Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3235322e302f32332d3233203d3e203432363839.roa
File: 3130392e3137352e3235322e302f32332d3233203d3e203432363839.roa (raw, json)
Hash identifier: jSNBj4K816/05iCQDVhdOn0iDBijENItUh2lNLhs4gk=
Subject key identifier: A1:9C:1F:8F:D6:E3:BF:F7:53:40:0E:E5:DA:A4:7E:AA:3B:DB:C9:4A
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 05F084DD36735AD7AAA1916A356628B6A8A69BBA
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3235322e302f32332d3233203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:16:23 +0000
ROA not before: Thu 07 Nov 2024 11:11:23 +0000
ROA not after: Thu 06 Nov 2025 11:16:23 +0000
asID: 42689
IP address blocks: 109.175.252.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:f0:84:dd:36:73:5a:d7:aa:a1:91:6a:35:66:28:b6:a8:a6:9b:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:11:23 2024 GMT
Not After : Nov 6 11:16:23 2025 GMT
Subject: CN=A19C1F8FD6E3BFF753400EE5DAA47EAA3BDBC94A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:ec:59:36:3a:37:8b:b7:d6:3c:ea:c5:ad:ad:
e7:fa:5c:b2:44:d5:9d:d4:42:3b:8f:ea:98:d9:23:
99:f9:b2:ba:52:5a:67:b5:30:6e:e7:00:26:35:01:
25:dc:be:94:8d:17:ed:0c:2a:42:c9:c7:4f:7c:30:
93:49:2c:ce:e5:7c:94:97:ed:f1:70:e0:98:39:0e:
6c:62:af:05:c6:63:aa:4d:87:27:95:2f:5f:6d:d3:
ff:53:d1:19:0e:fe:38:84:1b:9d:21:a0:16:dd:a2:
7c:99:6d:3d:f6:c3:94:4f:a7:82:7c:d1:32:b8:4d:
ac:e6:da:c4:4c:35:28:86:3c:ed:d0:13:e2:cc:f6:
e8:21:8e:3d:2f:7a:a2:fd:8e:74:2f:d8:45:4e:87:
f8:79:18:07:15:8a:9c:fd:37:42:1a:1a:62:04:37:
14:7f:5b:d2:9b:f2:36:46:f9:e3:09:2d:7d:73:a8:
11:b6:b8:35:55:78:bf:e6:a0:85:3c:23:8f:ab:46:
a6:e3:6f:fe:46:e3:0d:18:fc:f2:1a:dc:00:8e:03:
37:5d:c1:70:12:65:3a:37:75:c8:8a:2b:0f:ef:01:
98:b4:d6:89:6a:b9:b2:e5:35:7a:6a:b5:71:dc:8f:
00:26:b3:b7:14:ed:13:19:c3:41:e9:d1:66:17:42:
97:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:9C:1F:8F:D6:E3:BF:F7:53:40:0E:E5:DA:A4:7E:AA:3B:DB:C9:4A
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3137352e3235322e302f32332d3233203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.252.0/23
Signature Algorithm: sha256WithRSAEncryption
65:93:96:ce:f0:61:94:54:ef:e8:bf:e1:84:2b:8d:15:87:92:
24:b0:35:64:85:a0:f8:c0:a1:a1:4f:91:d8:5b:a8:38:50:ac:
f4:6b:6a:4f:c6:e0:d8:cb:f9:9c:4d:b4:e4:8b:3d:ec:65:ee:
87:9c:ad:61:85:8b:7a:4e:b1:e4:d1:c8:33:39:e9:91:ff:58:
64:f3:18:a9:41:26:ee:84:69:e4:1c:9c:27:1c:7d:e7:28:2f:
5b:de:6a:3d:6d:45:2b:ce:24:0a:be:69:41:0a:18:6d:9a:3a:
02:f1:09:46:be:59:65:58:0c:ac:78:d5:73:4a:1b:4e:74:46:
b9:e0:10:e4:8b:ec:3e:7e:66:e2:70:09:bb:91:51:0c:38:fd:
3c:f3:0c:45:cc:79:dc:2e:64:ae:f2:9d:96:29:36:44:90:8f:
b5:6f:87:5c:95:1f:16:ac:dc:78:85:3a:dd:b9:1f:e9:b1:b8:
8d:d9:d4:11:16:59:31:e8:46:08:9a:15:f8:00:14:87:6b:f5:
cc:50:5f:2f:b3:22:ad:8d:25:a5:1d:99:b3:67:c5:37:54:25:
b6:b8:17:93:21:dc:36:9b:a9:7a:02:bb:9e:e1:98:e1:1a:dc:
ba:65:a9:23:1c:43:6a:20:d5:8c:87:37:22:db:a2:3d:a0:c4:
01:f7:c1:05
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUBfCE3TZzWteqoZFqNWYotqimm7owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTExMjNaFw0yNTExMDYxMTE2MjNaMDMxMTAvBgNV
BAMTKEExOUMxRjhGRDZFM0JGRjc1MzQwMEVFNURBQTQ3RUFBM0JEQkM5NEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDm7Fk2OjeLt9Y86sWtref6XLJE
1Z3UQjuP6pjZI5n5srpSWme1MG7nACY1ASXcvpSNF+0MKkLJx098MJNJLM7lfJSX
7fFw4Jg5DmxirwXGY6pNhyeVL19t0/9T0RkO/jiEG50hoBbdonyZbT32w5RPp4J8
0TK4Tazm2sRMNSiGPO3QE+LM9ughjj0veqL9jnQv2EVOh/h5GAcVipz9N0IaGmIE
NxR/W9Kb8jZG+eMJLX1zqBG2uDVVeL/moIU8I4+rRqbjb/5G4w0Y/PIa3ACOAzdd
wXASZTo3dciKKw/vAZi01olqubLlNXpqtXHcjwAms7cU7RMZw0Hp0WYXQpfvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUoZwfj9bjv/dTQA7l2qR+qjvbyUowHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMTM3MzUyZTMy
MzUzMjJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFtr/wwDQYJKoZIhvcNAQELBQADggEBAGWTls7wYZRU7+i/4YQrjRWHkiSwNWSF
oPjAoaFPkdhbqDhQrPRrak/G4NjL+ZxNtOSLPexl7oecrWGFi3pOseTRyDM56ZH/
WGTzGKlBJu6EaeQcnCccfecoL1veaj1tRSvOJAq+aUEKGG2aOgLxCUa+WWVYDKx4
1XNKG050RrngEOSL7D5+ZuJwCbuRUQw4/TzzDEXMedwuZK7ynZYpNkSQj7Vvh1yV
Hxas3HiFOt25H+mxuI3Z1BEWWTHoRgiaFfgAFIdr9cxQXy+zIq2NJaUdmbNnxTdU
Jba4F5Mh3DabqXoCu57hmOEa3LplqSMcQ2og1YyHNyLboj2gxAH3wQU=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org