Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3135312e302f32342d3234203d3e203432363839.roa
File: 39352e3137352e3135312e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: 6tFO72UxeO1H5cVBr+7YuEWZc2ZGmDX6VFA5HdgPutw=
Subject key identifier: 23:96:1F:68:69:71:FE:12:8C:FC:10:13:AB:A3:CC:A1:10:81:80:7F
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 7F9BC33280A2DC8F17E6B6D7522A4DCDD76C91A3
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3135312e302f32342d3234203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 10:58:04 +0000
ROA not before: Thu 07 Nov 2024 10:53:04 +0000
ROA not after: Thu 06 Nov 2025 10:58:04 +0000
asID: 42689
IP address blocks: 95.175.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:9b:c3:32:80:a2:dc:8f:17:e6:b6:d7:52:2a:4d:cd:d7:6c:91:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 10:53:04 2024 GMT
Not After : Nov 6 10:58:04 2025 GMT
Subject: CN=23961F686971FE128CFC1013ABA3CCA11081807F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:9a:17:23:da:ec:8b:4c:eb:79:39:a3:2f:d4:
8e:e7:c7:18:6f:90:9c:56:ba:bc:3c:f3:39:6c:25:
09:2f:7e:21:6b:49:48:60:df:ff:06:ea:56:c6:bf:
f0:1e:3d:57:16:9d:5f:07:31:fa:e1:e7:a7:79:8a:
2d:24:eb:b0:a5:63:f1:66:d4:31:3e:db:48:19:84:
b3:af:c5:ab:ef:27:76:91:42:83:be:b0:dc:48:84:
6c:ae:bb:34:d7:13:ab:a8:0a:49:a6:e1:dc:35:fe:
6e:b5:d3:89:4d:e5:eb:67:d7:6f:4b:52:24:5a:a1:
fb:b5:90:c9:09:26:be:d9:fc:f8:83:48:7a:8a:48:
34:5f:89:23:35:ed:09:50:fa:2c:e1:5f:e4:4c:96:
47:12:47:eb:6e:67:59:1f:4e:32:cf:dc:d6:87:ba:
69:b8:2c:13:87:56:06:a7:b4:7f:e8:c2:00:58:f6:
ee:92:8c:be:fa:d6:e2:fa:b2:27:9c:70:51:e8:5b:
18:9b:69:68:40:1f:a8:ab:13:71:4e:b7:dd:f7:8b:
d1:9d:42:8b:8e:6a:30:a5:42:d6:d2:8e:e3:f5:c7:
05:e3:a1:5b:59:1f:9c:3f:5a:ea:6f:fa:8a:99:58:
ac:67:e0:be:f2:05:85:79:17:cc:d1:2a:4e:ee:a5:
83:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:96:1F:68:69:71:FE:12:8C:FC:10:13:AB:A3:CC:A1:10:81:80:7F
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3135312e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.175.151.0/24
Signature Algorithm: sha256WithRSAEncryption
29:96:1f:93:34:8b:7c:b2:c2:25:8d:61:dc:2f:69:8e:c6:a6:
d0:ba:eb:78:b0:3a:44:ed:c2:bd:27:5b:7e:bb:2a:ac:1d:8d:
bb:d4:2d:9a:d3:ff:25:a7:2c:d9:2a:84:3f:b5:64:79:b2:07:
66:8e:dc:e3:40:c3:28:d6:d5:c3:16:35:54:ff:49:c6:26:a2:
24:b5:2c:ea:d1:8f:a9:c3:a9:3e:ca:98:51:2d:54:bd:9a:91:
6c:0c:c7:9b:0d:5e:0e:4c:6c:af:c4:eb:13:93:51:d8:9c:e2:
52:af:0d:a4:22:ac:73:f3:cd:f9:5c:cc:a9:28:f7:b3:ab:49:
72:72:fa:be:04:38:13:bf:1e:19:7f:17:3a:bb:54:4c:5a:19:
5d:be:ed:b4:34:9f:40:2a:97:36:7b:ca:bc:55:12:fe:f3:7b:
ee:2e:1b:e2:35:3a:05:5c:7a:08:b3:61:65:46:fe:d0:b7:82:
71:1c:e0:8d:c5:21:2d:55:33:7c:50:aa:7c:e0:2a:87:5b:14:
cc:91:6c:17:f5:d5:40:f3:96:dc:7f:d3:0d:ee:19:ef:b3:95:
d1:15:20:9d:f0:f4:31:bf:23:55:f5:6c:31:97:3b:62:89:47:
07:a4:6a:7d:a9:38:24:87:20:92:6e:3c:5a:d5:2c:04:84:6e:
e5:94:42:8d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUf5vDMoCi3I8X5rbXUipNzddskaMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMDUzMDRaFw0yNTExMDYxMDU4MDRaMDMxMTAvBgNV
BAMTKDIzOTYxRjY4Njk3MUZFMTI4Q0ZDMTAxM0FCQTNDQ0ExMTA4MTgwN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSmhcj2uyLTOt5OaMv1I7nxxhv
kJxWurw88zlsJQkvfiFrSUhg3/8G6lbGv/AePVcWnV8HMfrh56d5ii0k67ClY/Fm
1DE+20gZhLOvxavvJ3aRQoO+sNxIhGyuuzTXE6uoCkmm4dw1/m6104lN5etn129L
UiRaofu1kMkJJr7Z/PiDSHqKSDRfiSM17QlQ+izhX+RMlkcSR+tuZ1kfTjLP3NaH
umm4LBOHVgantH/owgBY9u6SjL761uL6sieccFHoWxibaWhAH6irE3FOt933i9Gd
QouOajClQtbSjuP1xwXjoVtZH5w/Wupv+oqZWKxn4L7yBYV5F8zRKk7upYPrAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUI5YfaGlx/hKM/BATq6PMoRCBgH8wHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzkzNTJlMzEzNzM1MmUzMTM1
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6+XMA0GCSqGSIb3DQEBCwUAA4IBAQAplh+TNIt8ssIljWHcL2mOxqbQuut4sDpE
7cK9J1t+uyqsHY271C2a0/8lpyzZKoQ/tWR5sgdmjtzjQMMo1tXDFjVU/0nGJqIk
tSzq0Y+pw6k+yphRLVS9mpFsDMebDV4OTGyvxOsTk1HYnOJSrw2kIqxz8835XMyp
KPezq0lycvq+BDgTvx4Zfxc6u1RMWhldvu20NJ9AKpc2e8q8VRL+83vuLhviNToF
XHoIs2FlRv7Qt4JxHOCNxSEtVTN8UKp84CqHWxTMkWwX9dVA85bcf9MN7hnvs5XR
FSCd8PQxvyNV9WwxlztiiUcHpGp9qTgkhyCSbjxa1SwEhG7llEKN
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org