Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3138362e302f32332d3233203d3e203432363839.roa
File: 33372e3230332e3138362e302f32332d3233203d3e203432363839.roa (raw, json)
Hash identifier: cuPOE1jqt/f6cqc5YSnxyh6WBYTl9X9FZe2MAP7PEVI=
Subject key identifier: 7C:41:F0:AA:A3:A2:72:B2:1C:7D:00:C1:38:17:6A:C9:29:1D:AC:3B
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 72DB31E9616BFC850C360ED3812AA8AEAA2F0407
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3138362e302f32332d3233203d3e203432363839.roa
Signing time: Thu 08 Aug 2024 10:22:01 +0000
ROA not before: Thu 08 Aug 2024 10:17:01 +0000
ROA not after: Thu 07 Aug 2025 10:22:01 +0000
asID: 42689
IP address blocks: 37.203.186.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:db:31:e9:61:6b:fc:85:0c:36:0e:d3:81:2a:a8:ae:aa:2f:04:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Aug 8 10:17:01 2024 GMT
Not After : Aug 7 10:22:01 2025 GMT
Subject: CN=7C41F0AAA3A272B21C7D00C138176AC9291DAC3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:50:38:6c:24:dd:52:df:5a:fd:fd:d0:9d:3f:
71:f2:74:dc:fd:08:e4:94:d3:15:0d:4c:99:f8:ea:
95:5a:3f:14:7b:df:d2:ef:53:86:10:b3:c3:6c:23:
1f:0f:a7:e6:1c:95:1f:86:a1:0e:0c:35:65:8c:3e:
61:d0:5f:d4:76:7e:82:2b:a3:d9:cd:fa:04:03:5c:
98:0c:e0:d3:92:bf:14:9a:b4:50:f0:0c:b1:f2:c7:
45:48:4a:92:cc:ba:8f:f3:0a:ae:dc:64:2c:9e:32:
ca:4e:c2:29:8c:9e:f6:07:f6:86:c1:4f:b0:f6:69:
08:50:12:29:9d:0a:10:34:aa:53:aa:a4:4d:f1:61:
65:8e:f7:85:a9:ff:6a:a1:0d:eb:bb:02:f9:ac:05:
e5:b5:b3:65:63:c5:7f:55:ab:30:8f:92:d2:eb:bf:
3f:7d:82:e9:2f:fb:0c:0e:da:28:f9:ae:a1:bc:b6:
57:53:c6:14:93:49:61:00:c8:bd:f9:95:42:ae:27:
d3:a2:46:32:e0:ff:64:de:d9:5a:7e:df:1f:5f:27:
fd:20:3e:3e:98:f4:00:47:3c:bd:b9:45:02:8d:76:
b0:f5:57:7c:57:24:e4:85:c7:95:b9:7c:48:2e:57:
7d:7c:3e:0b:46:4a:06:91:cc:43:ef:f1:e1:8a:5d:
7e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:41:F0:AA:A3:A2:72:B2:1C:7D:00:C1:38:17:6A:C9:29:1D:AC:3B
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3138362e302f32332d3233203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.186.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:08:cb:80:90:92:8c:95:3b:35:60:77:cd:03:42:d4:a0:8e:
e1:dd:21:af:c8:8b:8a:80:7f:82:ae:62:13:f5:f2:6e:bb:14:
45:e5:cf:c4:ec:cf:62:cd:f6:72:53:f1:44:ed:d9:38:14:13:
02:02:f7:9c:cf:67:1a:b8:5c:4c:d8:83:ef:f8:16:90:cd:8a:
24:6b:47:a9:7f:68:dc:3e:e9:5d:64:cd:cc:4f:0d:a4:c1:c5:
3f:c9:37:f0:cb:fb:38:bf:96:53:22:11:ff:94:ca:a1:d3:95:
98:15:30:d3:4d:6c:bb:88:fa:c8:c7:76:be:fa:3f:e0:af:06:
70:19:ad:08:da:27:bc:b5:d0:2d:98:4c:13:38:70:8e:6c:ab:
20:20:22:bd:ab:aa:97:0a:6f:b1:1d:2d:71:b3:5f:96:b2:4c:
59:45:0e:94:cc:00:6e:af:c0:71:21:c3:96:f0:7b:af:ef:73:
ee:b8:54:0c:3d:4b:09:b4:8f:c7:4a:e4:e1:4e:28:f0:08:a7:
a9:05:88:07:84:58:1b:2c:83:4a:bc:6e:58:14:d8:e1:fe:ab:
b7:d6:d3:60:1f:1f:5d:6a:d9:2b:dd:00:f5:d3:81:d7:6e:60:
4d:40:e5:08:9a:26:41:59:f4:67:3a:06:7d:a7:b4:c1:cf:cd:
8e:fa:e3:e1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUctsx6WFr/IUMNg7TgSqorqovBAcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDA4MDgxMDE3MDFaFw0yNTA4MDcxMDIyMDFaMDMxMTAvBgNV
BAMTKDdDNDFGMEFBQTNBMjcyQjIxQzdEMDBDMTM4MTc2QUM5MjkxREFDM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcUDhsJN1S31r9/dCdP3HydNz9
COSU0xUNTJn46pVaPxR739LvU4YQs8NsIx8Pp+YclR+GoQ4MNWWMPmHQX9R2foIr
o9nN+gQDXJgM4NOSvxSatFDwDLHyx0VISpLMuo/zCq7cZCyeMspOwimMnvYH9obB
T7D2aQhQEimdChA0qlOqpE3xYWWO94Wp/2qhDeu7AvmsBeW1s2VjxX9VqzCPktLr
vz99gukv+wwO2ij5rqG8tldTxhSTSWEAyL35lUKuJ9OiRjLg/2Te2Vp+3x9fJ/0g
Pj6Y9ABHPL25RQKNdrD1V3xXJOSFx5W5fEguV318PgtGSgaRzEPv8eGKXX6HAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUfEHwqqOicrIcfQDBOBdqySkdrDswHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzMzNzJlMzIzMDMzMmUzMTM4
MzYyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
Jcu6MA0GCSqGSIb3DQEBCwUAA4IBAQBdCMuAkJKMlTs1YHfNA0LUoI7h3SGvyIuK
gH+CrmIT9fJuuxRF5c/E7M9izfZyU/FE7dk4FBMCAvecz2cauFxM2IPv+BaQzYok
a0epf2jcPuldZM3MTw2kwcU/yTfwy/s4v5ZTIhH/lMqh05WYFTDTTWy7iPrIx3a+
+j/grwZwGa0I2ie8tdAtmEwTOHCObKsgICK9q6qXCm+xHS1xs1+WskxZRQ6UzABu
r8BxIcOW8Huv73PuuFQMPUsJtI/HSuThTijwCKepBYgHhFgbLINKvG5YFNjh/qu3
1tNgHx9datkr3QD104HXbmBNQOUImiZBWfRnOgZ9p7TBz82O+uPh
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org