Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3230322e3233362e302f32322d3232203d3e203432363839.roa
File: 3130392e3230322e3233362e302f32322d3232203d3e203432363839.roa (raw, json)
Hash identifier: XUBhIa8LVNKH0HI9u12tb4mc30bAtthBec+DKTX3Whs=
Subject key identifier: FB:A2:2E:56:A8:27:3A:6F:CD:D2:2E:B7:4B:55:59:F7:37:04:B8:45
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 423215A02CA5F75654EADD1F86C3E0D9FBB2BE1C
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3230322e3233362e302f32322d3232203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:20:12 +0000
ROA not before: Thu 07 Nov 2024 11:15:12 +0000
ROA not after: Thu 06 Nov 2025 11:20:12 +0000
asID: 42689
IP address blocks: 109.202.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:32:15:a0:2c:a5:f7:56:54:ea:dd:1f:86:c3:e0:d9:fb:b2:be:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:15:12 2024 GMT
Not After : Nov 6 11:20:12 2025 GMT
Subject: CN=FBA22E56A8273A6FCDD22EB74B5559F73704B845
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:11:73:10:de:eb:09:ca:f0:85:10:71:9f:35:
84:e4:7a:1e:f3:5d:1b:69:82:53:42:c1:c8:f8:f9:
0d:c5:89:6a:78:72:f9:b1:35:e4:32:0f:6e:2d:8b:
51:70:69:a2:eb:81:ad:fc:4f:6b:a4:12:a4:9d:33:
b0:09:b5:b3:4e:e9:a1:af:da:44:e1:94:6f:b7:15:
d2:7b:b4:6d:83:e2:81:82:3c:00:9b:d6:18:1a:dd:
7f:28:06:0f:e9:a0:fc:54:66:92:f8:22:a6:e5:1b:
87:a9:55:16:55:40:ef:88:57:be:ce:b3:e0:29:c8:
ef:75:46:47:2c:06:18:64:6e:92:34:d8:16:d9:78:
80:7d:d2:76:cb:0e:bd:cd:4a:3c:dc:0d:cb:62:a2:
0f:69:38:8b:91:14:e9:17:18:2e:89:bc:d6:b8:17:
e0:3f:07:fa:fb:20:55:39:61:a0:9c:bd:13:a1:ee:
41:71:f1:d0:e2:c6:8a:bd:b5:f1:9a:92:a0:45:cb:
6e:d4:01:b8:d1:da:d1:d2:d8:35:31:42:fc:83:7d:
13:e2:f5:45:21:ea:f4:ce:34:b7:15:29:2a:18:06:
12:8a:e6:e1:a4:e9:f1:10:38:05:a0:99:48:12:19:
58:33:44:77:73:2b:de:50:65:80:c0:c0:4e:72:24:
5f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:A2:2E:56:A8:27:3A:6F:CD:D2:2E:B7:4B:55:59:F7:37:04:B8:45
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3230322e3233362e302f32322d3232203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.202.236.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:48:7a:ad:12:a9:aa:2a:cc:66:e0:70:f8:2e:bd:c5:98:15:
2e:59:48:a6:52:f2:62:66:53:64:db:cb:e1:76:c8:88:0c:4f:
b3:80:1f:5a:06:74:42:77:3f:11:9e:e9:ec:55:e2:a7:0e:b0:
02:74:b5:77:74:02:31:bf:b9:0c:de:5e:0a:3b:86:6f:cd:a8:
ac:f2:56:ef:06:d0:d0:0b:ec:3a:25:62:0e:09:d8:2c:ba:b6:
ce:18:27:db:58:da:28:38:a4:61:49:92:26:c6:7c:1a:85:2e:
18:cb:bc:97:e4:de:77:f2:18:2e:31:45:ce:7a:d4:08:37:9f:
2e:03:45:86:6e:44:ff:51:1c:77:8e:67:4f:13:3b:db:01:91:
d5:06:b0:8a:12:92:19:aa:1a:d4:14:9e:d3:45:3b:99:94:de:
54:d3:7b:93:bd:5b:0c:84:0f:71:10:e1:ea:95:a8:65:d2:43:
96:3b:2a:83:78:e4:0e:1c:83:67:85:08:e4:30:83:35:d6:9e:
9d:3c:c8:f8:27:d7:1f:85:cb:66:79:52:55:d5:2e:45:4a:fb:
b4:5d:14:37:15:93:da:d8:ff:be:04:c6:48:20:cf:9d:4f:bc:
88:31:29:1f:30:f7:1e:97:4f:1e:6b:47:76:a4:de:89:48:47:
68:aa:7a:13
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQjIVoCyl91ZU6t0fhsPg2fuyvhwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTE1MTJaFw0yNTExMDYxMTIwMTJaMDMxMTAvBgNV
BAMTKEZCQTIyRTU2QTgyNzNBNkZDREQyMkVCNzRCNTU1OUY3MzcwNEI4NDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHEXMQ3usJyvCFEHGfNYTkeh7z
XRtpglNCwcj4+Q3FiWp4cvmxNeQyD24ti1FwaaLrga38T2ukEqSdM7AJtbNO6aGv
2kThlG+3FdJ7tG2D4oGCPACb1hga3X8oBg/poPxUZpL4IqblG4epVRZVQO+IV77O
s+ApyO91RkcsBhhkbpI02BbZeIB90nbLDr3NSjzcDctiog9pOIuRFOkXGC6JvNa4
F+A/B/r7IFU5YaCcvROh7kFx8dDixoq9tfGakqBFy27UAbjR2tHS2DUxQvyDfRPi
9UUh6vTONLcVKSoYBhKK5uGk6fEQOAWgmUgSGVgzRHdzK95QZYDAwE5yJF/xAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU+6IuVqgnOm/N0i63S1VZ9zcEuEUwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMjMwMzIyZTMy
MzMzNjJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJtyuwwDQYJKoZIhvcNAQELBQADggEBAKJIeq0SqaoqzGbgcPguvcWYFS5ZSKZS
8mJmU2Tby+F2yIgMT7OAH1oGdEJ3PxGe6exV4qcOsAJ0tXd0AjG/uQzeXgo7hm/N
qKzyVu8G0NAL7DolYg4J2Cy6ts4YJ9tY2ig4pGFJkibGfBqFLhjLvJfk3nfyGC4x
Rc561Ag3ny4DRYZuRP9RHHeOZ08TO9sBkdUGsIoSkhmqGtQUntNFO5mU3lTTe5O9
WwyED3EQ4eqVqGXSQ5Y7KoN45A4cg2eFCOQwgzXWnp08yPgn1x+Fy2Z5UlXVLkVK
+7RdFDcVk9rY/74Exkggz51PvIgxKR8w9x6XTx5rR3ak3olIR2iqehM=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org