Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3230322e3234382e302f32312d3231203d3e203432363839.roa
File: 3130392e3230322e3234382e302f32312d3231203d3e203432363839.roa (raw, json)
Hash identifier: f/EBq2XJ3PDSY5xwC2g/G1laViIXbWjO9lRCjWXP+p4=
Subject key identifier: F5:29:5B:B0:E0:17:36:CA:2F:58:C4:9F:92:1F:F2:F6:1B:E3:BD:E4
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 05EC1DC85804FBD1427C62A38D42FC094BA8A42B
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3230322e3234382e302f32312d3231203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:21:08 +0000
ROA not before: Thu 07 Nov 2024 11:16:08 +0000
ROA not after: Thu 06 Nov 2025 11:21:08 +0000
asID: 42689
IP address blocks: 109.202.248.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:ec:1d:c8:58:04:fb:d1:42:7c:62:a3:8d:42:fc:09:4b:a8:a4:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:16:08 2024 GMT
Not After : Nov 6 11:21:08 2025 GMT
Subject: CN=F5295BB0E01736CA2F58C49F921FF2F61BE3BDE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fd:ed:e1:04:89:f2:f1:1a:42:6f:70:73:89:
ba:cd:65:d1:09:20:76:ab:cc:55:c2:a7:92:c2:52:
34:ed:3e:8e:ce:cb:1b:68:e4:ef:c8:27:80:0f:f5:
1f:49:13:59:80:a7:7b:ee:ad:43:ef:fd:16:62:6d:
61:19:b0:62:e2:a2:9e:e1:05:6c:ae:17:f9:52:55:
1e:2d:5f:3f:d5:03:3c:b3:22:44:ee:dc:aa:20:c5:
46:8c:b3:5c:33:d5:4f:ad:83:c3:fe:54:eb:76:18:
12:bd:7c:c0:61:2f:6a:8e:f9:d9:78:d2:81:3d:a7:
44:5a:04:7a:79:1d:be:d5:fd:41:67:65:cd:57:d7:
c2:19:43:06:4a:c9:93:f4:f9:84:87:0d:9f:68:11:
b6:4d:f1:2a:d9:55:f2:34:5d:e5:c6:e2:68:b8:e4:
1a:77:44:15:e4:52:07:f0:86:f5:6a:be:33:6c:57:
11:1b:67:12:cf:bd:24:1b:9b:e7:49:8d:57:98:43:
46:2d:6c:aa:94:c4:ac:5b:ae:1b:d3:65:b3:bc:b3:
8c:20:83:fb:df:9d:db:21:6e:99:b2:0e:04:23:fa:
e5:38:da:53:0d:28:2d:b2:48:8a:9b:91:35:b6:ed:
fd:09:02:c0:07:df:b0:86:dc:f3:cd:2d:c9:59:fe:
cf:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:29:5B:B0:E0:17:36:CA:2F:58:C4:9F:92:1F:F2:F6:1B:E3:BD:E4
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3230322e3234382e302f32312d3231203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.202.248.0/21
Signature Algorithm: sha256WithRSAEncryption
65:41:ce:f8:88:d5:e3:0b:b8:4d:78:e5:ab:ee:b4:99:62:ad:
33:1b:d5:19:14:bc:7d:1e:0d:26:9c:24:d9:c9:67:72:6f:f0:
9f:ec:79:48:ad:91:b7:ab:c0:22:65:1f:c2:c0:86:42:a2:85:
ce:1d:5b:c8:94:6a:4c:98:6f:06:c2:06:d1:26:cb:38:44:13:
95:68:7d:ff:5a:79:b3:bf:dc:93:a3:1a:f6:ca:3b:5b:75:4b:
cf:ab:45:ed:82:eb:37:44:56:3e:62:17:bd:6e:57:d2:6b:23:
ac:1f:da:de:68:ed:4b:0c:1c:93:a7:2d:53:d6:14:5a:04:1d:
2b:a5:20:84:34:64:de:a2:0c:24:70:81:8d:90:6b:ce:22:0b:
41:ff:ba:73:53:1f:94:96:09:3f:69:0f:ed:5d:71:c8:41:a9:
6b:65:64:4f:b4:a6:68:d3:16:fe:29:d8:06:57:31:fe:97:3b:
bb:47:9a:a0:6f:32:a3:14:f7:64:f6:b0:9d:1b:d7:55:a7:ce:
9c:f3:8b:3e:e0:e5:0c:96:9c:a6:6e:7e:9c:fd:5a:4a:fc:6e:
ff:32:7d:3c:74:b6:e5:ad:cf:46:f8:b9:fb:6b:e3:4a:57:2d:
b3:ff:15:85:a5:93:9b:6a:70:a7:e4:03:9c:70:dd:3d:d0:90:
16:eb:eb:1e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUBewdyFgE+9FCfGKjjUL8CUuopCswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTE2MDhaFw0yNTExMDYxMTIxMDhaMDMxMTAvBgNV
BAMTKEY1Mjk1QkIwRTAxNzM2Q0EyRjU4QzQ5RjkyMUZGMkY2MUJFM0JERTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh/e3hBIny8RpCb3BzibrNZdEJ
IHarzFXCp5LCUjTtPo7Oyxto5O/IJ4AP9R9JE1mAp3vurUPv/RZibWEZsGLiop7h
BWyuF/lSVR4tXz/VAzyzIkTu3KogxUaMs1wz1U+tg8P+VOt2GBK9fMBhL2qO+dl4
0oE9p0RaBHp5Hb7V/UFnZc1X18IZQwZKyZP0+YSHDZ9oEbZN8SrZVfI0XeXG4mi4
5Bp3RBXkUgfwhvVqvjNsVxEbZxLPvSQbm+dJjVeYQ0YtbKqUxKxbrhvTZbO8s4wg
g/vfndshbpmyDgQj+uU42lMNKC2ySIqbkTW27f0JAsAH37CG3PPNLclZ/s8VAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU9SlbsOAXNsovWMSfkh/y9hvjveQwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMjMwMzIyZTMy
MzQzODJlMzAyZjMyMzEyZDMyMzEyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BANtyvgwDQYJKoZIhvcNAQELBQADggEBAGVBzviI1eMLuE145avutJlirTMb1RkU
vH0eDSacJNnJZ3Jv8J/seUitkberwCJlH8LAhkKihc4dW8iUakyYbwbCBtEmyzhE
E5Voff9aebO/3JOjGvbKO1t1S8+rRe2C6zdEVj5iF71uV9JrI6wf2t5o7UsMHJOn
LVPWFFoEHSulIIQ0ZN6iDCRwgY2Qa84iC0H/unNTH5SWCT9pD+1dcchBqWtlZE+0
pmjTFv4p2AZXMf6XO7tHmqBvMqMU92T2sJ0b11Wnzpzziz7g5QyWnKZufpz9Wkr8
bv8yfTx0tuWtz0b4uftr40pXLbP/FYWlk5tqcKfkA5xw3T3QkBbr6x4=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org