Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3132382e302f31392d3139203d3e203432363839.roa
File: 39352e3137352e3132382e302f31392d3139203d3e203432363839.roa (raw, json)
Hash identifier: Y5OyX3kClHJMCPWjRwcLJTuwvkZzT8K2GjOcbXaiaqA=
Subject key identifier: 48:0E:02:D1:C4:E6:34:81:63:86:19:33:64:A0:24:81:81:23:97:49
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 74DC2FF5684FCF049453D70DF532951B0A18F774
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3132382e302f31392d3139203d3e203432363839.roa
Signing time: Tue 19 Mar 2024 10:19:04 +0000
ROA not before: Tue 19 Mar 2024 10:14:04 +0000
ROA not after: Tue 18 Mar 2025 10:19:04 +0000
asID: 42689
IP address blocks: 95.175.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 13:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:dc:2f:f5:68:4f:cf:04:94:53:d7:0d:f5:32:95:1b:0a:18:f7:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Mar 19 10:14:04 2024 GMT
Not After : Mar 18 10:19:04 2025 GMT
Subject: CN=480E02D1C4E634816386193364A0248181239749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f8:b9:38:f5:ea:01:65:02:a4:2b:c6:0a:31:
3d:54:b7:bb:86:f0:35:9f:3c:e0:38:af:11:df:34:
96:db:c3:e7:14:74:dc:46:1a:f9:e3:aa:18:e2:0a:
00:dd:68:fa:c2:04:7f:ae:b2:47:79:1f:89:2d:5f:
e4:36:01:ef:cf:1d:b5:64:26:c7:8f:45:ed:15:75:
6d:c7:5c:02:eb:ff:f9:29:61:4b:06:c1:f0:fb:c2:
70:ba:53:3e:d8:08:3d:da:f9:59:b4:57:05:93:cf:
3e:7b:d3:b5:0e:73:56:6f:8a:74:6f:3d:d6:cb:84:
bc:e4:c3:ea:f8:e9:1b:c4:db:85:66:a2:10:b5:2d:
6b:57:04:bf:a9:b2:c6:21:37:bc:dc:56:33:d6:78:
cb:12:6d:4b:73:3a:ce:91:76:b5:8f:89:8b:08:ef:
30:fc:1e:9e:72:96:9f:45:c7:bd:89:92:7e:99:99:
a3:56:d4:2f:0e:14:1d:05:04:ec:3f:de:f7:a3:15:
17:2d:1a:2d:d0:cb:fd:0b:19:3a:aa:06:be:34:3b:
50:32:2f:29:5c:fc:49:21:ad:80:b7:80:c9:82:d6:
c2:8a:45:dd:14:82:a4:38:c7:08:16:ae:dc:89:ff:
b5:05:25:82:b7:82:d9:6d:54:e5:96:42:99:90:62:
e6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:0E:02:D1:C4:E6:34:81:63:86:19:33:64:A0:24:81:81:23:97:49
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3132382e302f31392d3139203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.175.128.0/19
Signature Algorithm: sha256WithRSAEncryption
a9:36:b9:26:0b:e8:7c:9e:17:03:d6:56:18:6e:cd:97:34:ce:
a0:b7:e4:c1:eb:7e:ca:95:4e:29:d6:c6:0e:96:6e:6a:2e:1f:
63:c4:78:51:3e:b0:36:5a:c1:b8:f2:ab:a9:7b:12:c6:8f:8a:
7c:69:0b:ad:6a:bf:57:42:be:b0:02:eb:66:fe:1a:72:b5:a1:
40:74:7c:64:3a:b0:33:2b:de:2b:83:d0:46:1d:6f:31:72:1e:
31:84:74:45:3e:60:19:7d:88:26:8d:31:12:15:7a:ff:a8:67:
b6:cc:41:55:ae:c0:f9:53:a2:ee:65:ac:f1:d5:fc:8f:1f:f6:
21:b3:aa:dd:39:67:fa:43:19:27:80:61:5c:49:58:4e:c1:ae:
c4:91:29:e3:51:96:54:12:e0:c1:9f:ce:dd:ad:3f:a4:46:68:
a5:bd:46:91:06:30:91:27:50:13:ed:bb:40:a4:25:77:31:ec:
d1:43:4c:e8:6f:90:49:0a:b2:27:6a:43:b3:2d:21:f5:7a:dd:
b5:57:79:48:be:2a:9f:56:20:c2:b6:b6:aa:15:e8:77:6d:da:
b0:fb:2e:69:d4:ec:9f:e3:86:b3:b5:f2:54:3a:ba:2e:da:2c:
d4:74:8b:a7:83:20:ae:59:24:4e:e8:61:c5:bc:a8:d2:08:ef:
4c:80:bc:72
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdNwv9WhPzwSUU9cN9TKVGwoY93QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDAzMTkxMDE0MDRaFw0yNTAzMTgxMDE5MDRaMDMxMTAvBgNV
BAMTKDQ4MEUwMkQxQzRFNjM0ODE2Mzg2MTkzMzY0QTAyNDgxODEyMzk3NDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7+Lk49eoBZQKkK8YKMT1Ut7uG
8DWfPOA4rxHfNJbbw+cUdNxGGvnjqhjiCgDdaPrCBH+uskd5H4ktX+Q2Ae/PHbVk
JsePRe0VdW3HXALr//kpYUsGwfD7wnC6Uz7YCD3a+Vm0VwWTzz5707UOc1ZvinRv
PdbLhLzkw+r46RvE24VmohC1LWtXBL+pssYhN7zcVjPWeMsSbUtzOs6RdrWPiYsI
7zD8Hp5ylp9Fx72Jkn6ZmaNW1C8OFB0FBOw/3vejFRctGi3Qy/0LGTqqBr40O1Ay
Lylc/EkhrYC3gMmC1sKKRd0UgqQ4xwgWrtyJ/7UFJYK3gtltVOWWQpmQYua5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUSA4C0cTmNIFjhhkzZKAkgYEjl0kwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzkzNTJlMzEzNzM1MmUzMTMy
MzgyZTMwMmYzMTM5MmQzMTM5MjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF
X6+AMA0GCSqGSIb3DQEBCwUAA4IBAQCpNrkmC+h8nhcD1lYYbs2XNM6gt+TB637K
lU4p1sYOlm5qLh9jxHhRPrA2WsG48qupexLGj4p8aQutar9XQr6wAutm/hpytaFA
dHxkOrAzK94rg9BGHW8xch4xhHRFPmAZfYgmjTESFXr/qGe2zEFVrsD5U6LuZazx
1fyPH/Yhs6rdOWf6QxkngGFcSVhOwa7EkSnjUZZUEuDBn87drT+kRmilvUaRBjCR
J1AT7btApCV3MezRQ0zob5BJCrInakOzLSH1et21V3lIviqfViDCtraqFeh3bdqw
+y5p1Oyf44aztfJUOrou2izUdIungyCuWSRO6GHFvKjSCO9MgLxy
-----END CERTIFICATE-----
Generated at Fri Sep 27 17:20:12 2024 by rpki-client on console-ams.rpki-client.org