Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/37372e3234342e3132382e302f32302d3230203d3e203432363839.roa
File: 37372e3234342e3132382e302f32302d3230203d3e203432363839.roa (raw, json)
Hash identifier: GE5Et8btXRvXmOGbZAq8E0Ksz/mpBfK7D9R+yJluu3c=
Subject key identifier: 63:14:D3:9D:4D:FA:63:4E:46:26:53:C7:22:26:C3:F2:3C:16:43:22
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 7F3F11BC830A6F0792826D3503E9E5C5CD40E938
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/37372e3234342e3132382e302f32302d3230203d3e203432363839.roa
Signing time: Tue 19 Mar 2024 10:25:32 +0000
ROA not before: Tue 19 Mar 2024 10:20:32 +0000
ROA not after: Tue 18 Mar 2025 10:25:32 +0000
asID: 42689
IP address blocks: 77.244.128.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:3f:11:bc:83:0a:6f:07:92:82:6d:35:03:e9:e5:c5:cd:40:e9:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Mar 19 10:20:32 2024 GMT
Not After : Mar 18 10:25:32 2025 GMT
Subject: CN=6314D39D4DFA634E462653C72226C3F23C164322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c3:37:ac:ae:46:84:65:82:92:9b:b0:1f:89:
c6:19:d4:7d:9b:c0:cd:03:96:21:af:4d:81:13:ae:
ec:19:47:b0:4e:62:c7:ad:b1:fb:02:49:37:b7:6b:
ac:b2:b2:5f:64:51:6a:63:3c:a5:8b:a9:44:c8:fc:
23:c6:71:d1:3c:08:43:e1:1a:81:3c:07:56:48:71:
89:dd:cc:09:84:06:6a:76:90:27:ce:f6:66:75:5c:
62:c6:95:09:f2:3b:36:94:fe:06:60:7f:94:2e:49:
2c:e3:2d:e9:b1:f1:3c:28:ef:38:51:d8:33:b9:27:
06:ee:0b:bb:3f:db:16:29:19:d8:9c:40:5f:de:ab:
c5:46:84:8a:9f:3d:1c:40:8a:69:8c:de:73:99:01:
e5:4b:4a:3c:a3:5a:af:29:63:9c:16:2b:4a:10:50:
ec:8c:43:d7:1a:44:aa:12:b2:9a:24:fc:bf:6c:45:
e4:84:93:ce:47:61:a1:67:2f:93:72:cf:cf:8d:17:
6c:c2:28:47:77:fd:62:a4:5e:dc:fb:22:84:15:8e:
7f:af:8b:88:37:0a:49:bc:85:62:c0:e5:63:66:69:
5a:8a:60:d5:c2:c1:04:8f:ac:4c:19:e3:2b:69:c4:
f5:6d:78:12:63:08:82:f6:42:82:09:dd:98:ab:4b:
8b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:14:D3:9D:4D:FA:63:4E:46:26:53:C7:22:26:C3:F2:3C:16:43:22
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/37372e3234342e3132382e302f32302d3230203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.244.128.0/20
Signature Algorithm: sha256WithRSAEncryption
67:66:62:2b:62:e5:ee:4a:6d:f2:41:9c:16:91:45:29:e8:9a:
42:61:f0:2c:5d:1e:70:c1:da:36:fc:31:c1:e7:39:20:42:55:
f4:9c:2e:43:d1:cf:b1:2a:65:b4:b3:ed:be:5e:0c:be:a9:e0:
fe:b1:1e:a7:5e:09:a8:6e:cb:d7:c1:15:48:0c:b6:5f:81:16:
0f:3f:81:98:2d:7f:f1:f1:12:1f:3f:79:60:04:1f:39:b9:62:
ec:e2:a2:a2:6f:60:ba:a9:05:c0:1d:c9:aa:3e:b1:19:0d:d3:
6e:01:25:52:4d:db:64:df:0c:18:6e:86:2b:84:cb:43:06:6b:
0c:6c:64:40:f3:d4:34:01:31:9d:65:a3:33:87:6e:00:f1:5a:
da:70:3f:f5:a2:4c:57:4b:da:7a:56:5c:d0:b0:ab:c8:f4:1c:
c1:9b:29:9e:59:ee:a0:c7:b7:a3:9b:5d:7a:ec:42:1a:a2:9a:
c0:fe:6c:50:0d:60:2b:cf:38:dd:de:6f:40:33:e1:7c:df:92:
af:26:da:13:20:ed:15:bf:15:45:33:9e:84:ef:93:10:95:05:
dd:49:2f:99:02:2d:51:e3:e3:e9:cf:dc:3b:36:75:85:8d:15:
2e:9d:ba:8d:9b:98:5f:04:8f:b1:05:08:7b:bb:c4:85:1a:12:
49:77:90:d4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfz8RvIMKbweSgm01A+nlxc1A6TgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDAzMTkxMDIwMzJaFw0yNTAzMTgxMDI1MzJaMDMxMTAvBgNV
BAMTKDYzMTREMzlENERGQTYzNEU0NjI2NTNDNzIyMjZDM0YyM0MxNjQzMjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNwzesrkaEZYKSm7AficYZ1H2b
wM0DliGvTYETruwZR7BOYsetsfsCSTe3a6yysl9kUWpjPKWLqUTI/CPGcdE8CEPh
GoE8B1ZIcYndzAmEBmp2kCfO9mZ1XGLGlQnyOzaU/gZgf5QuSSzjLemx8Two7zhR
2DO5JwbuC7s/2xYpGdicQF/eq8VGhIqfPRxAimmM3nOZAeVLSjyjWq8pY5wWK0oQ
UOyMQ9caRKoSspok/L9sReSEk85HYaFnL5Nyz8+NF2zCKEd3/WKkXtz7IoQVjn+v
i4g3Ckm8hWLA5WNmaVqKYNXCwQSPrEwZ4ytpxPVteBJjCIL2QoIJ3ZirS4s7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUYxTTnU36Y05GJlPHIibD8jwWQyIwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzczNzJlMzIzNDM0MmUzMTMy
MzgyZTMwMmYzMjMwMmQzMjMwMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE
TfSAMA0GCSqGSIb3DQEBCwUAA4IBAQBnZmIrYuXuSm3yQZwWkUUp6JpCYfAsXR5w
wdo2/DHB5zkgQlX0nC5D0c+xKmW0s+2+Xgy+qeD+sR6nXgmobsvXwRVIDLZfgRYP
P4GYLX/x8RIfP3lgBB85uWLs4qKib2C6qQXAHcmqPrEZDdNuASVSTdtk3wwYboYr
hMtDBmsMbGRA89Q0ATGdZaMzh24A8VracD/1okxXS9p6VlzQsKvI9BzBmymeWe6g
x7ejm1167EIaoprA/mxQDWArzzjd3m9AM+F835KvJtoTIO0VvxVFM56E75MQlQXd
SS+ZAi1R4+Ppz9w7NnWFjRUunbqNm5hfBI+xBQh7u8SFGhJJd5DU
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org