Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3138352e302f32342d3234203d3e203432363839.roa
File: 33372e3230332e3138352e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: anwS8H/iiayDHTjt/xQCJDr2ENeWmgUlWqM7xQjUtRI=
Subject key identifier: EF:D3:C0:5E:90:CB:B0:8D:FF:57:C6:DA:5F:65:35:04:1C:AB:36:7B
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 29D5683FB4F96689D6E5B714B3D80E54EF203CD3
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3138352e302f32342d3234203d3e203432363839.roa
Signing time: Thu 08 Aug 2024 10:20:02 +0000
ROA not before: Thu 08 Aug 2024 10:15:02 +0000
ROA not after: Thu 07 Aug 2025 10:20:02 +0000
asID: 42689
IP address blocks: 37.203.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:d5:68:3f:b4:f9:66:89:d6:e5:b7:14:b3:d8:0e:54:ef:20:3c:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Aug 8 10:15:02 2024 GMT
Not After : Aug 7 10:20:02 2025 GMT
Subject: CN=EFD3C05E90CBB08DFF57C6DA5F6535041CAB367B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:79:d0:a2:82:3a:c7:63:7e:d4:b8:7a:51:e7:
f9:af:7e:27:11:60:22:e2:4c:a3:ff:13:d4:f1:3a:
d4:6b:7d:a2:f7:57:28:9b:10:97:ec:95:a4:5f:95:
b6:2e:0b:f7:53:e3:c2:50:a0:a3:a4:b0:ee:e2:4c:
83:42:c6:2a:00:bf:72:1e:79:2d:a3:89:fc:86:c2:
8e:3f:e2:83:4d:73:a2:49:35:6e:6d:47:f8:57:79:
4d:ff:e9:26:a1:2b:6c:9e:1b:2c:da:56:bc:b4:3c:
f4:56:86:e1:44:4a:85:15:31:07:ef:19:af:fc:08:
43:10:f3:a7:8d:24:f3:c9:e5:fc:19:df:d8:e7:44:
2b:52:52:5a:2d:22:ba:36:91:da:6b:1c:eb:56:ad:
a9:2f:ef:89:05:37:f2:10:3f:35:75:24:db:b0:98:
f6:69:3a:bb:bb:87:a1:01:15:1d:dd:5d:f9:75:87:
dd:5a:f9:3b:f8:e5:e2:0c:48:4e:8f:b8:23:05:38:
60:d4:53:08:8f:78:73:34:33:31:aa:c4:74:22:9f:
6a:4b:14:e4:74:91:45:11:fb:ed:bf:24:c7:71:e6:
f1:e8:db:9c:f9:bb:ee:53:0d:82:ad:3c:30:dd:f6:
7e:35:70:66:a2:66:6b:2a:ed:52:fd:ae:ef:7a:2f:
e0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:D3:C0:5E:90:CB:B0:8D:FF:57:C6:DA:5F:65:35:04:1C:AB:36:7B
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3138352e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.185.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:24:a8:5c:fb:1b:f0:c8:8f:0d:69:ae:8b:fc:c1:66:09:93:
b7:71:db:25:07:19:1b:45:87:e0:f7:5c:d9:fe:01:ad:2d:da:
ee:e6:a9:ba:81:db:b5:e2:b6:5f:3b:11:5a:56:50:f0:1c:6c:
aa:55:c2:08:20:b0:2f:c9:3e:57:d4:db:7c:2a:d6:0c:a7:21:
1b:17:ee:c6:2c:ad:1e:4e:46:9e:77:4d:c6:4e:b6:dc:a1:2d:
5e:55:14:49:f2:d0:a7:a9:93:30:2b:e6:95:d4:98:be:9d:ec:
d4:33:18:2c:60:b3:b6:13:bb:42:98:6d:c4:7a:f7:2a:21:7f:
dc:bf:cc:0f:3c:37:fc:eb:d3:3e:db:9b:9f:51:14:9e:d0:61:
79:4c:e3:30:2e:92:6f:39:50:c5:65:db:60:10:c4:31:e9:c7:
67:3d:46:1f:a0:cd:cd:83:30:06:90:ca:0d:14:ae:a0:3c:22:
f4:81:cb:ce:05:93:67:f1:b2:cd:14:27:9c:68:19:fd:b5:38:
65:44:74:d1:5f:6f:19:8d:b9:cc:0a:65:3c:3a:d4:32:a2:cf:
d0:40:56:07:22:10:66:9a:d4:08:6e:4d:72:09:3a:42:ef:20:
6a:3f:9e:f2:d6:4c:d3:e7:4f:23:56:d7:c3:66:23:a9:3d:27:
06:e8:92:83
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKdVoP7T5ZonW5bcUs9gOVO8gPNMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDA4MDgxMDE1MDJaFw0yNTA4MDcxMDIwMDJaMDMxMTAvBgNV
BAMTKEVGRDNDMDVFOTBDQkIwOERGRjU3QzZEQTVGNjUzNTA0MUNBQjM2N0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpedCigjrHY37UuHpR5/mvficR
YCLiTKP/E9TxOtRrfaL3VyibEJfslaRflbYuC/dT48JQoKOksO7iTINCxioAv3Ie
eS2jifyGwo4/4oNNc6JJNW5tR/hXeU3/6SahK2yeGyzaVry0PPRWhuFESoUVMQfv
Ga/8CEMQ86eNJPPJ5fwZ39jnRCtSUlotIro2kdprHOtWrakv74kFN/IQPzV1JNuw
mPZpOru7h6EBFR3dXfl1h91a+Tv45eIMSE6PuCMFOGDUUwiPeHM0MzGqxHQin2pL
FOR0kUUR++2/JMdx5vHo25z5u+5TDYKtPDDd9n41cGaiZmsq7VL9ru96L+C3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU79PAXpDLsI3/V8baX2U1BByrNnswHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzMzNzJlMzIzMDMzMmUzMTM4
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Jcu5MA0GCSqGSIb3DQEBCwUAA4IBAQBfJKhc+xvwyI8Naa6L/MFmCZO3cdslBxkb
RYfg91zZ/gGtLdru5qm6gdu14rZfOxFaVlDwHGyqVcIIILAvyT5X1Nt8KtYMpyEb
F+7GLK0eTkaed03GTrbcoS1eVRRJ8tCnqZMwK+aV1Ji+nezUMxgsYLO2E7tCmG3E
evcqIX/cv8wPPDf869M+25ufURSe0GF5TOMwLpJvOVDFZdtgEMQx6cdnPUYfoM3N
gzAGkMoNFK6gPCL0gcvOBZNn8bLNFCecaBn9tThlRHTRX28ZjbnMCmU8OtQyos/Q
QFYHIhBmmtQIbk1yCTpC7yBqP57y1kzT508jVtfDZiOpPScG6JKD
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org