Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3135382e302f32332d3233203d3e203432363839.roa
File: 33372e3230332e3135382e302f32332d3233203d3e203432363839.roa (raw, json)
Hash identifier: ETJNMWZg/wjOizy+HQ8jOM5m9JtEeoRJSHI7gbC22js=
Subject key identifier: CC:A8:3F:96:0C:4B:0E:4D:36:77:75:FD:DE:94:DC:0E:22:41:67:54
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 5D33C6BFCBC7A1D2392C14075EBC536E344A455A
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3135382e302f32332d3233203d3e203432363839.roa
Signing time: Thu 08 Aug 2024 10:17:42 +0000
ROA not before: Thu 08 Aug 2024 10:12:42 +0000
ROA not after: Thu 07 Aug 2025 10:17:42 +0000
asID: 42689
IP address blocks: 37.203.158.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:33:c6:bf:cb:c7:a1:d2:39:2c:14:07:5e:bc:53:6e:34:4a:45:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Aug 8 10:12:42 2024 GMT
Not After : Aug 7 10:17:42 2025 GMT
Subject: CN=CCA83F960C4B0E4D367775FDDE94DC0E22416754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:db:5f:62:3b:48:45:9d:83:ca:73:2a:5a:e7:
01:3a:5a:3b:8f:30:20:dc:f7:f6:32:ec:c0:68:a7:
6a:85:dd:32:db:0a:47:1f:0f:1b:5f:b6:46:1e:f6:
64:8c:9a:e1:89:2b:1a:d9:7c:19:e2:1f:51:6b:5b:
60:14:64:c7:9c:f2:1c:0a:56:8e:d5:7a:05:6c:28:
a8:c7:f5:f3:f0:ad:f9:9d:33:ce:c1:40:80:55:0c:
f7:f9:50:15:de:bf:f0:ed:db:fc:b5:0f:27:3c:3a:
b3:4d:d9:eb:b8:c6:b2:45:5b:74:18:d7:b6:e0:bd:
40:a0:d1:45:ec:70:91:e8:b8:c1:32:dc:93:f7:29:
73:6d:85:9d:d9:0a:4f:21:30:c9:71:77:ea:34:0c:
0f:8d:fe:3f:2a:cb:27:82:52:c7:5b:2e:8c:a0:48:
52:72:56:4d:c9:9f:90:19:71:8a:cf:39:28:3d:95:
e5:62:9f:ec:6a:20:d5:73:12:ac:44:bb:99:a4:ba:
22:44:f7:d9:cf:3d:bc:df:8d:98:03:c9:e4:7a:c4:
a9:f4:c0:61:f5:2f:a6:60:7a:fb:13:eb:77:e5:0c:
df:6e:8a:26:bb:09:a9:c4:76:53:78:c9:48:07:3d:
1f:d8:dd:fb:50:c4:a8:e7:01:6b:23:8f:4e:9a:b9:
cd:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:A8:3F:96:0C:4B:0E:4D:36:77:75:FD:DE:94:DC:0E:22:41:67:54
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3135382e302f32332d3233203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.158.0/23
Signature Algorithm: sha256WithRSAEncryption
23:9c:9a:0f:0b:6c:a0:90:2f:95:9c:6d:e7:67:87:f1:65:22:
3d:67:19:8d:74:19:13:90:7c:36:94:4d:c0:aa:e1:cf:a1:09:
bf:26:84:58:f9:79:3e:1a:2c:cf:75:95:91:a2:86:d7:cd:a2:
d4:6f:a5:bd:10:08:88:a2:e1:36:50:69:4e:bb:cf:b1:7e:c8:
8f:d9:54:7b:90:86:b8:8d:73:b2:06:60:4b:4f:26:d4:4b:86:
ab:34:53:05:28:4a:54:85:7d:13:f5:66:b5:93:60:57:0b:9d:
89:b7:8a:76:0d:d0:5f:85:96:eb:7a:0b:f4:1b:29:a1:f6:2d:
7b:3d:68:4d:30:14:9e:59:80:03:37:34:94:f7:82:4b:d9:0a:
04:d2:a3:20:fa:30:13:13:a4:7c:85:09:23:66:f7:0d:58:34:
5c:af:c3:12:46:0d:62:09:03:3a:67:86:d9:26:fc:86:d1:5a:
58:7e:2c:bd:6f:32:fb:19:2b:f5:1b:56:02:4d:0a:7d:ed:95:
db:65:b9:37:a8:9b:20:24:f2:ba:4c:1a:9d:bb:5f:5e:e9:fd:
06:f5:01:75:a4:f2:ea:c2:d8:5c:66:ff:e4:9d:96:75:91:d8:
5f:1e:b1:b0:8e:57:52:de:48:6e:1f:8e:fd:ab:87:45:4e:98:
28:c6:ca:6a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXTPGv8vHodI5LBQHXrxTbjRKRVowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDA4MDgxMDEyNDJaFw0yNTA4MDcxMDE3NDJaMDMxMTAvBgNV
BAMTKENDQTgzRjk2MEM0QjBFNEQzNjc3NzVGRERFOTREQzBFMjI0MTY3NTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDs219iO0hFnYPKcypa5wE6WjuP
MCDc9/Yy7MBop2qF3TLbCkcfDxtftkYe9mSMmuGJKxrZfBniH1FrW2AUZMec8hwK
Vo7VegVsKKjH9fPwrfmdM87BQIBVDPf5UBXev/Dt2/y1Dyc8OrNN2eu4xrJFW3QY
17bgvUCg0UXscJHouMEy3JP3KXNthZ3ZCk8hMMlxd+o0DA+N/j8qyyeCUsdbLoyg
SFJyVk3Jn5AZcYrPOSg9leVin+xqINVzEqxEu5mkuiJE99nPPbzfjZgDyeR6xKn0
wGH1L6ZgevsT63flDN9uiia7CanEdlN4yUgHPR/Y3ftQxKjnAWsjj06auc35AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUzKg/lgxLDk02d3X93pTcDiJBZ1QwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzMzNzJlMzIzMDMzMmUzMTM1
MzgyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
JcueMA0GCSqGSIb3DQEBCwUAA4IBAQAjnJoPC2ygkC+VnG3nZ4fxZSI9ZxmNdBkT
kHw2lE3AquHPoQm/JoRY+Xk+GizPdZWRoobXzaLUb6W9EAiIouE2UGlOu8+xfsiP
2VR7kIa4jXOyBmBLTybUS4arNFMFKEpUhX0T9Wa1k2BXC52Jt4p2DdBfhZbregv0
Gymh9i17PWhNMBSeWYADNzSU94JL2QoE0qMg+jATE6R8hQkjZvcNWDRcr8MSRg1i
CQM6Z4bZJvyG0VpYfiy9bzL7GSv1G1YCTQp97ZXbZbk3qJsgJPK6TBqdu19e6f0G
9QF1pPLqwthcZv/knZZ1kdhfHrGwjldS3khuH479q4dFTpgoxspq
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org