhKIL2e44QLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUfOaUtUtJ/9yLZ7mYj+b5MSCvR5QwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMTM3MzUyZTMy
MzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtr/AwDQYJKoZIhvcNAQELBQADggEBAIG8xJyrDiUbOilTFwUiCwwi3etTFNlH
snnxuAvyen1xp5l/nSgxrsD1X1xu8//BpwRuOCiUe/Vf9jX7xwAu4oaurgVxPsla
pfp4c0PfV1QXbyPJEFZ9ZFfj7YfEHW/CMZHV2q6MndHLJ8ShhWiWCm8Rk0NXiEZj
1f776w29BYWGRRBBWc2deiX6qxsyo2r4OymrVMaW5ZuYTbM1r3Qy284K2JvxYSPN
Oqa2AbpOgNN4q3ywM6bLj5omrPshhE2A0/VSRHi4XRCzhZjYyQgAUzvNB2FGVP7E
/Ioz8m8MVi71bHE7oWQnbRyBh003H2hACI7erVoGyYa35xtg/occVBI=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org