Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3138352e332e38342e302f32342d3234203d3e203432363839.roa
File: 3138352e332e38342e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: dxrJq685AlWNksYDuXS36BIgzThTMy/CLApey+EqhO0=
Subject key identifier: 70:6D:EC:E7:82:91:93:D8:31:71:A5:A7:55:37:DC:D8:F0:3F:28:BD
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 2625C120616722E3414E824DFD60CD8F25B16FA2
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3138352e332e38342e302f32342d3234203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 11:21:23 +0000
ROA not before: Thu 07 Nov 2024 11:16:23 +0000
ROA not after: Thu 06 Nov 2025 11:21:23 +0000
asID: 42689
IP address blocks: 185.3.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:25:c1:20:61:67:22:e3:41:4e:82:4d:fd:60:cd:8f:25:b1:6f:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 11:16:23 2024 GMT
Not After : Nov 6 11:21:23 2025 GMT
Subject: CN=706DECE7829193D83171A5A75537DCD8F03F28BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:37:b3:e6:a0:92:a2:43:9a:fc:59:a4:21:fb:
b9:d9:a5:d0:c8:a7:be:67:0d:5b:f9:78:24:be:1b:
24:69:8b:f1:fe:a1:0e:9e:22:6d:ba:86:29:0b:bc:
0a:9c:2f:76:4e:f4:0f:b1:23:8b:67:48:bc:fa:7c:
a7:e8:ec:e1:ff:97:8b:74:62:92:08:c9:b2:1e:98:
60:62:e0:b3:35:6b:71:8d:38:f5:87:23:b6:ec:74:
95:31:1c:b5:64:3e:75:ff:2e:89:7f:f7:ff:0e:b4:
a9:3f:a1:6a:ac:5c:94:a5:1b:f0:35:5c:df:5a:50:
ab:66:d9:c2:f7:2f:4d:d0:8f:fc:de:98:73:b5:c7:
f1:ef:74:f5:be:91:c3:9b:3a:db:49:42:f3:28:be:
8a:b7:2d:42:5c:8f:07:10:ae:81:03:2d:ed:49:8b:
8d:d3:ba:c8:e2:ae:15:d2:8c:4f:ad:8f:af:ba:5b:
09:bb:ee:97:29:fd:dc:d0:94:fb:9b:d5:ea:75:6c:
3c:ab:98:43:83:1c:1a:09:28:ba:e2:16:94:cd:17:
c7:3e:84:bd:ae:30:9a:9e:3f:ba:5a:29:1a:7d:26:
c6:2d:9c:97:3d:a5:54:25:fb:88:64:1e:0d:63:78:
71:12:6c:e2:32:00:d6:29:77:17:cc:cb:84:0f:55:
42:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:6D:EC:E7:82:91:93:D8:31:71:A5:A7:55:37:DC:D8:F0:3F:28:BD
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3138352e332e38342e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.3.84.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:31:96:8d:d5:c6:9b:84:fc:61:74:94:57:2e:04:72:7a:e2:
c6:5b:c6:d3:35:82:37:3d:20:36:d7:67:79:35:d0:c8:f3:41:
32:e6:7c:fb:f6:f6:b6:27:45:6d:6a:a0:2e:dc:36:c2:35:d8:
3c:a1:52:77:9f:a5:9b:3a:cb:df:b9:45:ed:ba:90:67:1a:07:
94:75:30:57:54:4a:ef:82:56:12:9c:9a:98:ea:b7:75:26:c7:
02:75:57:c7:84:bc:2d:29:80:81:94:e1:9a:ea:80:7c:9a:7b:
3e:4d:3e:ab:a1:d5:24:bf:cd:1a:1c:62:c6:9b:73:3e:58:99:
59:28:37:27:28:1b:4d:59:e8:f5:b1:fc:ee:6d:7f:1c:61:89:
cc:c6:36:2b:91:58:3a:ea:85:df:1f:96:0a:81:1c:83:9c:19:
f8:92:04:e3:cf:6a:5e:82:f4:29:15:ff:ef:57:be:2a:64:8f:
5d:2b:8c:26:1a:13:4b:1b:0d:3b:5c:65:83:29:82:87:e0:18:
af:a9:d8:3c:de:71:53:e8:11:28:7d:43:60:aa:5c:1c:91:51:
ab:9a:3d:2c:80:bf:07:56:ab:54:67:f8:8e:1e:5e:b4:86:b8:
e3:3b:85:50:41:52:52:f6:5a:98:da:cb:7f:ce:d8:af:22:ea:
2c:b1:be:9d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUJiXBIGFnIuNBToJN/WDNjyWxb6IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMTE2MjNaFw0yNTExMDYxMTIxMjNaMDMxMTAvBgNV
BAMTKDcwNkRFQ0U3ODI5MTkzRDgzMTcxQTVBNzU1MzdEQ0Q4RjAzRjI4QkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDN7PmoJKiQ5r8WaQh+7nZpdDI
p75nDVv5eCS+GyRpi/H+oQ6eIm26hikLvAqcL3ZO9A+xI4tnSLz6fKfo7OH/l4t0
YpIIybIemGBi4LM1a3GNOPWHI7bsdJUxHLVkPnX/Lol/9/8OtKk/oWqsXJSlG/A1
XN9aUKtm2cL3L03Qj/zemHO1x/HvdPW+kcObOttJQvMovoq3LUJcjwcQroEDLe1J
i43TusjirhXSjE+tj6+6Wwm77pcp/dzQlPub1ep1bDyrmEODHBoJKLriFpTNF8c+
hL2uMJqeP7paKRp9JsYtnJc9pVQl+4hkHg1jeHESbOIyANYpdxfMy4QPVUK/AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUcG3s54KRk9gxcaWnVTfc2PA/KL0wHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzODM1MmUzMzJlMzgzNDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5A1Qw
DQYJKoZIhvcNAQELBQADggEBAGwxlo3VxpuE/GF0lFcuBHJ64sZbxtM1gjc9IDbX
Z3k10MjzQTLmfPv29rYnRW1qoC7cNsI12DyhUnefpZs6y9+5Re26kGcaB5R1MFdU
Su+CVhKcmpjqt3UmxwJ1V8eEvC0pgIGU4ZrqgHyaez5NPquh1SS/zRocYsabcz5Y
mVkoNycoG01Z6PWx/O5tfxxhiczGNiuRWDrqhd8flgqBHIOcGfiSBOPPal6C9CkV
/+9Xvipkj10rjCYaE0sbDTtcZYMpgofgGK+p2DzecVPoESh9Q2CqXByRUauaPSyA
vwdWq1Rn+I4eXrSGuOM7hVBBUlL2Wpjay3/O2K8i6iyxvp0=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org