Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3138302e302f32322d3232203d3e203432363839.roa
File: 33372e3230332e3138302e302f32322d3232203d3e203432363839.roa (raw, json)
Hash identifier: IYKF0ZA4fxTeh7iI+nO/0ASd9Gk0GTKjor3wrSFbpC8=
Subject key identifier: BF:CA:0B:06:47:F0:FA:71:43:62:6F:80:A8:43:BF:E2:D5:94:D0:B0
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 7C5AF5F113956912CE1F44DEBA58C678FA49695D
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3138302e302f32322d3232203d3e203432363839.roa
Signing time: Thu 08 Aug 2024 10:19:29 +0000
ROA not before: Thu 08 Aug 2024 10:14:29 +0000
ROA not after: Thu 07 Aug 2025 10:19:29 +0000
asID: 42689
IP address blocks: 37.203.180.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:5a:f5:f1:13:95:69:12:ce:1f:44:de:ba:58:c6:78:fa:49:69:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Aug 8 10:14:29 2024 GMT
Not After : Aug 7 10:19:29 2025 GMT
Subject: CN=BFCA0B0647F0FA7143626F80A843BFE2D594D0B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3d:4b:e4:21:7a:98:22:bb:14:d4:d6:69:04:
3d:12:7e:84:9b:3b:5b:5d:d3:3a:09:85:dc:f5:cb:
75:23:31:37:81:fb:49:05:30:e3:27:14:44:74:51:
5e:a6:69:14:3b:a1:42:cc:d1:2c:9d:a2:7d:24:2c:
36:ce:1b:52:eb:42:02:fb:45:86:1b:bc:24:7b:05:
b2:95:bd:df:0a:ac:fa:5e:04:5e:ab:4b:9f:71:e4:
32:4f:f3:f6:66:5c:bf:0e:d5:7c:0f:d7:48:c9:ca:
26:5c:25:40:b7:8c:7f:0f:12:71:83:63:84:0a:d3:
de:fc:63:8b:9a:0d:4c:f7:8c:aa:16:f9:5f:73:8b:
87:b7:b1:7a:af:53:9a:ab:c9:fd:b9:c2:20:15:6f:
d3:2f:0c:0d:6c:16:c5:76:00:31:ca:c0:31:11:56:
bf:92:39:30:5f:ec:14:85:1d:82:76:a4:66:d9:76:
f7:d7:8a:2d:7e:8e:73:a8:88:4c:ef:05:b3:20:25:
e8:ff:71:8e:20:ca:cd:f8:3b:13:4b:25:4e:01:7e:
f5:de:ef:51:ec:2b:1d:9e:1d:a5:e7:6c:b5:77:65:
cf:15:b1:03:99:d8:cb:5c:4c:c9:91:d2:8f:26:45:
29:5d:7d:6c:82:15:ca:2a:49:07:1b:52:57:e9:05:
ae:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:CA:0B:06:47:F0:FA:71:43:62:6F:80:A8:43:BF:E2:D5:94:D0:B0
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3138302e302f32322d3232203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.180.0/22
Signature Algorithm: sha256WithRSAEncryption
29:66:61:c7:01:59:e5:45:df:9e:6b:6c:c6:c3:c1:fc:48:8f:
71:c6:5c:7e:1f:7f:8e:bd:d3:e0:cf:61:ae:25:b4:d9:ba:58:
24:a2:8b:63:7b:2b:7f:88:68:ce:f1:de:c4:fd:f1:da:9b:43:
e0:f5:21:b0:d0:af:bc:63:0e:ec:bd:a4:00:6e:4a:21:db:48:
70:a4:b3:ef:ec:6b:f0:42:cc:1d:e8:cf:1b:a9:aa:f8:cb:18:
da:b4:c3:b6:03:c4:3b:2f:de:ec:72:ae:9c:b9:df:b1:03:9c:
20:29:4d:43:6b:93:d3:37:a9:de:d7:07:3f:ad:78:e3:f8:3e:
e0:cf:f6:43:d1:c7:85:b9:f2:2f:fd:ee:23:c1:b6:7d:3f:b1:
11:a3:4f:ad:30:42:50:33:8d:8c:4c:81:ac:cc:30:0a:38:9f:
a0:a7:32:4a:8f:c3:b9:a6:60:0e:16:19:69:c9:1c:92:e6:ca:
6d:9c:e3:d8:cf:c7:32:1e:56:63:ff:8e:6f:b2:d4:0f:88:d3:
b0:45:03:24:38:5d:0d:7d:a9:b1:d4:bd:62:14:9b:b7:4a:05:
67:f1:55:69:d9:5a:20:c6:75:93:38:99:76:9b:f8:72:61:25:
e6:5b:65:84:00:28:fa:40:e4:c2:64:dc:fb:9d:f0:b8:e1:88:
46:7a:e6:96
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfFr18ROVaRLOH0TeuljGePpJaV0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDA4MDgxMDE0MjlaFw0yNTA4MDcxMDE5MjlaMDMxMTAvBgNV
BAMTKEJGQ0EwQjA2NDdGMEZBNzE0MzYyNkY4MEE4NDNCRkUyRDU5NEQwQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCePUvkIXqYIrsU1NZpBD0SfoSb
O1td0zoJhdz1y3UjMTeB+0kFMOMnFER0UV6maRQ7oULM0Sydon0kLDbOG1LrQgL7
RYYbvCR7BbKVvd8KrPpeBF6rS59x5DJP8/ZmXL8O1XwP10jJyiZcJUC3jH8PEnGD
Y4QK0978Y4uaDUz3jKoW+V9zi4e3sXqvU5qryf25wiAVb9MvDA1sFsV2ADHKwDER
Vr+SOTBf7BSFHYJ2pGbZdvfXii1+jnOoiEzvBbMgJej/cY4gys34OxNLJU4BfvXe
71HsKx2eHaXnbLV3Zc8VsQOZ2MtcTMmR0o8mRSldfWyCFcoqSQcbUlfpBa5pAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUv8oLBkfw+nFDYm+AqEO/4tWU0LAwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzMzNzJlMzIzMDMzMmUzMTM4
MzAyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
Jcu0MA0GCSqGSIb3DQEBCwUAA4IBAQApZmHHAVnlRd+ea2zGw8H8SI9xxlx+H3+O
vdPgz2GuJbTZulgkootjeyt/iGjO8d7E/fHam0Pg9SGw0K+8Yw7svaQAbkoh20hw
pLPv7GvwQswd6M8bqar4yxjatMO2A8Q7L97scq6cud+xA5wgKU1Da5PTN6ne1wc/
rXjj+D7gz/ZD0ceFufIv/e4jwbZ9P7ERo0+tMEJQM42MTIGszDAKOJ+gpzJKj8O5
pmAOFhlpyRyS5sptnOPYz8cyHlZj/45vstQPiNOwRQMkOF0Nfamx1L1iFJu3SgVn
8VVp2VogxnWTOJl2m/hyYSXmW2WEACj6QOTCZNz7nfC44YhGeuaW
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org