Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3135362e302f32342d3234203d3e203432363839.roa
File: 33372e3230332e3135362e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: JD1xGCkuAuzeGXzfNgUwPYZg0O8RVRFyYqxJoJTnsIA=
Subject key identifier: 99:61:73:D9:FF:ED:A3:62:A4:9F:21:B3:AC:02:27:9F:67:C1:3E:86
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 06167FAB5DFB9D20EBE1733942557DAB47AA31EB
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3135362e302f32342d3234203d3e203432363839.roa
Signing time: Thu 08 Aug 2024 10:17:21 +0000
ROA not before: Thu 08 Aug 2024 10:12:21 +0000
ROA not after: Thu 07 Aug 2025 10:17:21 +0000
asID: 42689
IP address blocks: 37.203.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:16:7f:ab:5d:fb:9d:20:eb:e1:73:39:42:55:7d:ab:47:aa:31:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Aug 8 10:12:21 2024 GMT
Not After : Aug 7 10:17:21 2025 GMT
Subject: CN=996173D9FFEDA362A49F21B3AC02279F67C13E86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:df:7d:35:fe:e4:e7:d5:36:99:f3:d6:85:59:
a0:82:f1:46:41:e7:e6:ac:6c:e1:32:2d:66:24:d5:
24:6a:25:32:6f:1d:35:e8:e4:ef:98:3b:4b:2f:b3:
6a:c6:0e:85:a4:cc:ce:61:c0:dc:5f:86:7b:3d:88:
ae:19:d0:00:31:03:f0:46:a8:dc:7c:bf:f2:45:c5:
6c:9c:9c:fe:16:ae:e7:b3:ad:50:78:cd:ea:9d:1b:
a8:f6:16:64:fc:d4:85:b7:58:de:1a:3a:77:88:02:
ef:2b:85:47:70:a9:0e:2e:a9:5e:8d:ad:d2:6e:c0:
89:84:8f:a9:c7:bf:a9:0d:82:52:61:3b:89:6a:33:
e4:32:76:21:27:1c:7a:09:a6:e8:a7:54:e3:68:57:
d8:ca:37:9d:75:27:fd:65:34:c6:74:e2:c9:1a:fa:
1a:83:b9:e6:a0:3a:87:f9:88:21:f0:d3:7c:95:16:
db:49:59:78:74:45:b0:96:4e:32:ec:f5:3d:88:97:
2c:0b:a9:39:70:4f:0f:52:82:f2:af:01:47:77:70:
d1:e8:d3:43:ac:d6:01:43:64:f2:7a:11:b5:be:05:
7c:a3:ed:39:31:db:75:1f:2f:b0:b8:f7:60:8c:aa:
53:50:3e:66:dc:35:1c:fd:f0:78:03:c2:65:43:cb:
cd:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:61:73:D9:FF:ED:A3:62:A4:9F:21:B3:AC:02:27:9F:67:C1:3E:86
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3135362e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.156.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:b6:7e:b3:cf:e4:d0:86:a2:ab:42:a9:c3:99:63:a7:0f:b8:
74:77:d9:de:70:da:4e:6c:32:71:fd:66:8e:eb:10:00:f8:41:
cf:4a:88:6c:c2:23:97:8b:6b:db:73:e6:38:29:bf:7a:ff:9e:
06:71:5d:b2:15:ff:13:0b:6b:83:b3:1f:ce:39:db:6f:d5:14:
f0:a1:f5:2c:59:7e:0d:d2:a2:aa:5b:de:c0:0a:ae:99:d6:00:
19:9d:b1:78:e7:aa:b0:12:ef:6a:c8:30:85:a8:fa:92:cf:ed:
3c:34:15:d6:1b:2a:2b:11:6c:9a:56:6e:fe:23:71:db:ad:6c:
15:3c:a5:52:e3:be:d6:7f:52:a7:87:44:25:9f:82:ad:22:3b:
c2:d0:d8:9a:a4:61:66:27:62:f4:ea:0d:0d:22:09:1b:96:57:
63:57:12:e4:c6:91:cc:53:77:1c:66:e0:7f:26:80:2a:58:ae:
09:9b:0f:c9:f8:77:39:4b:47:14:93:34:ac:da:a7:e0:d5:13:
83:10:3c:6f:1a:9a:ba:29:ca:c4:f9:fe:7c:a6:fc:ef:ff:e4:
ed:30:cf:26:b8:55:34:a4:78:a0:44:60:93:94:6a:30:a9:af:
bf:08:4b:60:69:43:ca:62:41:df:82:24:9f:03:3d:18:a0:c3:
04:0a:60:f3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBhZ/q137nSDr4XM5QlV9q0eqMeswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDA4MDgxMDEyMjFaFw0yNTA4MDcxMDE3MjFaMDMxMTAvBgNV
BAMTKDk5NjE3M0Q5RkZFREEzNjJBNDlGMjFCM0FDMDIyNzlGNjdDMTNFODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC03301/uTn1TaZ89aFWaCC8UZB
5+asbOEyLWYk1SRqJTJvHTXo5O+YO0svs2rGDoWkzM5hwNxfhns9iK4Z0AAxA/BG
qNx8v/JFxWycnP4WruezrVB4zeqdG6j2FmT81IW3WN4aOneIAu8rhUdwqQ4uqV6N
rdJuwImEj6nHv6kNglJhO4lqM+QydiEnHHoJpuinVONoV9jKN511J/1lNMZ04ska
+hqDueagOof5iCHw03yVFttJWXh0RbCWTjLs9T2IlywLqTlwTw9SgvKvAUd3cNHo
00Os1gFDZPJ6EbW+BXyj7Tkx23UfL7C492CMqlNQPmbcNRz98HgDwmVDy82XAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUmWFz2f/to2KknyGzrAInn2fBPoYwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzMzNzJlMzIzMDMzMmUzMTM1
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
JcucMA0GCSqGSIb3DQEBCwUAA4IBAQA9tn6zz+TQhqKrQqnDmWOnD7h0d9necNpO
bDJx/WaO6xAA+EHPSohswiOXi2vbc+Y4Kb96/54GcV2yFf8TC2uDsx/OOdtv1RTw
ofUsWX4N0qKqW97ACq6Z1gAZnbF456qwEu9qyDCFqPqSz+08NBXWGyorEWyaVm7+
I3HbrWwVPKVS477Wf1Knh0Qln4KtIjvC0NiapGFmJ2L06g0NIgkblldjVxLkxpHM
U3ccZuB/JoAqWK4Jmw/J+Hc5S0cUkzSs2qfg1RODEDxvGpq6KcrE+f58pvzv/+Tt
MM8muFU0pHigRGCTlGowqa+/CEtgaUPKYkHfgiSfAz0YoMMECmDz
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org