Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3134322e302f32332d3233203d3e203432363839.roa
File: 39352e3137352e3134322e302f32332d3233203d3e203432363839.roa (raw, json)
Hash identifier: t/ZpDA3sIunSvW9j91YFkMn6cjur56oEIJMSMVrvoFY=
Subject key identifier: 96:B2:D1:10:40:4E:44:9E:79:54:A7:5B:A9:1A:45:33:E0:8F:43:0C
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 472C09341AFF2B154620DBD491A3300D4BA001DB
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3134322e302f32332d3233203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 10:54:47 +0000
ROA not before: Thu 07 Nov 2024 10:49:47 +0000
ROA not after: Thu 06 Nov 2025 10:54:47 +0000
asID: 42689
IP address blocks: 95.175.142.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:2c:09:34:1a:ff:2b:15:46:20:db:d4:91:a3:30:0d:4b:a0:01:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 10:49:47 2024 GMT
Not After : Nov 6 10:54:47 2025 GMT
Subject: CN=96B2D110404E449E7954A75BA91A4533E08F430C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6b:dd:6f:09:3a:2e:4f:c3:d9:ca:00:e5:b1:
d5:7b:a9:e4:66:d1:d9:4c:50:7d:90:b3:ca:6e:ff:
60:de:16:21:2e:a8:6e:4a:93:58:af:3d:f3:0d:d3:
4e:70:ce:e8:c0:73:87:46:c6:5d:02:b5:86:48:1d:
0c:b8:51:7e:8b:1f:74:0c:c7:08:48:f9:83:e1:ca:
3d:20:6f:ac:ac:5f:0d:43:60:aa:2b:6b:49:ee:eb:
a2:84:4b:d0:12:e5:d0:80:b7:20:56:2a:2e:5e:0d:
37:2c:c5:cd:01:fa:59:0c:a3:a5:06:6e:88:53:09:
d6:89:64:68:a9:1a:5a:50:11:03:5c:2f:8a:39:80:
20:05:12:52:3f:7a:b4:31:a3:fc:50:a9:df:7b:e4:
72:16:57:7f:3d:2d:4b:6b:48:97:ad:14:fe:2a:71:
b9:e5:26:b8:a4:21:c0:bc:e5:82:27:e5:02:0a:6a:
02:8a:92:51:a0:00:c3:e3:c2:f2:c8:bc:26:da:78:
26:c2:e5:12:98:b0:6c:c9:0c:c8:fc:f5:9d:3e:86:
37:62:57:b2:99:a1:d6:ff:7a:82:aa:f9:bd:8b:6a:
52:5c:6a:32:44:ee:c3:ee:a1:cf:0e:28:d9:08:ed:
0d:24:bc:e3:e2:6f:65:91:65:50:c7:b0:66:79:d3:
73:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B2:D1:10:40:4E:44:9E:79:54:A7:5B:A9:1A:45:33:E0:8F:43:0C
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3134322e302f32332d3233203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.175.142.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:81:92:a2:9a:91:a0:56:9f:b3:28:ed:6a:71:97:27:ab:a9:
d0:ca:c2:f1:fc:1a:d1:b1:63:c2:d7:c7:87:6d:d1:03:1b:d1:
fa:d5:07:02:9a:85:92:36:67:31:6d:e9:10:95:0e:57:50:af:
06:97:95:83:d1:10:94:b5:fd:46:1b:bc:95:be:05:3c:f0:64:
c1:5f:56:cb:4c:94:63:dc:04:f3:b8:ea:29:0f:26:7f:0a:6e:
5d:52:19:b3:03:fe:9f:4c:29:e3:96:cb:80:6a:94:8a:93:d1:
28:42:44:46:05:9a:d5:aa:64:53:cd:13:ff:48:5a:2c:52:60:
75:c1:0a:4c:60:6e:6e:2a:d8:20:7b:7b:ae:f5:4c:47:95:17:
c0:ce:88:8c:00:d8:f6:53:01:47:34:94:f3:f1:4d:df:7b:3e:
0e:c6:46:83:a7:da:ea:89:7d:03:d8:0c:5d:c2:82:1e:89:64:
8c:89:62:34:4a:9c:2e:9c:a5:6d:2e:38:dc:61:c0:4d:6d:6b:
b1:1a:ce:0a:69:94:6b:5e:ab:9e:8a:2f:21:20:2e:59:74:12:
fe:c2:a9:bb:49:e3:23:e0:52:fb:6a:4b:76:32:19:c9:74:56:
ce:a8:7a:46:e2:a9:3b:f1:f3:17:a5:98:d8:31:66:c1:b1:f5:
1a:f7:1f:2e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURywJNBr/KxVGINvUkaMwDUugAdswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMDQ5NDdaFw0yNTExMDYxMDU0NDdaMDMxMTAvBgNV
BAMTKDk2QjJEMTEwNDA0RTQ0OUU3OTU0QTc1QkE5MUE0NTMzRTA4RjQzMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUa91vCTouT8PZygDlsdV7qeRm
0dlMUH2Qs8pu/2DeFiEuqG5Kk1ivPfMN005wzujAc4dGxl0CtYZIHQy4UX6LH3QM
xwhI+YPhyj0gb6ysXw1DYKora0nu66KES9AS5dCAtyBWKi5eDTcsxc0B+lkMo6UG
bohTCdaJZGipGlpQEQNcL4o5gCAFElI/erQxo/xQqd975HIWV389LUtrSJetFP4q
cbnlJrikIcC85YIn5QIKagKKklGgAMPjwvLIvCbaeCbC5RKYsGzJDMj89Z0+hjdi
V7KZodb/eoKq+b2LalJcajJE7sPuoc8OKNkI7Q0kvOPib2WRZVDHsGZ503PTAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUlrLREEBORJ55VKdbqRpFM+CPQwwwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzkzNTJlMzEzNzM1MmUzMTM0
MzIyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
X6+OMA0GCSqGSIb3DQEBCwUAA4IBAQAugZKimpGgVp+zKO1qcZcnq6nQysLx/BrR
sWPC18eHbdEDG9H61QcCmoWSNmcxbekQlQ5XUK8Gl5WD0RCUtf1GG7yVvgU88GTB
X1bLTJRj3ATzuOopDyZ/Cm5dUhmzA/6fTCnjlsuAapSKk9EoQkRGBZrVqmRTzRP/
SFosUmB1wQpMYG5uKtgge3uu9UxHlRfAzoiMANj2UwFHNJTz8U3fez4OxkaDp9rq
iX0D2AxdwoIeiWSMiWI0SpwunKVtLjjcYcBNbWuxGs4KaZRrXqueii8hIC5ZdBL+
wqm7SeMj4FL7akt2MhnJdFbOqHpG4qk78fMXpZjYMWbBsfUa9x8u
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org