Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3132382e302f32302d3230203d3e203432363839.roa
File: 33372e3230332e3132382e302f32302d3230203d3e203432363839.roa (raw, json)
Hash identifier: AaTX8Uj3QQ4UFBoeES+GI50laihAA0np8IdwV+3ENoo=
Subject key identifier: B9:74:89:CA:A6:75:66:55:7C:3B:A5:AA:CB:6F:67:A8:63:F8:BE:67
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 7CE1237CDC3AA76F8F678ECEE70C0B68D1E00F5D
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3132382e302f32302d3230203d3e203432363839.roa
Signing time: Thu 08 Aug 2024 10:16:10 +0000
ROA not before: Thu 08 Aug 2024 10:11:10 +0000
ROA not after: Thu 07 Aug 2025 10:16:10 +0000
asID: 42689
IP address blocks: 37.203.128.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:e1:23:7c:dc:3a:a7:6f:8f:67:8e:ce:e7:0c:0b:68:d1:e0:0f:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Aug 8 10:11:10 2024 GMT
Not After : Aug 7 10:16:10 2025 GMT
Subject: CN=B97489CAA67566557C3BA5AACB6F67A863F8BE67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:24:04:c6:e0:c7:ef:a9:be:3a:79:4c:91:90:
cc:68:6c:8f:24:f7:40:2f:55:8d:d1:f1:9e:3f:6c:
e2:83:05:e3:8c:67:29:73:02:ef:17:50:51:20:79:
29:df:0d:46:d4:f4:b4:cd:44:3d:7d:ff:93:1c:9c:
23:40:17:c5:44:09:17:e3:72:dc:8f:60:6e:d0:00:
d2:49:60:86:67:94:ed:77:0b:7c:e9:2e:a2:79:77:
8d:d9:78:37:43:5c:65:00:6e:54:72:53:1c:4e:b0:
0a:0e:cf:8d:cc:b8:0d:5e:61:f7:d9:36:ec:71:f5:
0f:16:25:a9:7c:4f:40:bf:bf:94:52:39:15:df:e8:
89:59:2c:d4:21:44:cb:b5:5c:76:7b:ae:ed:90:3c:
dc:60:02:c7:83:47:56:07:c9:cb:5f:38:97:39:e3:
ca:85:87:11:d0:76:06:61:88:97:67:e2:77:0c:12:
3d:24:6d:3e:af:40:ff:7a:a5:90:97:e2:44:cf:bd:
3b:78:a8:54:6f:ac:73:ff:ae:f4:e3:da:d3:4c:10:
02:12:2d:0d:2c:0d:2a:ec:db:08:73:ab:7a:70:63:
78:ec:5b:09:fb:91:27:ae:15:a1:00:b5:61:eb:2a:
6d:ef:82:4d:b1:dc:89:c7:52:40:be:4e:37:37:a8:
da:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:74:89:CA:A6:75:66:55:7C:3B:A5:AA:CB:6F:67:A8:63:F8:BE:67
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3132382e302f32302d3230203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.128.0/20
Signature Algorithm: sha256WithRSAEncryption
15:48:5d:d8:09:ea:78:f7:41:91:85:7a:b1:53:6e:61:b9:ce:
0b:ed:39:a2:e1:5f:f4:ff:54:bf:05:fb:82:a9:4e:3e:a4:c7:
99:46:ac:dc:be:06:14:4e:48:46:41:ba:16:f0:a9:c2:b3:b8:
4d:ca:4d:f0:00:79:c8:57:2d:91:6e:9d:20:41:fd:d0:b8:2a:
fb:cf:39:6f:a0:6b:56:02:f3:08:c0:bc:e0:b5:1c:59:a7:d1:
01:0e:1f:f7:4f:0b:3d:a4:fd:bf:5b:43:b3:ff:c7:c0:12:bc:
aa:bc:30:a3:c1:c2:d9:fe:cb:dd:d1:dc:6f:6d:df:77:f7:40:
23:0a:02:d9:30:58:3f:85:5b:a2:7b:58:10:7e:6b:60:bd:40:
2b:89:e6:72:72:6a:ee:ce:60:7b:ee:de:b4:c1:c9:0a:5c:50:
08:12:6e:c9:82:a8:3d:cb:bf:4c:bb:a8:27:6d:b5:49:dd:2e:
92:39:aa:f1:a7:ef:cc:71:12:92:87:d6:aa:da:32:54:8c:c0:
2a:31:b0:43:af:ca:03:f1:07:32:8a:6d:04:6e:bc:f7:a2:ab:
4b:22:93:fa:74:21:c7:b2:1b:2c:99:84:0d:61:2b:c0:a8:f3:
95:fb:59:b8:03:fe:70:0a:92:0c:6a:38:b0:9b:81:5f:23:1b:
61:87:56:f4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfOEjfNw6p2+PZ47O5wwLaNHgD10wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDA4MDgxMDExMTBaFw0yNTA4MDcxMDE2MTBaMDMxMTAvBgNV
BAMTKEI5NzQ4OUNBQTY3NTY2NTU3QzNCQTVBQUNCNkY2N0E4NjNGOEJFNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQJATG4Mfvqb46eUyRkMxobI8k
90AvVY3R8Z4/bOKDBeOMZylzAu8XUFEgeSnfDUbU9LTNRD19/5McnCNAF8VECRfj
ctyPYG7QANJJYIZnlO13C3zpLqJ5d43ZeDdDXGUAblRyUxxOsAoOz43MuA1eYffZ
Nuxx9Q8WJal8T0C/v5RSORXf6IlZLNQhRMu1XHZ7ru2QPNxgAseDR1YHyctfOJc5
48qFhxHQdgZhiJdn4ncMEj0kbT6vQP96pZCX4kTPvTt4qFRvrHP/rvTj2tNMEAIS
LQ0sDSrs2whzq3pwY3jsWwn7kSeuFaEAtWHrKm3vgk2x3InHUkC+Tjc3qNpPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUuXSJyqZ1ZlV8O6Wqy29nqGP4vmcwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzMzNzJlMzIzMDMzMmUzMTMy
MzgyZTMwMmYzMjMwMmQzMjMwMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE
JcuAMA0GCSqGSIb3DQEBCwUAA4IBAQAVSF3YCep490GRhXqxU25huc4L7Tmi4V/0
/1S/BfuCqU4+pMeZRqzcvgYUTkhGQboW8KnCs7hNyk3wAHnIVy2Rbp0gQf3QuCr7
zzlvoGtWAvMIwLzgtRxZp9EBDh/3Tws9pP2/W0Oz/8fAEryqvDCjwcLZ/svd0dxv
bd9390AjCgLZMFg/hVuie1gQfmtgvUArieZycmruzmB77t60wckKXFAIEm7Jgqg9
y79Mu6gnbbVJ3S6SOarxp+/McRKSh9aq2jJUjMAqMbBDr8oD8Qcyim0Ebrz3oqtL
IpP6dCHHshssmYQNYSvAqPOV+1m4A/5wCpIMajiwm4FfIxthh1b0
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org