Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3135322e302f32322d3232203d3e203432363839.roa
File: 33372e3230332e3135322e302f32322d3232203d3e203432363839.roa (raw, json)
Hash identifier: NXW7WCCIDMKmqVD1JW+2D2p4ujif4XPeYs5paTE5Ex8=
Subject key identifier: 78:55:20:7E:4E:F5:52:D4:0E:87:D1:CA:4A:E0:E4:78:41:C1:73:C5
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 5D1DEC051EA907FC0EB1877296A87AD7361467ED
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3135322e302f32322d3232203d3e203432363839.roa
Signing time: Thu 08 Aug 2024 10:16:59 +0000
ROA not before: Thu 08 Aug 2024 10:11:59 +0000
ROA not after: Thu 07 Aug 2025 10:16:59 +0000
asID: 42689
IP address blocks: 37.203.152.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:1d:ec:05:1e:a9:07:fc:0e:b1:87:72:96:a8:7a:d7:36:14:67:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Aug 8 10:11:59 2024 GMT
Not After : Aug 7 10:16:59 2025 GMT
Subject: CN=7855207E4EF552D40E87D1CA4AE0E47841C173C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:cb:e0:cf:40:f6:0e:6c:f4:b4:ae:e8:32:7a:
fe:77:91:51:cc:f9:7e:7a:81:6b:1c:96:cd:62:a5:
6c:c8:e0:9a:7e:3e:5a:62:bf:22:99:53:be:02:cd:
c9:48:11:c4:a8:7b:90:8a:bb:cd:48:89:94:cd:a4:
6d:38:da:73:3f:0b:fd:48:4c:d8:da:0e:69:52:1d:
e6:e2:8e:5f:3c:0c:e4:3e:a4:b4:de:16:fd:46:e0:
ed:75:5f:9c:d3:24:32:03:02:da:25:73:7c:a5:62:
54:27:73:c9:56:e9:7b:2e:e6:cd:cb:d2:9a:2b:a9:
49:99:99:25:89:33:be:33:d9:63:f9:c6:83:31:8b:
24:71:b7:58:c5:cf:01:5b:7c:f7:13:af:91:3f:ce:
66:77:b3:f3:3b:01:b1:ef:56:f7:ce:78:6f:94:71:
d6:5d:88:c3:70:37:94:a5:5c:a8:11:7e:72:fc:c3:
2b:66:5c:44:51:1f:34:c0:a5:91:4f:87:8d:03:0e:
93:d3:b7:26:61:c5:72:38:18:bf:12:58:dd:89:69:
1f:f6:9b:62:8d:87:ac:a4:2d:4f:c6:9a:07:23:68:
5a:17:6b:98:e9:8d:4c:bb:ae:f5:49:96:d7:aa:26:
13:01:1c:f1:85:63:86:00:2d:c7:d1:55:0f:43:07:
a9:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:55:20:7E:4E:F5:52:D4:0E:87:D1:CA:4A:E0:E4:78:41:C1:73:C5
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3135322e302f32322d3232203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.152.0/22
Signature Algorithm: sha256WithRSAEncryption
75:56:7b:1f:91:9a:db:fe:e9:2e:64:58:0e:87:4d:5c:cf:7e:
ad:a6:77:48:dd:d9:00:7f:f3:87:6e:8b:d5:09:78:ed:41:02:
40:ff:a1:f1:54:a5:cb:b6:93:37:7b:6b:bc:7f:69:90:c7:0a:
c0:ba:16:c4:4b:c3:69:b2:e5:3a:2d:57:6b:51:b4:f9:2e:de:
b8:e2:dc:16:bf:4c:21:08:63:87:0b:3d:e6:af:16:4a:c7:9b:
13:a7:1b:d3:78:75:be:42:8d:c2:71:9e:6b:a1:66:db:e9:0e:
bf:2c:70:4b:70:a7:8f:77:49:73:a5:b8:81:ba:f6:3a:18:0b:
98:c0:4c:50:33:fe:2b:f4:2a:91:29:93:55:a1:b6:86:83:34:
e2:49:d7:ef:de:d8:11:c3:54:8d:90:bd:ce:58:97:37:37:ad:
17:db:e4:5d:e8:6f:cf:d7:18:1e:e7:9f:39:15:13:ba:80:11:
84:fc:75:17:5d:2c:cd:b8:5e:26:da:c2:c7:f8:00:c2:1f:c0:
b2:1a:a0:f1:d2:f5:4d:9d:59:fa:bb:6c:d1:21:74:aa:d0:1a:
d5:fd:a3:b9:db:22:d1:cb:b1:84:44:85:2f:8f:ca:a1:8c:8f:
bb:79:c9:20:c4:14:1f:88:5e:18:5b:f9:b5:d5:a4:cc:5c:05:
a0:2e:9b:bd
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXR3sBR6pB/wOsYdylqh61zYUZ+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDA4MDgxMDExNTlaFw0yNTA4MDcxMDE2NTlaMDMxMTAvBgNV
BAMTKDc4NTUyMDdFNEVGNTUyRDQwRTg3RDFDQTRBRTBFNDc4NDFDMTczQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiy+DPQPYObPS0rugyev53kVHM
+X56gWscls1ipWzI4Jp+PlpivyKZU74CzclIEcSoe5CKu81IiZTNpG042nM/C/1I
TNjaDmlSHebijl88DOQ+pLTeFv1G4O11X5zTJDIDAtolc3ylYlQnc8lW6Xsu5s3L
0porqUmZmSWJM74z2WP5xoMxiyRxt1jFzwFbfPcTr5E/zmZ3s/M7AbHvVvfOeG+U
cdZdiMNwN5SlXKgRfnL8wytmXERRHzTApZFPh40DDpPTtyZhxXI4GL8SWN2JaR/2
m2KNh6ykLU/GmgcjaFoXa5jpjUy7rvVJlteqJhMBHPGFY4YALcfRVQ9DB6nvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUeFUgfk71UtQOh9HKSuDkeEHBc8UwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzMzNzJlMzIzMDMzMmUzMTM1
MzIyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
JcuYMA0GCSqGSIb3DQEBCwUAA4IBAQB1VnsfkZrb/ukuZFgOh01cz36tpndI3dkA
f/OHbovVCXjtQQJA/6HxVKXLtpM3e2u8f2mQxwrAuhbES8NpsuU6LVdrUbT5Lt64
4twWv0whCGOHCz3mrxZKx5sTpxvTeHW+Qo3CcZ5roWbb6Q6/LHBLcKePd0lzpbiB
uvY6GAuYwExQM/4r9CqRKZNVobaGgzTiSdfv3tgRw1SNkL3OWJc3N60X2+Rd6G/P
1xge5585FRO6gBGE/HUXXSzNuF4m2sLH+ADCH8CyGqDx0vVNnVn6u2zRIXSq0BrV
/aO52yLRy7GERIUvj8qhjI+7eckgxBQfiF4YW/m11aTMXAWgLpu9
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org