Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3139352e3139312e3130362e302f32332d3233203d3e203432363839.roa
File: 3139352e3139312e3130362e302f32332d3233203d3e203432363839.roa (raw, json)
Hash identifier: pdbcVNbAzySOYsFC0K/gVYJAus3tiJeFzLpEnjzMeOE=
Subject key identifier: 48:8C:A4:FD:81:8F:0D:7C:C9:18:5E:BF:54:6D:CE:55:0D:0E:AA:CF
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 5E1BC6C7D38F1EA7A8D4A6F580B26917FF95D8D2
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3139352e3139312e3130362e302f32332d3233203d3e203432363839.roa
Signing time: Tue 19 Mar 2024 10:11:25 +0000
ROA not before: Tue 19 Mar 2024 10:06:25 +0000
ROA not after: Tue 18 Mar 2025 10:11:25 +0000
asID: 42689
IP address blocks: 195.191.106.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 17:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:1b:c6:c7:d3:8f:1e:a7:a8:d4:a6:f5:80:b2:69:17:ff:95:d8:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Mar 19 10:06:25 2024 GMT
Not After : Mar 18 10:11:25 2025 GMT
Subject: CN=488CA4FD818F0D7CC9185EBF546DCE550D0EAACF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4e:9d:fa:6f:d5:4c:34:e4:1b:4b:f0:cd:22:
70:81:2e:0d:f8:0b:f1:df:7c:12:b5:88:60:fc:a2:
b9:31:e8:d9:f9:b1:50:ce:c4:9b:40:4b:a8:d9:18:
e5:73:d5:48:f1:f9:4e:18:ce:ee:3e:79:b0:45:96:
c7:21:72:6f:c4:4b:ea:96:92:14:65:cf:d8:ec:ef:
db:53:48:05:b5:4c:78:be:48:c4:f3:a6:0b:19:fc:
18:1a:0e:33:91:cd:54:52:16:f1:63:87:32:39:1b:
81:44:6c:ac:99:5b:c9:1d:b6:cb:1b:70:38:73:92:
cb:42:d4:1c:45:fd:1b:3d:78:f6:6a:23:62:8a:4d:
2b:c2:36:a7:12:2a:a6:c3:60:1d:3d:0d:28:2d:63:
eb:a4:c4:22:e0:96:bf:28:f1:0a:17:9b:93:d6:88:
cb:68:b0:3c:fe:26:03:da:d6:24:9b:25:30:01:02:
08:b0:9c:66:fe:35:ad:2e:fd:13:c3:2a:17:b8:ed:
ec:30:d3:4f:70:77:31:4b:d8:aa:0b:63:98:ad:5f:
20:b9:dc:09:b6:66:f8:ba:b7:52:8f:ff:91:2f:e5:
e7:52:44:aa:b4:80:1b:ec:30:33:35:40:11:30:ef:
d7:73:1f:64:bf:ad:2e:b9:9e:3e:13:dc:82:44:d5:
24:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:8C:A4:FD:81:8F:0D:7C:C9:18:5E:BF:54:6D:CE:55:0D:0E:AA:CF
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3139352e3139312e3130362e302f32332d3233203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.106.0/23
Signature Algorithm: sha256WithRSAEncryption
49:d5:89:c0:53:74:ca:2a:f6:9d:62:4e:23:da:dd:69:2c:9e:
13:65:ac:20:bc:14:d6:d6:a9:17:2b:7d:4c:8b:ca:d3:eb:93:
c4:f8:f1:16:37:64:af:86:de:4c:4b:9a:8c:d9:20:59:72:4a:
6b:a7:75:15:17:a2:89:cf:a2:43:b6:47:c1:5e:19:1b:36:45:
20:d7:3f:23:52:51:0c:48:04:b9:cc:ef:1f:74:60:2c:a2:bc:
76:61:3d:bb:95:58:10:a2:41:0d:ec:b4:07:cd:22:5e:a7:7d:
b0:bc:b4:b2:cc:df:2a:ff:4c:65:dc:25:92:09:66:66:64:d3:
ed:d7:f8:d8:a0:31:c4:3c:8d:6b:ac:74:20:82:4d:91:a0:5d:
da:53:c9:13:9f:dd:63:ac:f6:fa:75:62:bb:fa:01:3d:5f:70:
d7:7e:60:8e:8d:1f:7a:27:bb:fb:22:ee:df:af:46:09:a1:dd:
92:e3:22:a1:96:fc:9e:7e:79:71:8f:dd:2c:9d:ee:bc:66:62:
77:e4:6a:85:43:53:fb:b9:f8:35:17:3c:41:d1:90:c9:0f:9b:
0e:89:96:d5:66:f3:11:93:a0:46:b6:9a:81:b7:81:7f:1f:51:
e9:d2:30:6d:9e:15:ca:d6:3d:7e:4d:3e:8e:9f:e6:bd:37:40:
4e:89:e6:f1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXhvGx9OPHqeo1Kb1gLJpF/+V2NIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDAzMTkxMDA2MjVaFw0yNTAzMTgxMDExMjVaMDMxMTAvBgNV
BAMTKDQ4OENBNEZEODE4RjBEN0NDOTE4NUVCRjU0NkRDRTU1MEQwRUFBQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCTp36b9VMNOQbS/DNInCBLg34
C/HffBK1iGD8orkx6Nn5sVDOxJtAS6jZGOVz1Ujx+U4Yzu4+ebBFlschcm/ES+qW
khRlz9js79tTSAW1THi+SMTzpgsZ/BgaDjORzVRSFvFjhzI5G4FEbKyZW8kdtssb
cDhzkstC1BxF/Rs9ePZqI2KKTSvCNqcSKqbDYB09DSgtY+ukxCLglr8o8QoXm5PW
iMtosDz+JgPa1iSbJTABAgiwnGb+Na0u/RPDKhe47eww009wdzFL2KoLY5itXyC5
3Am2Zvi6t1KP/5Ev5edSRKq0gBvsMDM1QBEw79dzH2S/rS65nj4T3IJE1SQ1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUSIyk/YGPDXzJGF6/VG3OVQ0Oqs8wHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzOTM1MmUzMTM5MzEyZTMx
MzAzNjJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAHDv2owDQYJKoZIhvcNAQELBQADggEBAEnVicBTdMoq9p1iTiPa3WksnhNlrCC8
FNbWqRcrfUyLytPrk8T48RY3ZK+G3kxLmozZIFlySmundRUXoonPokO2R8FeGRs2
RSDXPyNSUQxIBLnM7x90YCyivHZhPbuVWBCiQQ3stAfNIl6nfbC8tLLM3yr/TGXc
JZIJZmZk0+3X+NigMcQ8jWusdCCCTZGgXdpTyROf3WOs9vp1Yrv6AT1fcNd+YI6N
H3onu/si7t+vRgmh3ZLjIqGW/J5+eXGP3Syd7rxmYnfkaoVDU/u5+DUXPEHRkMkP
mw6JltVm8xGToEa2moG3gX8fUenSMG2eFcrWPX5NPo6f5r03QE6J5vE=
-----END CERTIFICATE-----
Generated at Thu Jun 27 01:53:42 2024 by rpki-client on console-fra.rpki-client.org