Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3234382e302f32342d3234203d3e203432363839.roa
File: 3130392e3137352e3234382e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: EJ4a+E0iSfy6NRPeImNRZMTfOgLKEHRSSCNY+cwGIg4=
Subject key identifier: 7E:B7:D6:5F:97:3D:60:A8:64:45:FA:79:A7:F1:55:F1:2D:0C:E8:5F
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 7F7B4CEB98ACCD054A929B617BF158DA4A5576D6
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3234382e302f32342d3234203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:15:56 +0000
ROA not before: Thu 07 Nov 2024 11:10:56 +0000
ROA not after: Thu 06 Nov 2025 11:15:56 +0000
asID: 42689
IP address blocks: 109.175.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:7b:4c:eb:98:ac:cd:05:4a:92:9b:61:7b:f1:58:da:4a:55:76:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:10:56 2024 GMT
Not After : Nov 6 11:15:56 2025 GMT
Subject: CN=7EB7D65F973D60A86445FA79A7F155F12D0CE85F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f0:b7:49:07:92:e4:91:d1:0f:1f:77:c3:b2:
12:b4:1c:46:f0:16:23:8b:a6:af:2b:13:6d:d1:e9:
06:42:c4:c0:57:24:69:f4:3d:fc:26:91:4c:86:1a:
e8:b9:a3:98:12:36:fd:cb:c0:cc:96:9b:22:7d:b6:
ef:30:6f:1f:0a:17:55:cf:10:09:11:f8:32:00:df:
39:2d:85:ab:70:ae:63:4a:18:61:c3:13:c4:5d:69:
33:1d:17:e7:bc:6d:0b:9e:e5:c3:05:17:a3:36:49:
2f:2a:d6:a3:3b:32:2a:2a:0a:7d:78:88:d9:83:e0:
cc:64:d2:34:e2:e6:d5:9e:60:03:ec:27:73:4c:4e:
b9:bd:54:39:75:52:c0:73:48:d8:58:b2:dd:ba:bf:
9b:35:95:ff:a8:a4:92:dd:5c:ac:44:bc:cc:2e:8c:
3c:4f:1c:32:fc:57:65:74:76:83:7e:42:02:34:10:
af:5e:d2:f4:43:f8:9f:91:67:eb:eb:49:f1:98:d4:
b3:a0:e9:0a:4b:4e:4a:de:4d:55:d8:c1:8d:6e:09:
49:fc:b7:03:95:47:a2:28:6e:04:fd:c6:9b:4e:8d:
8b:51:ef:ae:de:1b:b4:56:2f:8c:c9:1c:b2:4b:b5:
9f:ae:0e:e1:59:3f:e0:74:90:0b:49:f0:88:a0:f9:
bf:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:B7:D6:5F:97:3D:60:A8:64:45:FA:79:A7:F1:55:F1:2D:0C:E8:5F
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3234382e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.248.0/24
Signature Algorithm: sha256WithRSAEncryption
11:ae:c2:a0:07:a6:bd:3c:d5:e4:13:ae:41:20:82:0b:ae:63:
7f:85:1e:77:ec:21:6f:ad:d3:85:7a:69:4b:83:bd:fa:da:d6:
8f:b0:1f:be:21:b0:71:1d:99:bb:25:87:84:a6:8a:df:12:05:
62:e3:9e:ce:7b:ae:fb:71:29:9f:31:be:74:d1:80:17:42:fc:
41:bf:74:e4:b5:3f:01:58:06:e0:e0:31:81:bd:45:f9:85:2d:
a6:68:3e:c8:18:89:3d:89:8b:ca:45:0c:f1:7b:b8:3d:bd:3e:
ee:21:79:87:56:34:af:3d:37:8e:7a:ec:f2:0d:58:8f:9b:54:
21:64:9b:bb:42:99:b2:a9:93:23:ee:3a:ca:b5:ca:13:8c:05:
0c:31:8b:f8:89:f4:5c:77:66:f6:d2:40:99:f8:9b:e5:44:dc:
37:96:46:47:97:70:55:1b:6a:0f:14:94:c9:7e:07:3b:fd:f3:
6e:73:be:4e:ed:51:ea:fb:0f:41:7b:48:24:93:c1:3e:a2:ed:
ad:26:b4:0d:28:8f:e8:76:28:2b:f5:c8:ae:8b:f3:cb:47:e2:
03:82:d8:53:57:d2:57:bb:54:d0:90:2f:0e:67:5c:da:45:0f:
b9:c4:17:8a:1d:a1:2d:fc:b5:93:53:aa:e3:ed:7d:51:b0:a8:
e5:97:eb:b3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUf3tM65iszQVKkpthe/FY2kpVdtYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTEwNTZaFw0yNTExMDYxMTE1NTZaMDMxMTAvBgNV
BAMTKDdFQjdENjVGOTczRDYwQTg2NDQ1RkE3OUE3RjE1NUYxMkQwQ0U4NUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH8LdJB5LkkdEPH3fDshK0HEbw
FiOLpq8rE23R6QZCxMBXJGn0PfwmkUyGGui5o5gSNv3LwMyWmyJ9tu8wbx8KF1XP
EAkR+DIA3zkthatwrmNKGGHDE8RdaTMdF+e8bQue5cMFF6M2SS8q1qM7MioqCn14
iNmD4Mxk0jTi5tWeYAPsJ3NMTrm9VDl1UsBzSNhYst26v5s1lf+opJLdXKxEvMwu
jDxPHDL8V2V0doN+QgI0EK9e0vRD+J+RZ+vrSfGY1LOg6QpLTkreTVXYwY1uCUn8
twOVR6IobgT9xptOjYtR767eG7RWL4zJHLJLtZ+uDuFZP+B0kAtJ8Iig+b/JAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUfrfWX5c9YKhkRfp5p/FV8S0M6F8wHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMTM3MzUyZTMy
MzQzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtr/gwDQYJKoZIhvcNAQELBQADggEBABGuwqAHpr081eQTrkEggguuY3+FHnfs
IW+t04V6aUuDvfra1o+wH74hsHEdmbslh4Smit8SBWLjns57rvtxKZ8xvnTRgBdC
/EG/dOS1PwFYBuDgMYG9RfmFLaZoPsgYiT2Ji8pFDPF7uD29Pu4heYdWNK89N456
7PINWI+bVCFkm7tCmbKpkyPuOsq1yhOMBQwxi/iJ9Fx3ZvbSQJn4m+VE3DeWRkeX
cFUbag8UlMl+Bzv9825zvk7tUer7D0F7SCSTwT6i7a0mtA0oj+h2KCv1yK6L88tH
4gOC2FNX0le7VNCQLw5nXNpFD7nEF4odoS38tZNTquPtfVGwqOWX67M=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org