Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3133302e34332e3132382e302f31382d3138203d3e203432363839.roa
File: 3133302e34332e3132382e302f31382d3138203d3e203432363839.roa (raw, json)
Hash identifier: Iuq1AIYHKelakkoHLn/kcmgOa6f4vkp8zwCVXTwYyrI=
Subject key identifier: 26:D9:70:0F:0B:CB:9C:80:B5:57:8D:1B:36:FB:76:50:4A:28:0C:46
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 753CA6CFB38898A06BADBB5BC5B0851D3D136132
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3133302e34332e3132382e302f31382d3138203d3e203432363839.roa
Signing time: Tue 19 Mar 2024 10:25:59 +0000
ROA not before: Tue 19 Mar 2024 10:20:59 +0000
ROA not after: Tue 18 Mar 2025 10:25:59 +0000
asID: 42689
IP address blocks: 130.43.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:3c:a6:cf:b3:88:98:a0:6b:ad:bb:5b:c5:b0:85:1d:3d:13:61:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Mar 19 10:20:59 2024 GMT
Not After : Mar 18 10:25:59 2025 GMT
Subject: CN=26D9700F0BCB9C80B5578D1B36FB76504A280C46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:df:c1:94:17:47:21:e8:18:08:74:dd:73:f1:
da:cc:e8:ac:86:25:98:d0:19:ce:2c:f2:a1:f1:a7:
59:c8:48:59:76:50:68:05:f8:84:e1:52:a5:50:11:
07:55:23:bf:d2:f2:c6:96:79:1e:cc:a3:8c:d7:b9:
34:85:c9:e7:bc:96:ae:3c:3f:76:d3:dd:2d:10:7a:
49:a5:8d:f0:0f:47:b7:97:d2:f3:98:9b:16:1e:4e:
36:4d:61:8e:fa:8a:a8:78:a9:8f:8b:f0:84:83:ee:
c0:f3:21:26:64:9f:f3:24:df:b0:3b:87:2e:3b:4a:
0f:52:c0:7e:5c:40:b7:a4:07:94:64:a8:4e:02:d1:
46:92:35:3e:dc:8e:48:79:d1:4e:20:57:78:84:04:
52:09:92:27:1a:52:da:72:4b:d4:71:25:90:26:75:
5f:64:3c:b0:8a:67:f4:ce:16:f4:d4:6c:93:32:b6:
87:aa:2c:e9:6b:58:16:71:13:69:87:62:29:90:d9:
9e:64:8f:e7:92:fb:10:69:a9:05:be:3b:80:f0:c3:
5a:64:d9:9b:13:b7:63:6a:53:ac:09:4a:4c:06:04:
fe:81:98:b3:e2:da:8e:4c:5d:a9:3a:e9:4c:cf:58:
28:df:7d:10:5e:44:1c:b6:67:0a:10:17:df:ce:47:
10:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:D9:70:0F:0B:CB:9C:80:B5:57:8D:1B:36:FB:76:50:4A:28:0C:46
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3133302e34332e3132382e302f31382d3138203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.43.128.0/18
Signature Algorithm: sha256WithRSAEncryption
75:0e:cb:01:71:7c:ce:ba:e2:92:07:ca:3a:9e:e5:a6:dd:2b:
73:35:b4:02:3c:dc:28:15:b7:cc:a7:66:54:4d:d8:f9:22:a1:
36:5c:80:73:50:25:af:4a:5b:37:72:25:9e:9f:67:ec:54:59:
f9:79:ff:50:8e:42:07:df:d4:78:27:6b:63:ac:66:9c:fd:87:
17:a7:de:fd:f0:57:fc:1b:25:7d:f9:9a:82:32:97:b1:53:6a:
f0:39:00:bb:59:76:54:9e:32:66:b9:9c:a2:c3:97:1e:11:86:
f1:c7:f1:10:f9:b2:d7:1f:85:85:5b:95:93:ff:4b:08:6e:07:
3f:62:b5:9b:87:5c:6a:64:1e:4c:81:98:68:90:dd:f9:e8:fc:
bf:40:4d:5a:c8:f0:f9:74:6b:f7:a3:ed:ec:dc:d1:f7:9e:db:
02:25:bf:da:60:79:c8:bf:a4:d1:69:ca:a4:8c:ca:45:a0:39:
51:7a:05:67:d1:de:2e:76:3c:12:7c:6d:6e:6e:db:ed:76:b6:
6d:1e:4c:26:82:1f:36:3b:f8:39:69:06:48:7b:bc:04:5e:a2:
53:23:11:e3:36:b3:9b:84:78:5f:cc:41:cf:84:0a:52:04:e8:
a2:49:80:84:72:0d:9c:db:c6:ac:d0:1a:5a:41:93:5d:ad:73:
46:0f:6b:c9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdTymz7OImKBrrbtbxbCFHT0TYTIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDAzMTkxMDIwNTlaFw0yNTAzMTgxMDI1NTlaMDMxMTAvBgNV
BAMTKDI2RDk3MDBGMEJDQjlDODBCNTU3OEQxQjM2RkI3NjUwNEEyODBDNDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC938GUF0ch6BgIdN1z8drM6KyG
JZjQGc4s8qHxp1nISFl2UGgF+IThUqVQEQdVI7/S8saWeR7Mo4zXuTSFyee8lq48
P3bT3S0QekmljfAPR7eX0vOYmxYeTjZNYY76iqh4qY+L8ISD7sDzISZkn/Mk37A7
hy47Sg9SwH5cQLekB5RkqE4C0UaSNT7cjkh50U4gV3iEBFIJkicaUtpyS9RxJZAm
dV9kPLCKZ/TOFvTUbJMytoeqLOlrWBZxE2mHYimQ2Z5kj+eS+xBpqQW+O4Dww1pk
2ZsTt2NqU6wJSkwGBP6BmLPi2o5MXak66UzPWCjffRBeRBy2ZwoQF9/ORxC5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUJtlwDwvLnIC1V40bNvt2UEooDEYwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMzMwMmUzNDMzMmUzMTMy
MzgyZTMwMmYzMTM4MmQzMTM4MjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG
giuAMA0GCSqGSIb3DQEBCwUAA4IBAQB1DssBcXzOuuKSB8o6nuWm3StzNbQCPNwo
FbfMp2ZUTdj5IqE2XIBzUCWvSls3ciWen2fsVFn5ef9QjkIH39R4J2tjrGac/YcX
p9798Ff8GyV9+ZqCMpexU2rwOQC7WXZUnjJmuZyiw5ceEYbxx/EQ+bLXH4WFW5WT
/0sIbgc/YrWbh1xqZB5MgZhokN356Py/QE1ayPD5dGv3o+3s3NH3ntsCJb/aYHnI
v6TRacqkjMpFoDlRegVn0d4udjwSfG1ubtvtdrZtHkwmgh82O/g5aQZIe7wEXqJT
IxHjNrObhHhfzEHPhApSBOiiSYCEcg2c28as0BpaQZNdrXNGD2vJ
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org