Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3138382e302f32322d3232203d3e203432363839.roa
File: 33372e3230332e3138382e302f32322d3232203d3e203432363839.roa (raw, json)
Hash identifier: eaMz2BDrCs8A5/6fnjEKlk+Lfl+7G7irk0K/mWtg2zk=
Subject key identifier: 1C:C8:0D:EC:EF:60:30:E5:25:4E:AA:15:FA:9F:46:E1:DC:D9:25:4F
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 1C92272691095BC2ED4C394E209229B6D99A84C9
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3138382e302f32322d3232203d3e203432363839.roa
Signing time: Thu 08 Aug 2024 10:22:49 +0000
ROA not before: Thu 08 Aug 2024 10:17:49 +0000
ROA not after: Thu 07 Aug 2025 10:22:49 +0000
asID: 42689
IP address blocks: 37.203.188.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:92:27:26:91:09:5b:c2:ed:4c:39:4e:20:92:29:b6:d9:9a:84:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Aug 8 10:17:49 2024 GMT
Not After : Aug 7 10:22:49 2025 GMT
Subject: CN=1CC80DECEF6030E5254EAA15FA9F46E1DCD9254F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:a9:13:c6:97:c8:7b:cd:a0:0b:64:11:fc:a1:
c5:0e:40:e4:3c:09:3c:ea:33:2a:dc:ec:04:e4:40:
db:c0:2f:5c:bb:db:e1:62:b5:8e:64:a1:95:98:44:
fc:46:e7:4c:eb:c5:12:ea:61:88:14:be:b4:1a:cb:
16:d7:6a:98:64:32:f8:a8:f6:ce:84:e2:9c:fe:d5:
b8:3a:25:4a:36:c9:d1:d8:4b:4b:62:bc:3f:d8:ff:
31:d9:7a:d1:4b:97:74:3b:53:a5:8f:df:9b:6f:f8:
64:b4:74:03:18:e5:03:63:d2:c8:bb:1e:ba:38:23:
16:af:1a:f8:04:3f:8b:13:42:29:5b:24:fb:0c:d8:
b1:18:a3:b2:f6:d3:31:5d:92:ca:5b:8f:ee:60:87:
3a:80:9f:75:d0:a8:75:89:8e:8d:18:75:45:11:89:
52:0f:6c:16:25:04:63:44:02:56:e8:8a:89:4b:60:
b4:d6:92:75:08:cc:d8:96:15:6b:01:42:3c:3a:18:
ef:99:0b:26:c3:0e:7b:8d:74:83:d2:53:81:7d:ed:
e6:35:77:2d:28:c7:77:0b:f8:68:ce:11:dd:5d:15:
41:3b:97:73:0e:96:17:cf:20:40:0c:b7:1d:ce:22:
23:cf:85:69:e8:84:f0:18:7c:2a:25:da:24:4e:3e:
6a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:C8:0D:EC:EF:60:30:E5:25:4E:AA:15:FA:9F:46:E1:DC:D9:25:4F
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33372e3230332e3138382e302f32322d3232203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.188.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:04:f7:85:37:62:5e:61:7e:29:0b:a9:c2:b4:b5:e5:9b:b2:
a0:ed:d5:f0:fd:7b:1f:8c:97:47:b6:a5:72:f6:63:28:93:11:
bd:1b:9a:e6:83:92:3c:9d:1c:b5:55:5f:a3:72:b4:de:c0:72:
1f:34:7f:13:43:8d:af:44:17:ca:39:aa:35:d8:bb:e1:c3:f5:
3a:99:62:db:b5:ad:ac:b8:ef:9c:cb:18:c5:50:66:a9:79:d0:
6c:e2:86:a8:a9:d4:d6:d4:de:40:49:43:82:6a:30:6f:1e:8c:
8f:d2:92:09:f8:e8:68:ad:a6:52:34:01:0f:16:cc:97:b6:c8:
0e:c3:c0:bc:34:7c:56:8a:f1:60:06:04:df:d6:fe:61:3e:02:
92:c3:41:83:36:4b:18:e4:14:f4:d1:22:78:dd:b1:0b:42:ed:
49:9a:24:44:50:9b:0e:7a:67:5f:39:37:fc:5e:2a:63:be:b7:
50:67:4b:6a:9d:ca:44:42:21:c3:13:8b:d1:3d:d9:65:88:5d:
5a:21:4b:a2:b2:f4:cd:0f:a4:ff:86:fc:84:d0:0d:08:da:65:
44:d2:6a:6e:93:41:30:29:26:6b:0e:f6:96:b2:df:c7:f3:fd:
7a:e2:8e:e5:c3:cb:72:49:02:74:25:cc:f4:85:3a:20:44:91:
51:b4:9c:eb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHJInJpEJW8LtTDlOIJIpttmahMkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDA4MDgxMDE3NDlaFw0yNTA4MDcxMDIyNDlaMDMxMTAvBgNV
BAMTKDFDQzgwREVDRUY2MDMwRTUyNTRFQUExNUZBOUY0NkUxRENEOTI1NEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiqRPGl8h7zaALZBH8ocUOQOQ8
CTzqMyrc7ATkQNvAL1y72+FitY5koZWYRPxG50zrxRLqYYgUvrQayxbXaphkMvio
9s6E4pz+1bg6JUo2ydHYS0tivD/Y/zHZetFLl3Q7U6WP35tv+GS0dAMY5QNj0si7
Hro4IxavGvgEP4sTQilbJPsM2LEYo7L20zFdkspbj+5ghzqAn3XQqHWJjo0YdUUR
iVIPbBYlBGNEAlboiolLYLTWknUIzNiWFWsBQjw6GO+ZCybDDnuNdIPSU4F97eY1
dy0ox3cL+GjOEd1dFUE7l3MOlhfPIEAMtx3OIiPPhWnohPAYfCol2iROPmqFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUHMgN7O9gMOUlTqoV+p9G4dzZJU8wHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzMzNzJlMzIzMDMzMmUzMTM4
MzgyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
Jcu8MA0GCSqGSIb3DQEBCwUAA4IBAQCPBPeFN2JeYX4pC6nCtLXlm7Kg7dXw/Xsf
jJdHtqVy9mMokxG9G5rmg5I8nRy1VV+jcrTewHIfNH8TQ42vRBfKOao12Lvhw/U6
mWLbta2suO+cyxjFUGapedBs4oaoqdTW1N5ASUOCajBvHoyP0pIJ+OhoraZSNAEP
FsyXtsgOw8C8NHxWivFgBgTf1v5hPgKSw0GDNksY5BT00SJ43bELQu1JmiREUJsO
emdfOTf8XipjvrdQZ0tqncpEQiHDE4vRPdlliF1aIUuisvTND6T/hvyE0A0I2mVE
0mpuk0EwKSZrDvaWst/H8/164o7lw8tySQJ0Jcz0hTogRJFRtJzr
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org