Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3133362e302f32322d3232203d3e203432363839.roa
File: 39352e3137352e3133362e302f32322d3232203d3e203432363839.roa (raw, json)
Hash identifier: 3Q262+HQvx6muOWrcRkRkIVcpeuX5kW9NTQSSxfJAL0=
Subject key identifier: 77:F8:01:B4:FD:3F:61:A1:6A:7F:DA:7E:CA:A1:E4:6B:88:2C:EA:24
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 70C34DA48D9D8F91E2286DDD9182AADF3C266A78
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3133362e302f32322d3232203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 10:54:12 +0000
ROA not before: Thu 07 Nov 2024 10:49:12 +0000
ROA not after: Thu 06 Nov 2025 10:54:12 +0000
asID: 42689
IP address blocks: 95.175.136.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:c3:4d:a4:8d:9d:8f:91:e2:28:6d:dd:91:82:aa:df:3c:26:6a:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 10:49:12 2024 GMT
Not After : Nov 6 10:54:12 2025 GMT
Subject: CN=77F801B4FD3F61A16A7FDA7ECAA1E46B882CEA24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2e:e0:a1:18:9d:30:ad:97:5e:c1:4b:21:b6:
a9:2f:29:f1:ec:05:a5:dd:4d:a4:64:86:24:69:f9:
4b:8b:1e:fe:27:6a:6b:66:a7:a6:51:55:e1:31:ff:
e3:69:3a:c1:7a:28:5d:81:9e:6d:35:43:3b:fd:7b:
32:83:bd:46:e4:eb:ff:d6:e6:60:6b:6a:0d:37:f0:
af:dc:51:08:ec:b6:3c:f4:fe:b5:80:e4:d3:53:18:
41:e9:d0:52:90:3c:c8:2a:b8:8b:b2:24:37:b8:36:
c7:1a:24:6c:5d:1f:d9:e9:cc:52:9d:06:52:16:a4:
48:61:c2:48:5c:25:9d:d9:d7:50:dc:7c:b9:20:18:
cf:90:bb:b4:21:74:86:fc:c2:c9:67:d1:11:b2:19:
51:06:5b:a7:d0:42:d1:8f:56:07:cb:7e:f0:15:45:
74:d8:1a:f8:64:ac:d2:13:a6:c0:e2:48:85:3b:0f:
ba:49:7e:3c:3d:8a:6b:6d:60:af:d8:58:0c:fd:da:
60:91:56:d9:a5:3b:8b:e0:48:19:3e:98:79:03:54:
28:fd:93:ae:72:e8:dc:6a:f5:24:ab:76:bc:23:f9:
7e:f9:f7:32:f1:3d:13:75:d1:7b:a0:a3:88:29:64:
84:df:e2:56:b1:fe:e9:9f:8a:c5:35:f5:c0:d9:dc:
87:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:F8:01:B4:FD:3F:61:A1:6A:7F:DA:7E:CA:A1:E4:6B:88:2C:EA:24
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3133362e302f32322d3232203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.175.136.0/22
Signature Algorithm: sha256WithRSAEncryption
03:31:fa:6b:77:a9:35:05:56:ab:df:b2:61:1f:c0:2a:37:dd:
51:77:55:32:c9:0e:34:1e:0e:8a:40:b4:3f:81:bb:cb:52:70:
63:f5:af:6b:1a:3c:45:55:3b:48:3b:5d:77:e1:74:63:44:34:
5a:18:2d:b7:76:b2:22:64:3e:a6:c3:0a:a7:3d:91:01:86:53:
c9:8d:35:5b:c8:10:8b:9a:b3:b7:e8:04:fa:97:76:a2:5e:61:
8b:0d:8f:5b:85:05:8c:6f:7d:b6:ec:f7:e1:fc:14:38:70:6e:
70:d3:44:dc:19:a0:33:26:9f:ad:e7:b5:6d:ea:e0:4b:76:ee:
09:d0:66:8c:e2:d9:91:14:ce:f6:1e:24:e0:a8:91:7a:2d:da:
19:42:55:22:23:0a:6c:05:3f:c7:d3:f1:ae:d1:16:19:38:0f:
77:41:32:a8:99:e6:f4:26:f0:78:07:19:53:35:e0:cf:82:ce:
9c:c3:67:fe:bb:bd:69:6f:a9:9c:7a:d5:01:f2:46:9d:e8:c6:
68:2b:2d:50:1c:ae:32:7d:25:16:e8:f2:8c:00:2e:5d:e2:03:
d3:77:f4:85:fb:95:c2:2d:bf:f4:ef:87:5e:24:88:15:0a:01:
2d:a3:a6:d0:7b:e2:0e:49:ec:2a:84:26:90:44:82:3d:0f:c0:
21:54:c3:d5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUcMNNpI2dj5HiKG3dkYKq3zwmangwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMDQ5MTJaFw0yNTExMDYxMDU0MTJaMDMxMTAvBgNV
BAMTKDc3RjgwMUI0RkQzRjYxQTE2QTdGREE3RUNBQTFFNDZCODgyQ0VBMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHLuChGJ0wrZdewUshtqkvKfHs
BaXdTaRkhiRp+UuLHv4namtmp6ZRVeEx/+NpOsF6KF2Bnm01Qzv9ezKDvUbk6//W
5mBrag038K/cUQjstjz0/rWA5NNTGEHp0FKQPMgquIuyJDe4NscaJGxdH9npzFKd
BlIWpEhhwkhcJZ3Z11DcfLkgGM+Qu7QhdIb8wsln0RGyGVEGW6fQQtGPVgfLfvAV
RXTYGvhkrNITpsDiSIU7D7pJfjw9imttYK/YWAz92mCRVtmlO4vgSBk+mHkDVCj9
k65y6Nxq9SSrdrwj+X759zLxPRN10Xugo4gpZITf4lax/umfisU19cDZ3IcBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUd/gBtP0/YaFqf9p+yqHka4gs6iQwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzkzNTJlMzEzNzM1MmUzMTMz
MzYyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
X6+IMA0GCSqGSIb3DQEBCwUAA4IBAQADMfprd6k1BVar37JhH8AqN91Rd1UyyQ40
Hg6KQLQ/gbvLUnBj9a9rGjxFVTtIO1134XRjRDRaGC23drIiZD6mwwqnPZEBhlPJ
jTVbyBCLmrO36AT6l3aiXmGLDY9bhQWMb3227Pfh/BQ4cG5w00TcGaAzJp+t57Vt
6uBLdu4J0GaM4tmRFM72HiTgqJF6LdoZQlUiIwpsBT/H0/Gu0RYZOA93QTKomeb0
JvB4BxlTNeDPgs6cw2f+u71pb6mcetUB8kad6MZoKy1QHK4yfSUW6PKMAC5d4gPT
d/SF+5XCLb/074deJIgVCgEto6bQe+IOSewqhCaQRII9D8AhVMPV
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org