Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39342e3132352e3132382e302f32312d3231203d3e203432363839.roa
File: 39342e3132352e3132382e302f32312d3231203d3e203432363839.roa (raw, json)
Hash identifier: q/7AMLAzwFLR8jLFWdqvE51zDKcAEqMzrKB3J8rCC3M=
Subject key identifier: BC:9E:23:5B:4F:03:BD:E2:5E:81:1F:B4:4F:5D:3B:23:EF:BC:37:F2
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 0AD859C145B06A496AF98C4C0D592A62508C8DF3
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39342e3132352e3132382e302f32312d3231203d3e203432363839.roa
Signing time: Tue 19 Mar 2024 10:18:51 +0000
ROA not before: Tue 19 Mar 2024 10:13:51 +0000
ROA not after: Tue 18 Mar 2025 10:18:51 +0000
asID: 42689
IP address blocks: 94.125.128.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:d8:59:c1:45:b0:6a:49:6a:f9:8c:4c:0d:59:2a:62:50:8c:8d:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Mar 19 10:13:51 2024 GMT
Not After : Mar 18 10:18:51 2025 GMT
Subject: CN=BC9E235B4F03BDE25E811FB44F5D3B23EFBC37F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:31:de:4c:55:5f:de:24:b7:55:ce:7b:3c:e1:
0b:4b:68:d8:f4:13:2d:f6:94:a9:26:8d:fc:c1:91:
de:52:47:69:f9:a8:04:70:db:42:98:97:aa:56:2b:
ff:e0:c3:b2:6c:54:c0:d7:a9:d7:2b:bd:e5:4d:dc:
07:6e:3a:7c:f5:11:78:82:bc:66:cb:e8:17:aa:d7:
81:c8:ad:72:6e:e5:78:93:cc:1d:27:d5:1f:44:56:
62:93:72:3c:d2:dd:17:47:ae:de:b7:b3:18:74:3b:
06:d6:68:84:27:db:b4:00:0f:7c:51:04:b7:c0:e0:
d2:11:74:6c:e4:0b:dc:56:ce:bb:ca:f8:fc:b2:e3:
00:5e:bb:c8:8c:5b:94:58:cd:89:62:9d:96:b6:80:
98:b8:5f:0b:fc:af:7f:df:00:78:40:26:3b:e0:ec:
4b:0a:ee:17:2a:c2:9e:95:6a:ec:4b:5a:4b:fe:eb:
7c:85:98:90:c7:3e:54:a2:64:76:4e:3a:61:d7:c1:
22:c8:b4:b2:f0:a6:04:ea:2b:3b:0f:68:31:f2:22:
ae:c2:57:5d:a6:5f:38:b2:99:51:0e:ea:66:ed:2b:
71:72:b6:43:a1:9b:2e:06:f3:69:b1:ba:d8:7e:b9:
7b:e6:fd:d7:aa:89:ea:9c:d1:38:4e:09:7e:6e:1e:
a6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:9E:23:5B:4F:03:BD:E2:5E:81:1F:B4:4F:5D:3B:23:EF:BC:37:F2
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39342e3132352e3132382e302f32312d3231203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.125.128.0/21
Signature Algorithm: sha256WithRSAEncryption
79:6f:d5:a8:ce:61:00:a9:55:3e:6e:d7:53:99:f0:10:b0:a8:
e6:09:d1:8f:05:bd:7e:00:0e:e1:27:79:06:0c:52:06:13:42:
8d:82:a2:d8:ab:79:20:43:8b:92:ae:17:1e:fe:d6:5f:45:23:
50:7a:95:53:f8:69:1e:cd:58:f0:eb:5b:30:b0:75:98:d4:74:
a4:d8:be:a2:0a:3f:f2:c8:f8:02:7b:c7:95:4e:4c:a9:22:59:
cf:3b:ac:c5:f2:2f:66:8a:28:aa:23:01:1a:c9:b0:34:06:63:
b6:82:ea:ad:64:7a:d9:a0:43:15:7c:06:60:e9:be:01:a3:06:
f4:20:db:77:a5:85:5b:68:b8:04:49:d6:9e:84:23:4c:ef:60:
df:91:76:e3:cc:32:a6:f0:0a:5d:ff:d6:83:a3:28:9e:3c:4a:
ff:46:44:96:16:69:22:65:43:08:6c:b3:53:08:c0:15:40:a2:
49:22:3f:00:71:8e:13:1c:ba:52:24:46:29:be:fb:50:22:26:
a1:00:6a:10:bd:1d:42:4c:83:96:d9:f5:96:f0:21:2e:80:69:
d0:0b:18:dd:fe:a0:42:26:76:f2:1d:80:3c:48:b1:1e:88:39:
eb:7a:9b:f9:27:bf:38:3d:c6:ca:6c:14:71:03:f3:36:79:9a:
ab:60:c8:78
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCthZwUWwaklq+YxMDVkqYlCMjfMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDAzMTkxMDEzNTFaFw0yNTAzMTgxMDE4NTFaMDMxMTAvBgNV
BAMTKEJDOUUyMzVCNEYwM0JERTI1RTgxMUZCNDRGNUQzQjIzRUZCQzM3RjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQMd5MVV/eJLdVzns84QtLaNj0
Ey32lKkmjfzBkd5SR2n5qARw20KYl6pWK//gw7JsVMDXqdcrveVN3AduOnz1EXiC
vGbL6Beq14HIrXJu5XiTzB0n1R9EVmKTcjzS3RdHrt63sxh0OwbWaIQn27QAD3xR
BLfA4NIRdGzkC9xWzrvK+Pyy4wBeu8iMW5RYzYlinZa2gJi4Xwv8r3/fAHhAJjvg
7EsK7hcqwp6VauxLWkv+63yFmJDHPlSiZHZOOmHXwSLItLLwpgTqKzsPaDHyIq7C
V12mXziymVEO6mbtK3FytkOhmy4G82mxuth+uXvm/deqieqc0ThOCX5uHqZnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUvJ4jW08DveJegR+0T107I++8N/IwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzkzNDJlMzEzMjM1MmUzMTMy
MzgyZTMwMmYzMjMxMmQzMjMxMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
Xn2AMA0GCSqGSIb3DQEBCwUAA4IBAQB5b9WozmEAqVU+btdTmfAQsKjmCdGPBb1+
AA7hJ3kGDFIGE0KNgqLYq3kgQ4uSrhce/tZfRSNQepVT+GkezVjw61swsHWY1HSk
2L6iCj/yyPgCe8eVTkypIlnPO6zF8i9miiiqIwEaybA0BmO2guqtZHrZoEMVfAZg
6b4Bowb0INt3pYVbaLgESdaehCNM72DfkXbjzDKm8Apd/9aDoyiePEr/RkSWFmki
ZUMIbLNTCMAVQKJJIj8AcY4THLpSJEYpvvtQIiahAGoQvR1CTIOW2fWW8CEugGnQ
Cxjd/qBCJnbyHYA8SLEeiDnrepv5J784PcbKbBRxA/M2eZqrYMh4
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org