Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3230322e3232362e302f32342d3234203d3e203432363839.roa
File: 3130392e3230322e3232362e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: ZvT91qC1ZohWqQBjrHmQKpQp0YonB9/TSYLyCyuAXOk=
Subject key identifier: 98:67:5F:BE:B8:88:A9:F9:6F:77:51:A0:13:54:69:3C:A1:4E:0C:F9
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 516BEBA99109DC58502A0A5FC87AF81CCAB8A414
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3230322e3232362e302f32342d3234203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:19:45 +0000
ROA not before: Thu 07 Nov 2024 11:14:45 +0000
ROA not after: Thu 06 Nov 2025 11:19:45 +0000
asID: 42689
IP address blocks: 109.202.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:6b:eb:a9:91:09:dc:58:50:2a:0a:5f:c8:7a:f8:1c:ca:b8:a4:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:14:45 2024 GMT
Not After : Nov 6 11:19:45 2025 GMT
Subject: CN=98675FBEB888A9F96F7751A01354693CA14E0CF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3a:3a:11:b7:e0:5d:58:dd:44:59:9f:02:67:
56:a0:10:22:fd:0c:86:c1:36:ae:e7:98:fb:3e:64:
60:ba:43:d0:59:25:1c:e8:33:45:e3:7b:7a:c4:c6:
f0:b8:bb:5b:d6:83:ae:96:76:34:c1:59:2d:b9:a1:
ed:6d:c8:3b:05:71:bb:58:2d:20:85:37:3c:74:c8:
9c:9f:62:b6:03:a2:2e:b0:68:c7:da:ba:a3:58:bf:
1a:b9:9f:0d:b6:e3:28:9f:03:5c:e8:00:09:ee:88:
84:c1:aa:68:f1:29:fc:7f:22:89:4f:3d:f1:b6:69:
83:6f:7d:57:f8:98:e7:9b:32:ef:5c:04:11:cf:bf:
3a:84:ff:d3:1b:a4:c1:ab:f1:8b:dc:75:0e:3c:e3:
73:da:67:a3:08:92:8f:c2:c9:5c:c8:39:09:20:e2:
a3:05:7d:7e:fb:66:09:b4:00:9e:c3:08:dd:24:94:
37:0e:33:27:59:8f:55:7d:a6:d8:4b:0b:8c:f1:04:
8b:ec:1e:80:67:c9:8b:57:ce:59:47:66:64:92:4d:
32:a9:35:2a:eb:15:21:08:b5:fd:5c:df:33:60:fd:
8f:e4:82:be:61:7d:71:a0:29:2c:fa:85:1d:08:d2:
a8:70:b6:bf:61:f4:b7:49:ab:fa:59:f7:7f:22:52:
1d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:67:5F:BE:B8:88:A9:F9:6F:77:51:A0:13:54:69:3C:A1:4E:0C:F9
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3230322e3232362e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.202.226.0/24
Signature Algorithm: sha256WithRSAEncryption
77:35:be:45:47:5a:f2:31:ec:8c:dc:ba:84:45:6c:8f:a5:e8:
bc:6f:7b:5f:6e:dd:6c:90:d2:5c:f1:8b:e1:b9:37:b2:30:68:
63:0b:03:9d:ad:9b:f8:7e:81:14:5f:de:68:8f:34:fb:78:2a:
b7:cb:09:a8:44:96:4f:d8:10:cd:ad:50:39:59:4a:b1:99:04:
ca:29:90:be:d3:ba:c3:b4:c4:47:2e:63:61:69:86:b8:20:54:
4e:8d:7c:8b:47:0a:22:50:1b:f9:f7:94:20:30:2e:fd:85:90:
02:e2:71:c5:1f:65:fa:9a:97:64:09:33:4c:79:e4:e9:63:2d:
a5:04:66:a4:f3:b0:ca:58:32:35:d0:c4:dd:22:ad:07:78:f4:
5d:67:90:e7:f3:c7:7f:e6:fe:2c:17:d2:2f:bb:e7:6e:f0:f5:
a9:80:0a:af:dc:11:70:66:77:8f:f3:9e:7e:b6:df:ac:c2:d0:
2a:f4:74:12:0a:2d:13:45:9f:02:a7:69:36:b9:7d:ec:88:7a:
c8:d6:05:c8:64:9e:f7:71:44:63:17:5f:b1:21:6f:10:50:87:
58:b3:87:28:87:47:65:e5:a7:01:31:5b:02:bc:36:80:af:cf:
3e:46:76:d6:f2:76:a2:a5:f4:81:6e:18:fb:42:ad:17:12:21:
2e:42:a8:32
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUWvrqZEJ3FhQKgpfyHr4HMq4pBQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTE0NDVaFw0yNTExMDYxMTE5NDVaMDMxMTAvBgNV
BAMTKDk4Njc1RkJFQjg4OEE5Rjk2Rjc3NTFBMDEzNTQ2OTNDQTE0RTBDRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7OjoRt+BdWN1EWZ8CZ1agECL9
DIbBNq7nmPs+ZGC6Q9BZJRzoM0Xje3rExvC4u1vWg66WdjTBWS25oe1tyDsFcbtY
LSCFNzx0yJyfYrYDoi6waMfauqNYvxq5nw224yifA1zoAAnuiITBqmjxKfx/IolP
PfG2aYNvfVf4mOebMu9cBBHPvzqE/9MbpMGr8YvcdQ4843PaZ6MIko/CyVzIOQkg
4qMFfX77Zgm0AJ7DCN0klDcOMydZj1V9pthLC4zxBIvsHoBnyYtXzllHZmSSTTKp
NSrrFSEItf1c3zNg/Y/kgr5hfXGgKSz6hR0I0qhwtr9h9LdJq/pZ938iUh0rAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUmGdfvriIqflvd1GgE1RpPKFODPkwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMjMwMzIyZTMy
MzIzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtyuIwDQYJKoZIhvcNAQELBQADggEBAHc1vkVHWvIx7IzcuoRFbI+l6Lxve19u
3WyQ0lzxi+G5N7IwaGMLA52tm/h+gRRf3miPNPt4KrfLCahElk/YEM2tUDlZSrGZ
BMopkL7TusO0xEcuY2FphrggVE6NfItHCiJQG/n3lCAwLv2FkALiccUfZfqal2QJ
M0x55OljLaUEZqTzsMpYMjXQxN0irQd49F1nkOfzx3/m/iwX0i+7527w9amACq/c
EXBmd4/znn6236zC0Cr0dBIKLRNFnwKnaTa5feyIesjWBchknvdxRGMXX7EhbxBQ
h1izhyiHR2XlpwExWwK8NoCvzz5GdtbydqKl9IFuGPtCrRcSIS5CqDI=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org