Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3132382e302f32312d3231203d3e203432363839.roa
File: 39352e3137352e3132382e302f32312d3231203d3e203432363839.roa (raw, json)
Hash identifier: Ub1W+xAcrVVSovAdI/bI70Ews/6C9YwPks7UnjXXOIE=
Subject key identifier: C3:5E:6D:39:C4:97:EC:D3:F7:66:E9:99:3A:59:D3:00:88:DD:DD:9D
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 0FF035DC7AE0C23DBC231686DD12C5386A3651E5
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3132382e302f32312d3231203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 10:53:56 +0000
ROA not before: Thu 07 Nov 2024 10:48:56 +0000
ROA not after: Thu 06 Nov 2025 10:53:56 +0000
asID: 42689
IP address blocks: 95.175.128.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:f0:35:dc:7a:e0:c2:3d:bc:23:16:86:dd:12:c5:38:6a:36:51:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 10:48:56 2024 GMT
Not After : Nov 6 10:53:56 2025 GMT
Subject: CN=C35E6D39C497ECD3F766E9993A59D30088DDDD9D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:e0:a9:96:46:30:0d:47:59:a7:9a:47:3e:7f:
49:09:0a:1a:2d:67:c5:cc:8f:e7:4f:17:7c:f2:15:
1e:eb:2e:2a:4a:50:d6:f0:f6:85:f3:92:82:df:b6:
4e:a1:a3:20:1a:12:3f:91:6c:96:47:66:96:06:92:
3a:08:4b:3d:af:24:25:08:08:ee:40:ae:e2:33:9b:
98:3f:f6:39:aa:48:a0:9a:17:a3:94:14:d8:7a:c7:
04:06:5d:06:8b:5b:68:a2:d8:6b:2e:6e:82:43:1a:
9d:5e:9f:5f:ff:f3:24:c1:ce:5c:67:cc:a9:46:08:
71:fb:cd:e2:26:6c:b3:a7:26:82:a8:d1:94:77:19:
be:6a:6c:48:83:23:b3:15:19:f0:ea:db:f1:3a:a8:
7b:b2:bb:09:a5:05:c9:ba:35:4e:16:e6:87:f9:58:
f8:82:23:0a:e9:fd:cc:60:bf:7d:7e:77:db:22:79:
d2:07:f3:6b:f1:2f:ba:9a:91:a6:91:1e:7a:ff:9b:
f7:01:45:f8:5a:01:8b:6c:03:2f:a6:51:13:99:fd:
97:b4:d7:3d:ca:01:5a:dc:55:6b:d8:ce:0e:6c:f0:
78:31:ae:9d:76:e0:f6:a5:c5:48:f6:78:6b:ca:a9:
ad:0a:72:d0:90:c3:97:af:32:87:6a:82:00:2e:0c:
73:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:5E:6D:39:C4:97:EC:D3:F7:66:E9:99:3A:59:D3:00:88:DD:DD:9D
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3132382e302f32312d3231203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.175.128.0/21
Signature Algorithm: sha256WithRSAEncryption
6d:ba:3d:5f:4e:7d:32:e9:71:7c:2c:d6:0a:46:49:cc:f4:cb:
cd:0f:f1:fa:18:ff:67:fe:4a:16:16:5f:c3:5e:20:c7:b7:13:
7b:5b:7c:38:8d:a6:df:00:66:59:f3:5c:75:9f:88:cd:8e:98:
ad:5b:dd:15:7d:4e:c9:c8:5f:89:ab:12:fb:1d:39:74:3f:a2:
d3:20:5f:d4:68:1b:b3:9d:49:74:44:df:a9:0b:3e:f9:c8:9a:
8a:95:09:27:48:87:13:a5:86:61:9e:d6:08:1c:a3:a6:6e:66:
5d:16:e5:d6:99:54:51:86:49:10:b7:dd:9c:ad:83:8f:bb:7e:
e6:85:b5:2d:3c:ce:3a:0a:a1:11:12:19:55:9b:1b:94:d8:9f:
6b:03:16:70:5e:89:92:9f:74:73:37:2a:e5:bc:45:ec:d6:5b:
77:62:4b:f6:b9:71:e5:ea:67:a3:8a:a2:5c:d4:2b:a5:81:4c:
1d:52:e2:d7:50:3a:9e:0e:38:e3:1f:18:8c:2f:d8:5a:f4:64:
94:86:4e:e4:d8:97:67:a5:ba:d7:a3:a8:66:e5:8a:72:c3:d9:
ca:d5:8e:74:c6:82:03:91:80:56:30:e4:2f:5d:da:b2:8c:7b:
df:b3:e3:f4:da:c4:9a:e5:d2:86:45:46:de:7c:01:aa:57:12:
b4:d7:df:e3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUD/A13Hrgwj28IxaG3RLFOGo2UeUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMDQ4NTZaFw0yNTExMDYxMDUzNTZaMDMxMTAvBgNV
BAMTKEMzNUU2RDM5QzQ5N0VDRDNGNzY2RTk5OTNBNTlEMzAwODhEREREOUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDr4KmWRjANR1mnmkc+f0kJChot
Z8XMj+dPF3zyFR7rLipKUNbw9oXzkoLftk6hoyAaEj+RbJZHZpYGkjoISz2vJCUI
CO5AruIzm5g/9jmqSKCaF6OUFNh6xwQGXQaLW2ii2GsuboJDGp1en1//8yTBzlxn
zKlGCHH7zeImbLOnJoKo0ZR3Gb5qbEiDI7MVGfDq2/E6qHuyuwmlBcm6NU4W5of5
WPiCIwrp/cxgv31+d9siedIH82vxL7qakaaRHnr/m/cBRfhaAYtsAy+mUROZ/Ze0
1z3KAVrcVWvYzg5s8Hgxrp124PalxUj2eGvKqa0KctCQw5evModqggAuDHMPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUw15tOcSX7NP3ZumZOlnTAIjd3Z0wHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzkzNTJlMzEzNzM1MmUzMTMy
MzgyZTMwMmYzMjMxMmQzMjMxMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
X6+AMA0GCSqGSIb3DQEBCwUAA4IBAQBtuj1fTn0y6XF8LNYKRknM9MvND/H6GP9n
/koWFl/DXiDHtxN7W3w4jabfAGZZ81x1n4jNjpitW90VfU7JyF+JqxL7HTl0P6LT
IF/UaBuznUl0RN+pCz75yJqKlQknSIcTpYZhntYIHKOmbmZdFuXWmVRRhkkQt92c
rYOPu37mhbUtPM46CqEREhlVmxuU2J9rAxZwXomSn3RzNyrlvEXs1lt3Ykv2uXHl
6mejiqJc1CulgUwdUuLXUDqeDjjjHxiML9ha9GSUhk7k2JdnpbrXo6hm5Ypyw9nK
1Y50xoIDkYBWMOQvXdqyjHvfs+P02sSa5dKGRUbefAGqVxK019/j
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org