Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3230322e3234302e302f32322d3232203d3e203432363839.roa
File: 3130392e3230322e3234302e302f32322d3232203d3e203432363839.roa (raw, json)
Hash identifier: EbcF5c3HC6AkyJ0ldFS7b1eTi+gNCwYDXDF9HYeBNU4=
Subject key identifier: 79:3B:92:15:EC:85:B1:DE:E6:58:FB:D8:AB:EF:54:FB:FE:34:99:31
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 72FEE39C44A34E4BE2F3F5DBB83153EE2706FE98
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3230322e3234302e302f32322d3232203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:20:24 +0000
ROA not before: Thu 07 Nov 2024 11:15:24 +0000
ROA not after: Thu 06 Nov 2025 11:20:24 +0000
asID: 42689
IP address blocks: 109.202.240.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:fe:e3:9c:44:a3:4e:4b:e2:f3:f5:db:b8:31:53:ee:27:06:fe:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:15:24 2024 GMT
Not After : Nov 6 11:20:24 2025 GMT
Subject: CN=793B9215EC85B1DEE658FBD8ABEF54FBFE349931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:af:fe:ff:dd:c0:bc:a5:e9:54:19:ec:27:c5:
44:97:9b:83:48:a9:a3:b1:6e:ca:6f:a0:7e:c3:d1:
62:34:18:7a:d5:99:dd:78:b2:65:a8:f8:e5:63:16:
c8:d5:e4:c6:c1:89:c0:94:8b:44:81:a3:43:e0:0e:
63:0d:95:d2:06:8d:8e:ed:d5:9f:9c:80:b7:f2:e8:
b3:c9:cc:06:3e:f1:c6:b3:97:c8:93:31:51:e6:d3:
db:5a:92:0c:0a:5c:ca:88:02:d4:41:19:4c:4d:fd:
2f:07:1b:41:79:d6:15:5e:c2:33:28:32:ed:b0:88:
56:e2:15:bc:fe:b9:78:3e:60:98:24:e0:fc:08:ce:
08:5d:c9:a3:46:57:e2:64:a1:38:19:6c:5c:35:a2:
f9:5b:33:d9:64:1b:a0:6e:80:fd:1a:12:bd:a6:d7:
52:df:80:cd:41:37:e7:1b:97:3e:57:4c:21:1b:6e:
5a:f0:ba:38:e4:f0:36:7b:77:9d:b9:91:2c:30:75:
a2:32:ba:fa:c8:61:bc:08:52:71:83:e3:f1:87:fc:
f1:d0:39:13:56:02:f0:b6:dc:ce:f9:b7:38:16:20:
51:05:43:cc:ed:39:5d:1c:a0:8b:eb:7f:b4:bf:84:
13:3b:ff:3f:a9:3a:04:76:ff:cc:d4:9f:05:9c:eb:
5e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:3B:92:15:EC:85:B1:DE:E6:58:FB:D8:AB:EF:54:FB:FE:34:99:31
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3230322e3234302e302f32322d3232203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.202.240.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:ea:c5:fc:0b:c0:f8:41:4a:5b:ca:56:b1:32:77:ab:df:b6:
2a:ae:7c:4f:3c:8c:dd:1f:f6:da:d5:da:6e:27:84:f4:3f:93:
df:22:90:6e:08:01:f0:21:ed:8d:cc:58:8f:bc:86:7b:5d:e5:
5a:b0:93:4d:f6:2a:dc:d0:26:d3:c0:9f:f7:3e:e8:a4:1c:cd:
33:81:46:12:b2:00:f7:54:01:8b:a3:f8:a4:1a:cf:ec:fd:eb:
17:17:bb:ed:d2:42:9b:80:6f:21:94:a2:97:10:0c:fd:7c:cc:
ab:51:6a:f4:06:a8:ff:76:6d:32:ee:16:ed:fa:9b:14:19:8c:
d3:0d:03:e5:fe:0b:23:29:0d:00:e2:fc:4a:8d:ba:b4:3d:48:
9d:68:f7:e9:31:09:7f:79:64:02:a4:00:9f:10:ca:c1:91:4e:
5a:43:fb:50:18:a6:e0:df:e8:a5:c3:9d:be:48:e7:25:9b:29:
b2:8c:dd:71:eb:ae:86:0f:8d:45:54:b9:0a:bb:27:ef:44:53:
6d:1b:47:66:ec:fc:c6:51:cd:1a:41:08:aa:07:53:6e:ab:47:
c2:a5:5b:67:0b:35:a5:26:c9:42:ae:d5:e5:06:84:b6:57:1a:
5f:53:26:f2:ad:83:0e:d5:d7:ed:2e:5c:03:16:02:0c:ff:51:
ec:05:d5:dc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcv7jnESjTkvi8/XbuDFT7icG/pgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTE1MjRaFw0yNTExMDYxMTIwMjRaMDMxMTAvBgNV
BAMTKDc5M0I5MjE1RUM4NUIxREVFNjU4RkJEOEFCRUY1NEZCRkUzNDk5MzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+r/7/3cC8pelUGewnxUSXm4NI
qaOxbspvoH7D0WI0GHrVmd14smWo+OVjFsjV5MbBicCUi0SBo0PgDmMNldIGjY7t
1Z+cgLfy6LPJzAY+8cazl8iTMVHm09takgwKXMqIAtRBGUxN/S8HG0F51hVewjMo
Mu2wiFbiFbz+uXg+YJgk4PwIzghdyaNGV+JkoTgZbFw1ovlbM9lkG6BugP0aEr2m
11LfgM1BN+cblz5XTCEbblrwujjk8DZ7d525kSwwdaIyuvrIYbwIUnGD4/GH/PHQ
ORNWAvC23M75tzgWIFEFQ8ztOV0coIvrf7S/hBM7/z+pOgR2/8zUnwWc614fAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUeTuSFeyFsd7mWPvYq+9U+/40mTEwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMjMwMzIyZTMy
MzQzMDJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJtyvAwDQYJKoZIhvcNAQELBQADggEBAIvqxfwLwPhBSlvKVrEyd6vftiqufE88
jN0f9trV2m4nhPQ/k98ikG4IAfAh7Y3MWI+8hntd5Vqwk032KtzQJtPAn/c+6KQc
zTOBRhKyAPdUAYuj+KQaz+z96xcXu+3SQpuAbyGUopcQDP18zKtRavQGqP92bTLu
Fu36mxQZjNMNA+X+CyMpDQDi/EqNurQ9SJ1o9+kxCX95ZAKkAJ8QysGRTlpD+1AY
puDf6KXDnb5I5yWbKbKM3XHrroYPjUVUuQq7J+9EU20bR2bs/MZRzRpBCKoHU26r
R8KlW2cLNaUmyUKu1eUGhLZXGl9TJvKtgw7V1+0uXAMWAgz/UewF1dw=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org