Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3134382e302f32332d3233203d3e203432363839.roa
File: 39352e3137352e3134382e302f32332d3233203d3e203432363839.roa (raw, json)
Hash identifier: E3c4+doFQHoRXmrk9o13m7NIUEsAfCpKWonxjqjcb70=
Subject key identifier: CB:88:E0:B6:1C:3D:2D:3A:49:63:B8:8D:84:B6:C5:3D:40:8E:D0:74
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 2C8164061B75F23989960492B729A3649007DF11
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3134382e302f32332d3233203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 10:57:49 +0000
ROA not before: Thu 07 Nov 2024 10:52:49 +0000
ROA not after: Thu 06 Nov 2025 10:57:49 +0000
asID: 42689
IP address blocks: 95.175.148.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:81:64:06:1b:75:f2:39:89:96:04:92:b7:29:a3:64:90:07:df:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 10:52:49 2024 GMT
Not After : Nov 6 10:57:49 2025 GMT
Subject: CN=CB88E0B61C3D2D3A4963B88D84B6C53D408ED074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:61:14:6f:5b:7f:dc:40:51:5f:f8:82:ad:96:
fa:37:27:22:17:44:40:fb:73:0f:6b:84:55:ee:61:
2b:37:f6:74:c0:e2:33:d4:6b:31:b1:af:4f:b2:64:
41:21:ed:d9:65:c9:b3:65:0d:41:72:27:a7:34:a6:
25:34:d8:86:43:8d:23:09:54:44:3d:9e:58:ab:ee:
6d:ad:a7:8e:98:5d:91:a3:ee:da:a4:eb:67:24:0b:
a6:22:6c:0f:35:1d:5b:6b:ce:5f:16:d8:82:a7:85:
45:3d:12:82:d2:a3:1b:47:76:55:33:90:e0:11:a2:
7f:57:75:2a:01:d3:16:5e:2f:a5:2f:76:d3:0a:a4:
57:25:fa:0f:03:71:ea:e1:56:d6:d6:c4:f7:26:0f:
ab:72:0a:74:9b:98:bc:0d:e3:8a:77:ed:04:07:16:
3f:7e:9b:42:69:c8:f4:5c:12:9e:83:5d:2f:d3:c8:
e9:e3:27:c7:1c:5f:b0:50:56:8e:5f:af:d7:ea:b5:
67:b4:16:7b:f8:19:13:40:7d:87:48:2c:42:ed:e0:
cb:de:a8:a3:40:54:9e:5e:23:bd:0b:97:a0:ae:bf:
2d:02:be:e5:23:5d:8e:d6:c8:72:50:3d:57:68:da:
15:d4:ec:bb:8f:b4:19:2a:06:d6:9a:bc:a5:1d:28:
60:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:88:E0:B6:1C:3D:2D:3A:49:63:B8:8D:84:B6:C5:3D:40:8E:D0:74
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3134382e302f32332d3233203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.175.148.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:cb:d4:77:e0:1a:ef:fe:bc:59:d7:3e:86:b6:e2:a1:87:48:
a3:3e:60:99:22:b5:9e:1f:33:2f:a2:81:1c:e1:b0:a0:a6:1a:
22:cd:74:2e:36:0a:cd:06:a9:e7:b9:3b:82:e4:35:9c:bf:14:
67:53:21:44:4d:47:46:a5:bc:bf:14:2a:21:f8:92:eb:d0:1c:
99:bc:bf:8f:d4:a5:26:7c:30:1b:3f:b4:ee:07:f3:d8:c6:a1:
76:dd:71:d3:d1:f7:87:ab:b0:1f:94:b3:1b:ea:0d:13:bc:35:
b0:5d:a4:01:40:be:10:75:18:54:de:33:c3:91:38:e6:92:c6:
fb:6b:04:2c:04:5b:7e:47:37:1b:0e:e5:23:76:f8:24:11:b3:
6c:f7:49:b5:77:a2:98:6d:35:26:05:6e:0f:71:9e:14:60:b1:
9d:8b:86:10:73:57:4b:98:7f:29:23:bb:3d:81:eb:94:d7:87:
36:35:cb:ee:52:5f:fc:60:fc:5a:60:20:37:b5:b2:50:d7:a9:
b4:04:5e:c6:27:b4:00:3a:d5:50:0f:69:d9:59:79:61:a1:b0:
3c:bd:58:2a:32:51:1b:fe:a3:d5:11:09:74:9f:e0:20:f1:16:
dd:e7:20:57:ad:16:61:39:f1:fc:75:5b:c6:05:73:1b:3f:fc:
a8:50:cd:a7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULIFkBht18jmJlgSStymjZJAH3xEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMDUyNDlaFw0yNTExMDYxMDU3NDlaMDMxMTAvBgNV
BAMTKENCODhFMEI2MUMzRDJEM0E0OTYzQjg4RDg0QjZDNTNENDA4RUQwNzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIYRRvW3/cQFFf+IKtlvo3JyIX
RED7cw9rhFXuYSs39nTA4jPUazGxr0+yZEEh7dllybNlDUFyJ6c0piU02IZDjSMJ
VEQ9nlir7m2tp46YXZGj7tqk62ckC6YibA81HVtrzl8W2IKnhUU9EoLSoxtHdlUz
kOARon9XdSoB0xZeL6UvdtMKpFcl+g8DcerhVtbWxPcmD6tyCnSbmLwN44p37QQH
Fj9+m0JpyPRcEp6DXS/TyOnjJ8ccX7BQVo5fr9fqtWe0Fnv4GRNAfYdILELt4Mve
qKNAVJ5eI70Ll6Cuvy0CvuUjXY7WyHJQPVdo2hXU7LuPtBkqBtaavKUdKGArAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUy4jgthw9LTpJY7iNhLbFPUCO0HQwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzkzNTJlMzEzNzM1MmUzMTM0
MzgyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
X6+UMA0GCSqGSIb3DQEBCwUAA4IBAQCby9R34Brv/rxZ1z6GtuKhh0ijPmCZIrWe
HzMvooEc4bCgphoizXQuNgrNBqnnuTuC5DWcvxRnUyFETUdGpby/FCoh+JLr0ByZ
vL+P1KUmfDAbP7TuB/PYxqF23XHT0feHq7AflLMb6g0TvDWwXaQBQL4QdRhU3jPD
kTjmksb7awQsBFt+RzcbDuUjdvgkEbNs90m1d6KYbTUmBW4PcZ4UYLGdi4YQc1dL
mH8pI7s9geuU14c2NcvuUl/8YPxaYCA3tbJQ16m0BF7GJ7QAOtVQD2nZWXlhobA8
vVgqMlEb/qPVEQl0n+Ag8Rbd5yBXrRZhOfH8dVvGBXMbP/yoUM2n
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org