Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3134302e302f32342d3234203d3e203432363839.roa
File: 39352e3137352e3134302e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: Z0khWXmcgTIbjX7qFKRQT1DTtE2Fyj84EcxetQQMV10=
Subject key identifier: 03:40:8F:A6:D1:A1:4B:9A:F0:8C:79:C8:B8:52:81:CF:DE:99:B5:23
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 4D8C05E57257EC5A2A9DA20949BA7752134FDDF2
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3134302e302f32342d3234203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 10:54:32 +0000
ROA not before: Thu 07 Nov 2024 10:49:32 +0000
ROA not after: Thu 06 Nov 2025 10:54:32 +0000
asID: 42689
IP address blocks: 95.175.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:8c:05:e5:72:57:ec:5a:2a:9d:a2:09:49:ba:77:52:13:4f:dd:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 10:49:32 2024 GMT
Not After : Nov 6 10:54:32 2025 GMT
Subject: CN=03408FA6D1A14B9AF08C79C8B85281CFDE99B523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:11:ff:24:fd:7b:3a:ee:65:85:4c:c6:ec:a3:
db:b8:8d:79:25:b3:20:7a:26:99:c7:e3:8b:8e:fe:
58:29:0c:d9:68:5c:90:55:97:2b:9c:4c:98:1a:47:
8c:fb:08:71:23:52:bd:42:3f:96:0c:17:ff:35:81:
41:64:ad:8d:82:87:11:23:c8:84:22:d7:2c:3e:ad:
7f:2f:85:37:fb:23:07:18:e6:4e:d2:68:4b:d7:b1:
8c:6c:05:88:e7:7a:12:60:ce:81:78:67:25:fe:f3:
9a:d9:c9:a6:e8:fd:10:8f:0c:09:b4:e4:ac:d6:31:
38:2e:c3:94:a4:bf:eb:d0:87:3f:9e:92:e9:83:9d:
cb:96:d8:41:04:ec:13:1e:4f:15:df:08:96:f1:ad:
76:e4:e4:af:05:b7:36:44:f6:80:f5:81:7f:9d:c2:
9f:e3:eb:63:b1:d9:a0:33:9f:59:a7:9b:23:6e:9a:
8b:8e:0f:4c:f9:2c:81:fe:e8:e6:6f:3c:0b:d2:d4:
cc:c2:31:e8:a2:aa:fc:a4:7a:6e:04:80:30:6e:79:
37:18:5a:09:9c:95:1c:b1:98:a6:62:8e:6f:28:96:
2f:23:8b:cc:a4:ab:ca:47:16:68:f1:05:39:e1:5a:
11:00:98:14:78:98:34:b8:2a:ef:e6:55:97:49:29:
9e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:40:8F:A6:D1:A1:4B:9A:F0:8C:79:C8:B8:52:81:CF:DE:99:B5:23
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3134302e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.175.140.0/24
Signature Algorithm: sha256WithRSAEncryption
77:7a:6a:d1:00:e1:45:27:2e:ab:a4:03:3e:a3:7d:7f:6d:6a:
02:e1:74:6b:74:a5:f8:44:d2:11:8c:8d:74:0b:0e:43:b7:de:
c5:b7:de:04:57:3d:35:c5:05:76:58:51:93:7d:63:dd:68:7f:
2b:b2:a2:0e:22:ff:bf:a1:fb:f2:74:fc:52:11:62:b2:30:a3:
4e:c4:88:e7:89:8a:cb:c5:5e:75:0c:e5:60:19:57:7c:17:1f:
d8:68:21:57:23:33:56:16:42:40:0f:b7:e8:69:c4:c1:28:1a:
a6:e1:f1:c4:c7:1b:5f:96:19:f4:b4:9d:f9:d5:35:8f:24:f6:
91:3d:6a:45:69:0e:99:5a:45:5b:6d:93:78:19:ef:9c:3e:f2:
e6:08:dc:0f:56:e7:aa:8e:7a:ae:f7:cb:eb:14:97:ac:21:18:
6a:84:6e:d4:a9:dd:d4:b0:5f:c5:07:b4:eb:b3:d5:27:be:d2:
8e:17:9a:a0:a7:a8:cf:fc:70:74:ce:37:bf:54:d3:bf:94:df:
18:a2:c0:1b:08:4c:f8:3b:24:b1:e3:54:8d:90:1a:95:0a:e3:
ae:85:f2:46:09:f4:f4:61:42:2a:6a:cc:d6:15:a6:c9:b7:e5:
91:7c:e5:18:e9:78:09:ad:d4:87:6d:6a:7e:53:91:d3:0c:cf:
e6:fa:cf:08
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTYwF5XJX7FoqnaIJSbp3UhNP3fIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMDQ5MzJaFw0yNTExMDYxMDU0MzJaMDMxMTAvBgNV
BAMTKDAzNDA4RkE2RDFBMTRCOUFGMDhDNzlDOEI4NTI4MUNGREU5OUI1MjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVEf8k/Xs67mWFTMbso9u4jXkl
syB6JpnH44uO/lgpDNloXJBVlyucTJgaR4z7CHEjUr1CP5YMF/81gUFkrY2ChxEj
yIQi1yw+rX8vhTf7IwcY5k7SaEvXsYxsBYjnehJgzoF4ZyX+85rZyabo/RCPDAm0
5KzWMTguw5Skv+vQhz+ekumDncuW2EEE7BMeTxXfCJbxrXbk5K8FtzZE9oD1gX+d
wp/j62Ox2aAzn1mnmyNumouOD0z5LIH+6OZvPAvS1MzCMeiiqvykem4EgDBueTcY
WgmclRyxmKZijm8oli8ji8ykq8pHFmjxBTnhWhEAmBR4mDS4Ku/mVZdJKZ5jAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUA0CPptGhS5rwjHnIuFKBz96ZtSMwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzkzNTJlMzEzNzM1MmUzMTM0
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6+MMA0GCSqGSIb3DQEBCwUAA4IBAQB3emrRAOFFJy6rpAM+o31/bWoC4XRrdKX4
RNIRjI10Cw5Dt97Ft94EVz01xQV2WFGTfWPdaH8rsqIOIv+/ofvydPxSEWKyMKNO
xIjniYrLxV51DOVgGVd8Fx/YaCFXIzNWFkJAD7foacTBKBqm4fHExxtflhn0tJ35
1TWPJPaRPWpFaQ6ZWkVbbZN4Ge+cPvLmCNwPVueqjnqu98vrFJesIRhqhG7Uqd3U
sF/FB7Trs9UnvtKOF5qgp6jP/HB0zje/VNO/lN8YosAbCEz4OySx41SNkBqVCuOu
hfJGCfT0YUIqaszWFabJt+WRfOUY6XgJrdSHbWp+U5HTDM/m+s8I
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org