Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3134342e302f32322d3232203d3e203432363839.roa
File: 39352e3137352e3134342e302f32322d3232203d3e203432363839.roa (raw, json)
Hash identifier: zaiwQ8QoXrjBO2Ho4iupQ7F6PUonJj8LnTdbI85FTag=
Subject key identifier: 82:CA:33:4C:5F:AB:68:8B:6F:7D:56:B6:D6:77:24:46:56:A4:61:80
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 09F56D9408E0E515C94F49A4074E2B7593519172
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3134342e302f32322d3232203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 10:57:35 +0000
ROA not before: Thu 07 Nov 2024 10:52:35 +0000
ROA not after: Thu 06 Nov 2025 10:57:35 +0000
asID: 42689
IP address blocks: 95.175.144.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:f5:6d:94:08:e0:e5:15:c9:4f:49:a4:07:4e:2b:75:93:51:91:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 10:52:35 2024 GMT
Not After : Nov 6 10:57:35 2025 GMT
Subject: CN=82CA334C5FAB688B6F7D56B6D677244656A46180
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b1:db:6c:0b:bb:25:80:64:05:b5:07:e6:88:
9e:3b:12:6b:74:03:6e:a3:af:2d:03:cc:de:d6:78:
c1:6b:29:2a:fc:bb:3e:ea:43:bd:6f:74:b5:23:82:
82:07:3b:83:a8:68:de:8a:70:2b:ee:24:86:1d:9d:
44:26:17:23:1e:e1:5b:a7:04:9c:ed:e8:94:d0:41:
06:54:d9:2f:04:69:db:a2:55:fa:89:dd:0e:9c:91:
5f:1d:64:04:bd:8f:67:ba:c6:e8:44:67:08:5e:6b:
38:84:1c:c5:d2:b9:b2:c4:13:43:e9:84:b5:d6:ae:
c8:12:c2:c2:da:1d:4f:af:c6:60:31:41:ca:ba:50:
32:19:6a:55:86:a1:fd:a5:a8:cb:32:94:46:13:2b:
c5:7c:b0:9c:71:f6:bb:84:b5:9d:6d:98:13:c3:6b:
04:a0:f3:ab:ba:e7:28:11:fa:b3:f1:b9:85:10:f8:
d9:3d:01:78:0b:75:21:b9:62:e9:f7:20:22:a6:55:
da:d8:ec:a7:13:17:c3:04:02:33:1b:06:82:b3:c1:
c4:1e:76:a1:73:0f:d7:67:d4:e8:de:1b:02:fe:4e:
47:83:b9:ef:e7:6a:a1:0a:a1:34:9b:c4:57:ed:8d:
7e:86:7e:a2:46:11:f0:d0:9c:70:6c:65:1c:6e:db:
f0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:CA:33:4C:5F:AB:68:8B:6F:7D:56:B6:D6:77:24:46:56:A4:61:80
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3134342e302f32322d3232203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.175.144.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:20:3b:59:42:57:80:51:b8:01:8f:02:f8:d8:b0:fc:2a:77:
a8:87:79:f4:e8:70:b8:9c:20:00:cd:5f:09:60:9e:32:24:b9:
12:d7:3c:df:33:76:b4:91:bf:d8:84:cf:41:a5:c6:18:91:7b:
7b:af:73:e2:ee:ea:57:6f:e7:2c:18:b2:9d:ce:c1:a0:2f:ee:
12:1b:ca:3c:04:a6:fa:f6:7e:10:00:30:74:0c:70:d6:b3:7d:
98:fe:b1:43:4c:32:c8:f5:43:3d:e3:17:b8:8a:1a:cf:c5:d6:
e0:c9:59:9d:6a:c0:66:6c:23:00:94:1f:ae:29:ba:a9:a7:9c:
92:6f:c3:d5:67:02:e7:01:5e:5d:d8:0d:24:40:f6:1e:d7:b5:
85:f4:d7:fc:c7:74:41:15:e9:b5:f2:a7:f6:17:9c:e4:91:f5:
17:42:89:dc:8c:d6:59:a7:90:a0:09:96:b6:3f:4a:ee:e9:f6:
6a:2c:4f:3b:7b:d5:29:16:dd:24:66:41:32:a1:cd:ff:8c:28:
ca:63:06:e1:63:fd:18:50:ec:c6:d4:d6:a4:88:12:0f:24:e7:
50:9c:73:b7:24:c2:d4:3f:ff:7d:9a:ab:b8:96:06:59:59:25:
8e:94:65:73:2e:55:36:4f:62:90:f3:84:cf:02:95:81:23:1a:
b2:f7:f4:81
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCfVtlAjg5RXJT0mkB04rdZNRkXIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMDUyMzVaFw0yNTExMDYxMDU3MzVaMDMxMTAvBgNV
BAMTKDgyQ0EzMzRDNUZBQjY4OEI2RjdENTZCNkQ2NzcyNDQ2NTZBNDYxODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4sdtsC7slgGQFtQfmiJ47Emt0
A26jry0DzN7WeMFrKSr8uz7qQ71vdLUjgoIHO4OoaN6KcCvuJIYdnUQmFyMe4Vun
BJzt6JTQQQZU2S8EaduiVfqJ3Q6ckV8dZAS9j2e6xuhEZwheaziEHMXSubLEE0Pp
hLXWrsgSwsLaHU+vxmAxQcq6UDIZalWGof2lqMsylEYTK8V8sJxx9ruEtZ1tmBPD
awSg86u65ygR+rPxuYUQ+Nk9AXgLdSG5Yun3ICKmVdrY7KcTF8MEAjMbBoKzwcQe
dqFzD9dn1OjeGwL+TkeDue/naqEKoTSbxFftjX6GfqJGEfDQnHBsZRxu2/DXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUgsozTF+raItvfVa21nckRlakYYAwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzkzNTJlMzEzNzM1MmUzMTM0
MzQyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
X6+QMA0GCSqGSIb3DQEBCwUAA4IBAQBaIDtZQleAUbgBjwL42LD8Kneoh3n06HC4
nCAAzV8JYJ4yJLkS1zzfM3a0kb/YhM9BpcYYkXt7r3Pi7upXb+csGLKdzsGgL+4S
G8o8BKb69n4QADB0DHDWs32Y/rFDTDLI9UM94xe4ihrPxdbgyVmdasBmbCMAlB+u
Kbqpp5ySb8PVZwLnAV5d2A0kQPYe17WF9Nf8x3RBFem18qf2F5zkkfUXQoncjNZZ
p5CgCZa2P0ru6fZqLE87e9UpFt0kZkEyoc3/jCjKYwbhY/0YUOzG1NakiBIPJOdQ
nHO3JMLUP/99mqu4lgZZWSWOlGVzLlU2T2KQ84TPApWBIxqy9/SB
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org