Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3138352e37352e3231322e302f32322d3232203d3e203432363839.roa
File: 3138352e37352e3231322e302f32322d3232203d3e203432363839.roa (raw, json)
Hash identifier: QOtXomL2I3P2MCDU7fahCD6ORwh3YxpfjDG9yH/XhpM=
Subject key identifier: 10:36:1D:89:C6:08:22:D3:3C:90:99:A5:61:66:22:2B:67:19:B9:AB
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 0DFFA069067D879BBCA67437526218906F3C215D
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3138352e37352e3231322e302f32322d3232203d3e203432363839.roa
Signing time: Tue 19 Mar 2024 10:26:45 +0000
ROA not before: Tue 19 Mar 2024 10:21:45 +0000
ROA not after: Tue 18 Mar 2025 10:26:45 +0000
asID: 42689
IP address blocks: 185.75.212.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:ff:a0:69:06:7d:87:9b:bc:a6:74:37:52:62:18:90:6f:3c:21:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Mar 19 10:21:45 2024 GMT
Not After : Mar 18 10:26:45 2025 GMT
Subject: CN=10361D89C60822D33C9099A56166222B6719B9AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:eb:4e:a5:f5:95:6e:87:d7:43:23:b5:2d:12:
14:f6:87:a4:4a:c0:cc:57:5c:4f:03:a2:bd:7b:6a:
e1:86:3b:48:82:b7:7b:04:0e:9f:aa:bf:f7:73:90:
3f:b5:9a:8e:63:8b:9c:73:f3:6c:21:1b:bf:ff:79:
ec:99:1f:d8:84:f9:60:60:09:6a:82:cd:54:05:26:
29:78:5a:19:b6:5c:98:ed:ab:36:00:6a:25:25:d4:
4e:5f:bc:e4:e9:dd:bd:32:4a:b8:af:ee:77:ad:af:
6d:11:46:a2:da:54:da:34:b9:23:0b:d0:e1:df:d0:
2a:ef:f6:c5:3f:82:e5:43:fd:60:90:ea:30:ee:4c:
1c:25:d0:4c:2b:1f:c3:b2:0c:dd:4f:19:5b:d6:a7:
0a:0a:6c:a9:0b:62:11:31:ee:4c:a2:f1:07:3e:eb:
ed:00:cd:a5:fd:cc:ef:25:3a:5b:53:32:a5:3b:cd:
73:43:ad:dc:3a:ee:0e:8b:be:ef:bc:aa:af:49:15:
0e:ab:7c:b0:96:91:f6:38:8f:77:cf:64:3d:6b:f4:
6a:7a:b5:2d:3c:25:7b:eb:9d:5a:1f:64:a3:df:7c:
e8:65:fa:cd:f6:47:fe:e2:ab:2c:85:06:41:68:8d:
67:92:de:6a:b8:86:c3:09:39:26:b1:21:e3:94:94:
b0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:36:1D:89:C6:08:22:D3:3C:90:99:A5:61:66:22:2B:67:19:B9:AB
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3138352e37352e3231322e302f32322d3232203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.212.0/22
Signature Algorithm: sha256WithRSAEncryption
25:51:fb:74:2c:a7:69:de:26:22:2c:d4:db:82:3c:71:ad:2d:
90:b8:f2:64:67:b1:ff:a4:27:71:f9:e3:7d:5e:56:b7:e4:c5:
7b:53:5f:de:8b:04:88:70:a4:f4:06:27:97:5b:6c:35:64:9c:
e6:67:dc:aa:3e:d6:d8:48:48:d9:6e:41:08:50:45:82:5f:0b:
70:a4:ce:fe:3c:0b:66:40:0e:2f:ab:08:8a:65:02:39:2a:8e:
a7:cd:00:b2:20:12:62:39:58:90:60:73:2a:dd:01:ee:58:ac:
2c:bd:a0:b5:e5:46:50:52:9b:2a:ae:88:8d:5b:bc:f5:cc:74:
23:8e:ad:50:6c:12:01:d6:aa:46:77:06:09:32:54:d5:c6:52:
eb:82:8e:6a:f2:a1:c1:40:a1:67:85:f7:56:de:10:db:70:30:
2c:e2:b1:45:ec:a5:83:1b:dc:80:2c:b7:77:3d:f9:6c:5f:90:
c0:35:56:b8:c5:1e:18:86:8c:41:f2:36:6c:78:25:40:8a:93:
85:b5:0f:76:49:fe:72:24:05:57:81:c0:47:d1:e2:d6:09:20:
16:8e:e1:33:25:05:c7:aa:26:43:64:72:77:9f:86:60:e0:8c:
ba:69:de:b7:b1:8e:d1:d6:1b:29:bf:3c:73:f0:a4:c7:bd:64:
ff:12:9b:67
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDf+gaQZ9h5u8pnQ3UmIYkG88IV0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDAzMTkxMDIxNDVaFw0yNTAzMTgxMDI2NDVaMDMxMTAvBgNV
BAMTKDEwMzYxRDg5QzYwODIyRDMzQzkwOTlBNTYxNjYyMjJCNjcxOUI5QUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDg606l9ZVuh9dDI7UtEhT2h6RK
wMxXXE8Dor17auGGO0iCt3sEDp+qv/dzkD+1mo5ji5xz82whG7//eeyZH9iE+WBg
CWqCzVQFJil4Whm2XJjtqzYAaiUl1E5fvOTp3b0ySriv7netr20RRqLaVNo0uSML
0OHf0Crv9sU/guVD/WCQ6jDuTBwl0EwrH8OyDN1PGVvWpwoKbKkLYhEx7kyi8Qc+
6+0AzaX9zO8lOltTMqU7zXNDrdw67g6Lvu+8qq9JFQ6rfLCWkfY4j3fPZD1r9Gp6
tS08JXvrnVofZKPffOhl+s32R/7iqyyFBkFojWeS3mq4hsMJOSaxIeOUlLCfAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUEDYdicYIItM8kJmlYWYiK2cZuaswHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzODM1MmUzNzM1MmUzMjMx
MzIyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
uUvUMA0GCSqGSIb3DQEBCwUAA4IBAQAlUft0LKdp3iYiLNTbgjxxrS2QuPJkZ7H/
pCdx+eN9Xla35MV7U1/eiwSIcKT0BieXW2w1ZJzmZ9yqPtbYSEjZbkEIUEWCXwtw
pM7+PAtmQA4vqwiKZQI5Ko6nzQCyIBJiOViQYHMq3QHuWKwsvaC15UZQUpsqroiN
W7z1zHQjjq1QbBIB1qpGdwYJMlTVxlLrgo5q8qHBQKFnhfdW3hDbcDAs4rFF7KWD
G9yALLd3PflsX5DANVa4xR4YhoxB8jZseCVAipOFtQ92Sf5yJAVXgcBH0eLWCSAW
juEzJQXHqiZDZHJ3n4Zg4Iy6ad63sY7R1hspvzxz8KTHvWT/Eptn
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org