Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3230322e3234342e302f32332d3233203d3e203432363839.roa
File: 3130392e3230322e3234342e302f32332d3233203d3e203432363839.roa (raw, json)
Hash identifier: O+a81xLfR0zKYzg97PCS34BjXWVyqYVbHaehL6Lxc5g=
Subject key identifier: 90:AE:89:38:0D:65:08:49:26:3A:67:12:AA:B8:17:5A:88:67:60:D0
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 67E040FE827DF22A9F845920AD728840CB11B01B
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3230322e3234342e302f32332d3233203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:20:37 +0000
ROA not before: Thu 07 Nov 2024 11:15:37 +0000
ROA not after: Thu 06 Nov 2025 11:20:37 +0000
asID: 42689
IP address blocks: 109.202.244.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:e0:40:fe:82:7d:f2:2a:9f:84:59:20:ad:72:88:40:cb:11:b0:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:15:37 2024 GMT
Not After : Nov 6 11:20:37 2025 GMT
Subject: CN=90AE89380D650849263A6712AAB8175A886760D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e0:63:14:8e:a1:06:9e:6a:df:0b:bc:d0:8c:
e4:88:7c:09:a0:38:15:80:18:3d:b7:ef:e9:f7:bd:
15:5a:d9:9f:58:5e:fc:22:95:6e:cb:f2:1d:7f:22:
02:bf:c4:f4:6f:76:3b:ab:0d:c1:9f:8c:54:79:ac:
8b:dd:08:f9:96:70:5b:37:05:07:e7:25:39:e6:01:
32:97:80:b1:2f:ab:b3:2e:f9:af:1b:7d:d5:c3:b4:
92:63:82:0c:7d:43:b0:17:df:4e:21:3f:91:26:c3:
07:92:32:6d:11:85:5c:a9:ee:e6:42:6b:a1:d4:29:
cc:db:40:ef:fb:7d:0a:c8:ec:d0:db:4a:ad:82:4f:
c7:6f:79:c9:ca:b7:ce:2d:e8:9b:f5:83:9a:6a:e2:
0e:dd:56:e1:b8:9b:72:f6:2e:d9:e0:92:43:86:ed:
65:46:3f:d9:a3:b6:d7:b1:71:49:f9:56:72:73:68:
7c:dc:8c:72:5c:7b:64:e0:9a:98:bc:e1:e1:48:84:
bf:8f:c8:55:f1:26:e8:5b:5c:6a:a9:8e:5a:82:ec:
78:de:4f:e6:f5:19:16:9c:b2:b6:c4:a3:ff:c8:c0:
87:db:23:63:92:7c:fa:a4:9f:bf:ea:ed:de:89:19:
e0:09:77:ef:56:e6:95:46:58:73:a7:39:8c:af:eb:
8f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:AE:89:38:0D:65:08:49:26:3A:67:12:AA:B8:17:5A:88:67:60:D0
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3230322e3234342e302f32332d3233203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.202.244.0/23
Signature Algorithm: sha256WithRSAEncryption
06:b4:bc:d1:df:14:e1:d8:22:39:9d:47:b6:71:c8:09:50:43:
d2:8e:10:6f:df:f6:90:6f:cb:6d:f9:c6:67:3f:2d:24:72:64:
57:74:b2:db:7d:60:29:82:e3:7c:a1:3e:88:f3:95:3e:57:87:
82:76:b0:8d:e9:a3:ee:5d:73:58:1b:6f:4d:bc:50:19:94:54:
85:89:c8:ac:ae:e3:e0:70:32:14:06:73:10:1c:70:8f:3a:4f:
23:bf:8f:df:f4:4f:a0:3d:75:78:38:e0:5c:90:d9:32:5e:91:
bb:90:b0:d5:b6:9d:35:6b:48:f6:cf:7d:92:9a:c2:ca:c8:b9:
9b:f1:38:02:ae:25:d5:3c:f2:cd:73:73:8c:bd:1b:42:ee:48:
9e:31:80:d6:6b:7f:7b:b5:ba:30:c1:8e:87:ed:c4:e4:d3:9a:
b8:36:69:ec:da:75:5f:ba:25:aa:d7:46:e8:72:79:3c:7a:ef:
95:af:3c:48:9f:0a:60:68:1e:76:ac:b2:6d:0a:8c:3b:31:49:
42:e6:01:5d:ea:4a:24:2c:75:e9:26:80:bd:13:5f:a4:01:7b:
d3:dc:5e:b3:21:88:75:33:2d:4a:ff:f3:d2:9a:3c:5d:ae:f4:
c5:c3:af:dc:65:ef:ce:35:f7:0a:a0:6a:a0:90:bd:77:9c:b8:
c2:84:b9:1b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZ+BA/oJ98iqfhFkgrXKIQMsRsBswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTE1MzdaFw0yNTExMDYxMTIwMzdaMDMxMTAvBgNV
BAMTKDkwQUU4OTM4MEQ2NTA4NDkyNjNBNjcxMkFBQjgxNzVBODg2NzYwRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCT4GMUjqEGnmrfC7zQjOSIfAmg
OBWAGD237+n3vRVa2Z9YXvwilW7L8h1/IgK/xPRvdjurDcGfjFR5rIvdCPmWcFs3
BQfnJTnmATKXgLEvq7Mu+a8bfdXDtJJjggx9Q7AX304hP5EmwweSMm0RhVyp7uZC
a6HUKczbQO/7fQrI7NDbSq2CT8dvecnKt84t6Jv1g5pq4g7dVuG4m3L2LtngkkOG
7WVGP9mjttexcUn5VnJzaHzcjHJce2Tgmpi84eFIhL+PyFXxJuhbXGqpjlqC7Hje
T+b1GRacsrbEo//IwIfbI2OSfPqkn7/q7d6JGeAJd+9W5pVGWHOnOYyv64/rAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUkK6JOA1lCEkmOmcSqrgXWohnYNAwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMjMwMzIyZTMy
MzQzNDJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFtyvQwDQYJKoZIhvcNAQELBQADggEBAAa0vNHfFOHYIjmdR7ZxyAlQQ9KOEG/f
9pBvy235xmc/LSRyZFd0stt9YCmC43yhPojzlT5Xh4J2sI3po+5dc1gbb028UBmU
VIWJyKyu4+BwMhQGcxAccI86TyO/j9/0T6A9dXg44FyQ2TJekbuQsNW2nTVrSPbP
fZKawsrIuZvxOAKuJdU88s1zc4y9G0LuSJ4xgNZrf3u1ujDBjoftxOTTmrg2aeza
dV+6JarXRuhyeTx675WvPEifCmBoHnassm0KjDsxSULmAV3qSiQsdekmgL0TX6QB
e9PcXrMhiHUzLUr/89KaPF2u9MXDr9xl78419wqgaqCQvXecuMKEuRs=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org