Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3137362e302f32342d3234203d3e203432363839.roa
File: 33372e3230332e3137362e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: t+OU6LOZ/tm0/3slAGKy9F0eYndOVw2phBRqjgZ6US4=
Subject key identifier: C1:48:D5:7B:78:38:FF:00:34:2D:83:78:48:A4:1E:C3:18:83:5E:AD
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 4A50C3FFE42A8DE5D9918095AF1E758F8885E30A
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3137362e302f32342d3234203d3e203432363839.roa
Signing time: Thu 08 Aug 2024 10:18:42 +0000
ROA not before: Thu 08 Aug 2024 10:13:42 +0000
ROA not after: Thu 07 Aug 2025 10:18:42 +0000
asID: 42689
IP address blocks: 37.203.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:50:c3:ff:e4:2a:8d:e5:d9:91:80:95:af:1e:75:8f:88:85:e3:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Aug 8 10:13:42 2024 GMT
Not After : Aug 7 10:18:42 2025 GMT
Subject: CN=C148D57B7838FF00342D837848A41EC318835EAD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c7:55:01:6c:80:cb:22:ee:87:48:30:14:9e:
73:0a:3b:bf:99:9a:7d:69:92:a9:6e:12:13:89:80:
7c:7e:9e:7c:5f:a6:a3:18:22:1f:00:a3:6b:85:a9:
bb:2e:74:d9:3e:94:b2:96:fd:86:80:8e:9c:86:83:
cb:3b:ea:ee:54:01:6a:ac:6a:42:c6:7d:bf:6d:9c:
93:99:a7:20:f9:e8:ba:8e:94:72:1b:5a:58:9b:3a:
a4:29:ad:7a:19:f1:82:40:96:2b:71:42:3d:c0:48:
55:ce:dc:da:8f:17:17:7b:c3:20:3b:22:1a:df:d3:
75:45:85:34:2b:b5:e8:b7:68:0d:89:7c:4d:1f:4f:
c2:45:43:3d:50:b4:a7:50:ae:63:99:72:c6:46:d5:
62:3e:0d:d6:a2:38:cb:12:bf:08:3e:73:f9:ed:05:
4b:28:db:09:c0:9e:0b:39:89:28:6f:fd:7c:4d:f9:
3e:63:97:57:8a:3f:b5:f0:28:2c:ca:f1:43:09:cf:
1c:41:b2:cd:1d:48:57:3f:1d:0f:b7:73:ac:a4:d8:
3c:af:b2:c3:fe:76:96:7e:97:4c:7f:76:4c:15:2c:
b1:d8:4c:15:ef:57:37:9b:d8:9d:15:82:95:1e:41:
cb:07:20:13:8a:67:37:03:24:de:d4:69:bb:b0:04:
27:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:48:D5:7B:78:38:FF:00:34:2D:83:78:48:A4:1E:C3:18:83:5E:AD
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3137362e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.176.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:f2:8a:78:4b:9d:75:31:96:3a:4f:c4:e1:73:18:bc:25:07:
6c:da:dc:f4:ee:ca:aa:8c:32:b1:ed:3a:e9:64:b2:84:e7:aa:
1b:4a:c6:c4:f9:83:7a:ab:41:c3:4d:1e:fd:b2:aa:ac:54:02:
b7:7a:85:8b:7a:4f:67:25:55:a6:e7:47:fa:9b:d5:82:1e:64:
e4:4c:00:4d:46:30:51:43:e2:9b:72:5c:c9:de:0e:45:b7:d0:
d6:f4:ea:4f:79:04:75:2a:6d:4f:db:eb:67:4f:fc:d6:e4:5c:
73:e7:d8:2e:ff:1a:41:b8:ae:d2:47:ac:e9:a5:c2:67:5c:3a:
ae:a6:8b:83:88:c6:b2:e5:12:a2:bb:ab:7c:6e:2c:15:71:e1:
2a:0a:e3:00:0b:60:5f:4f:88:e3:68:b7:da:34:e6:7c:3b:55:
e7:90:35:d1:c0:b4:6e:4f:b3:e6:b2:17:2e:c6:24:ef:73:eb:
91:5a:d1:73:58:68:46:c3:a3:c9:9d:a7:28:0a:7d:ca:70:16:
91:10:44:12:06:21:e6:01:34:4d:c9:70:5b:30:78:cd:c9:95:
6d:47:5b:35:78:e5:1a:84:c6:a9:8d:29:4d:7c:f9:73:10:c2:
bd:dc:e3:52:d0:f0:21:2d:6a:a9:f8:dc:81:70:3c:56:55:34:
9c:8a:30:62
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSlDD/+QqjeXZkYCVrx51j4iF4wowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDA4MDgxMDEzNDJaFw0yNTA4MDcxMDE4NDJaMDMxMTAvBgNV
BAMTKEMxNDhENTdCNzgzOEZGMDAzNDJEODM3ODQ4QTQxRUMzMTg4MzVFQUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9x1UBbIDLIu6HSDAUnnMKO7+Z
mn1pkqluEhOJgHx+nnxfpqMYIh8Ao2uFqbsudNk+lLKW/YaAjpyGg8s76u5UAWqs
akLGfb9tnJOZpyD56LqOlHIbWlibOqQprXoZ8YJAlitxQj3ASFXO3NqPFxd7wyA7
Ihrf03VFhTQrtei3aA2JfE0fT8JFQz1QtKdQrmOZcsZG1WI+DdaiOMsSvwg+c/nt
BUso2wnAngs5iShv/XxN+T5jl1eKP7XwKCzK8UMJzxxBss0dSFc/HQ+3c6yk2Dyv
ssP+dpZ+l0x/dkwVLLHYTBXvVzeb2J0VgpUeQcsHIBOKZzcDJN7UabuwBCdTAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUwUjVe3g4/wA0LYN4SKQewxiDXq0wHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzMzNzJlMzIzMDMzMmUzMTM3
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
JcuwMA0GCSqGSIb3DQEBCwUAA4IBAQCm8op4S511MZY6T8Thcxi8JQds2tz07sqq
jDKx7TrpZLKE56obSsbE+YN6q0HDTR79sqqsVAK3eoWLek9nJVWm50f6m9WCHmTk
TABNRjBRQ+KbclzJ3g5Ft9DW9OpPeQR1Km1P2+tnT/zW5Fxz59gu/xpBuK7SR6zp
pcJnXDqupouDiMay5RKiu6t8biwVceEqCuMAC2BfT4jjaLfaNOZ8O1XnkDXRwLRu
T7PmshcuxiTvc+uRWtFzWGhGw6PJnacoCn3KcBaREEQSBiHmATRNyXBbMHjNyZVt
R1s1eOUahMapjSlNfPlzEMK93ONS0PAhLWqp+NyBcDxWVTScijBi
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org