Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3139352e3131342e3130322e302f32332d3233203d3e203432363839.roa
File: 3139352e3131342e3130322e302f32332d3233203d3e203432363839.roa (raw, json)
Hash identifier: 8X2WHS7iSEPK9s1I0blaFqV6h3Ya08xB+oaYhepwzaY=
Subject key identifier: B3:D6:30:A4:09:A8:6B:05:FA:32:6D:74:E2:BD:11:B8:83:94:74:DA
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 498A35860F217D19F9381785DF73E628821E3150
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3139352e3131342e3130322e302f32332d3233203d3e203432363839.roa
Signing time: Tue 19 Mar 2024 10:26:59 +0000
ROA not before: Tue 19 Mar 2024 10:21:59 +0000
ROA not after: Tue 18 Mar 2025 10:26:59 +0000
asID: 42689
IP address blocks: 195.114.102.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:8a:35:86:0f:21:7d:19:f9:38:17:85:df:73:e6:28:82:1e:31:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Mar 19 10:21:59 2024 GMT
Not After : Mar 18 10:26:59 2025 GMT
Subject: CN=B3D630A409A86B05FA326D74E2BD11B8839474DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:24:0c:82:e3:80:c3:23:86:f6:20:d7:14:83:
4c:de:f4:4e:cb:06:16:69:c3:20:c1:55:98:d1:76:
52:19:df:93:3e:50:ee:7e:0b:bd:58:ea:d7:de:6d:
c1:ae:7e:a7:bd:1a:e6:24:4e:9f:d1:34:fa:2d:dd:
aa:08:f7:4d:75:98:71:14:14:92:d7:3e:70:7f:f0:
90:37:9c:c6:dc:62:de:64:d0:be:82:58:73:93:49:
cc:42:3b:08:07:95:17:5a:41:5d:4f:27:af:f2:62:
47:ae:00:de:fa:d4:ef:21:71:e0:da:dd:75:c2:89:
75:56:94:f9:f6:c2:0a:fe:73:77:4e:a7:81:8a:de:
91:c0:53:53:84:ad:ba:71:93:d8:0f:e0:6c:f3:2b:
d3:92:2e:8a:de:5c:61:f9:3d:64:0e:d8:8f:d3:2c:
fe:79:07:36:ad:da:be:14:e5:ed:7f:8d:17:4e:9b:
a8:10:27:94:8a:0c:a8:4f:77:96:a4:77:fd:aa:38:
79:1c:c2:d9:85:c6:a0:ea:f0:7e:c4:92:0b:58:1d:
f6:f5:ee:19:dc:82:28:1e:f7:dd:ff:62:77:e7:d0:
d8:10:24:a2:9f:7a:62:f2:8a:4c:38:af:94:70:cb:
ab:19:c7:a9:fb:32:8b:2e:b5:63:01:64:af:93:b5:
98:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:D6:30:A4:09:A8:6B:05:FA:32:6D:74:E2:BD:11:B8:83:94:74:DA
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3139352e3131342e3130322e302f32332d3233203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.102.0/23
Signature Algorithm: sha256WithRSAEncryption
33:71:0b:6d:4e:55:ff:13:fd:91:42:c8:04:2f:b6:a7:b7:0e:
3d:8f:3b:6e:3f:60:28:e3:5d:9b:21:c7:2d:2f:49:af:d3:98:
e5:08:7b:52:b7:f7:45:4d:cb:b8:4e:d0:27:22:94:c5:cc:d0:
04:ba:10:9c:83:d0:56:48:1b:50:97:9d:38:26:ad:18:b5:38:
e7:b1:e9:4f:8d:b9:06:6a:89:ad:35:e7:21:9e:a5:c9:87:81:
93:58:8f:0a:2e:37:bf:55:23:b0:21:23:80:c2:45:97:e4:90:
c2:63:bc:f9:02:d2:73:e0:1d:06:0e:64:63:4d:02:93:4c:f3:
43:3f:2c:a9:51:ff:19:e4:f5:be:20:46:50:97:4d:72:c9:c0:
eb:12:8d:e1:47:78:d7:5a:24:1c:2d:07:8d:94:82:49:b6:f2:
3e:50:40:f5:d8:23:96:ce:b5:d9:44:dd:41:ac:53:28:f8:b9:
91:6c:68:c5:dc:80:db:d2:68:97:9a:43:23:46:86:d8:4e:da:
4b:ff:31:bb:a4:ac:1a:9d:2d:f1:e4:cb:08:02:7c:f3:f6:2d:
67:c2:03:09:74:f1:59:41:0b:2b:19:a5:9d:97:c7:9f:25:b6:
52:8e:97:ab:6d:a5:aa:4d:60:c1:f7:0c:5d:54:f1:db:ce:8c:
a9:16:7c:b5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSYo1hg8hfRn5OBeF33PmKIIeMVAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDAzMTkxMDIxNTlaFw0yNTAzMTgxMDI2NTlaMDMxMTAvBgNV
BAMTKEIzRDYzMEE0MDlBODZCMDVGQTMyNkQ3NEUyQkQxMUI4ODM5NDc0REEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuJAyC44DDI4b2INcUg0ze9E7L
BhZpwyDBVZjRdlIZ35M+UO5+C71Y6tfebcGufqe9GuYkTp/RNPot3aoI9011mHEU
FJLXPnB/8JA3nMbcYt5k0L6CWHOTScxCOwgHlRdaQV1PJ6/yYkeuAN761O8hceDa
3XXCiXVWlPn2wgr+c3dOp4GK3pHAU1OErbpxk9gP4GzzK9OSLoreXGH5PWQO2I/T
LP55Bzat2r4U5e1/jRdOm6gQJ5SKDKhPd5akd/2qOHkcwtmFxqDq8H7EkgtYHfb1
7hncgige993/Ynfn0NgQJKKfemLyikw4r5Rwy6sZx6n7MosutWMBZK+TtZhnAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUs9YwpAmoawX6Mm104r0RuIOUdNowHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzOTM1MmUzMTMxMzQyZTMx
MzAzMjJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAHDcmYwDQYJKoZIhvcNAQELBQADggEBADNxC21OVf8T/ZFCyAQvtqe3Dj2PO24/
YCjjXZshxy0vSa/TmOUIe1K390VNy7hO0CcilMXM0AS6EJyD0FZIG1CXnTgmrRi1
OOex6U+NuQZqia015yGepcmHgZNYjwouN79VI7AhI4DCRZfkkMJjvPkC0nPgHQYO
ZGNNApNM80M/LKlR/xnk9b4gRlCXTXLJwOsSjeFHeNdaJBwtB42Ugkm28j5QQPXY
I5bOtdlE3UGsUyj4uZFsaMXcgNvSaJeaQyNGhthO2kv/MbukrBqdLfHkywgCfPP2
LWfCAwl08VlBCysZpZ2Xx58ltlKOl6ttpapNYMH3DF1U8dvOjKkWfLU=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org