Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3135322e302f32342d3234203d3e203432363839.roa
File: 39352e3137352e3135322e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: jB8R92PP3phnpFiPBqnH3Hp0hLWJySb1rhcOvKYOfsc=
Subject key identifier: 94:89:79:4C:31:86:11:A3:06:20:6C:E8:13:C9:1B:D5:C6:C5:E8:3C
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 74FB2D9A435D816378856BC4A50219A2FE3582F9
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3135322e302f32342d3234203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 10:58:19 +0000
ROA not before: Thu 07 Nov 2024 10:53:19 +0000
ROA not after: Thu 06 Nov 2025 10:58:19 +0000
asID: 42689
IP address blocks: 95.175.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:fb:2d:9a:43:5d:81:63:78:85:6b:c4:a5:02:19:a2:fe:35:82:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 10:53:19 2024 GMT
Not After : Nov 6 10:58:19 2025 GMT
Subject: CN=9489794C318611A306206CE813C91BD5C6C5E83C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ce:ad:8c:48:dc:ab:f4:f2:9b:6f:a4:fe:5d:
ef:62:69:d8:12:a5:cc:46:db:b6:b5:90:f8:a5:87:
0e:f8:bc:7d:6a:c6:f8:6e:91:2d:8a:38:df:9b:00:
1f:1b:3d:72:b2:d4:5a:d0:5a:e0:f6:b0:36:6a:ad:
1a:cb:6d:7c:3e:5e:90:ed:b8:a1:d3:ae:0b:7e:8d:
48:ce:ca:57:37:76:2e:03:28:0a:fb:66:ba:86:95:
a9:06:83:b8:92:12:0d:8a:2c:f9:1c:38:87:35:5c:
8a:8f:8b:b8:34:d3:95:53:06:b0:f2:03:0d:98:79:
8d:11:59:d4:26:cc:70:af:5c:48:f6:82:f0:d5:fb:
02:3e:c5:10:50:07:7f:54:7e:1b:8c:8f:8c:b0:e1:
11:65:6d:50:56:db:62:72:d9:60:1d:54:87:ca:e0:
dc:3e:ff:dd:a4:34:83:83:b6:a9:03:b6:31:42:8e:
c6:07:b2:05:76:f7:65:d0:fb:23:1a:2a:92:68:4b:
e6:ec:09:15:d4:dc:c0:36:1d:b7:83:83:3b:38:e0:
2e:e7:b3:8d:2b:98:d1:d3:b3:28:ac:64:bb:33:62:
72:b8:46:e8:6d:ae:72:cc:fa:b8:d5:c6:ba:c9:5a:
0b:83:2e:7a:1f:7c:8e:a7:20:b1:c3:02:7a:c1:90:
b5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:89:79:4C:31:86:11:A3:06:20:6C:E8:13:C9:1B:D5:C6:C5:E8:3C
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3135322e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.175.152.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:fe:02:84:10:be:bb:96:c4:d3:d9:86:93:5c:2c:ca:e5:be:
52:00:42:89:09:5d:36:b7:26:8e:aa:d6:6c:ac:52:bc:c9:bd:
2d:71:7b:41:16:de:84:fc:88:4f:fd:8a:da:5a:18:36:be:2b:
48:e5:c5:71:a9:aa:e9:c3:ee:ba:01:94:49:46:c4:9f:9e:03:
e7:6e:7f:ae:e7:93:45:c2:27:c7:62:08:f7:5b:4f:cf:2e:bb:
4d:79:6b:3a:2c:07:27:6f:47:4a:2c:40:a7:41:9a:1d:fb:4b:
31:93:db:64:98:39:2c:44:d9:bb:5f:63:42:11:c4:b8:68:8f:
57:5a:ec:a9:9a:5e:5a:e4:ac:10:90:9d:ba:9b:d4:45:97:ba:
54:c1:f5:3d:d7:1a:ca:4f:a4:fb:2f:1f:12:ad:5d:35:40:b0:
23:de:26:f1:26:79:23:c1:98:18:a8:74:0a:6c:c3:0a:6e:41:
f3:0f:aa:d6:63:76:4f:4e:c2:b2:e2:c9:d6:54:3f:89:3c:89:
35:e1:4e:ce:5e:53:c0:de:b2:c5:88:6d:79:93:43:7c:02:db:
20:80:7f:d7:d6:41:55:ae:e9:5f:fb:57:a3:87:82:2e:99:73:
a3:dd:f1:09:d2:fc:25:b4:c6:0c:e8:1e:b1:b3:aa:0b:2f:ce:
1e:c4:26:6b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdPstmkNdgWN4hWvEpQIZov41gvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMDUzMTlaFw0yNTExMDYxMDU4MTlaMDMxMTAvBgNV
BAMTKDk0ODk3OTRDMzE4NjExQTMwNjIwNkNFODEzQzkxQkQ1QzZDNUU4M0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4zq2MSNyr9PKbb6T+Xe9iadgS
pcxG27a1kPilhw74vH1qxvhukS2KON+bAB8bPXKy1FrQWuD2sDZqrRrLbXw+XpDt
uKHTrgt+jUjOylc3di4DKAr7ZrqGlakGg7iSEg2KLPkcOIc1XIqPi7g005VTBrDy
Aw2YeY0RWdQmzHCvXEj2gvDV+wI+xRBQB39UfhuMj4yw4RFlbVBW22Jy2WAdVIfK
4Nw+/92kNIODtqkDtjFCjsYHsgV292XQ+yMaKpJoS+bsCRXU3MA2HbeDgzs44C7n
s40rmNHTsyisZLszYnK4RuhtrnLM+rjVxrrJWguDLnoffI6nILHDAnrBkLXHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUlIl5TDGGEaMGIGzoE8kb1cbF6DwwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzkzNTJlMzEzNzM1MmUzMTM1
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6+YMA0GCSqGSIb3DQEBCwUAA4IBAQBq/gKEEL67lsTT2YaTXCzK5b5SAEKJCV02
tyaOqtZsrFK8yb0tcXtBFt6E/IhP/YraWhg2vitI5cVxqarpw+66AZRJRsSfngPn
bn+u55NFwifHYgj3W0/PLrtNeWs6LAcnb0dKLECnQZod+0sxk9tkmDksRNm7X2NC
EcS4aI9XWuypml5a5KwQkJ26m9RFl7pUwfU91xrKT6T7Lx8SrV01QLAj3ibxJnkj
wZgYqHQKbMMKbkHzD6rWY3ZPTsKy4snWVD+JPIk14U7OXlPA3rLFiG15k0N8Atsg
gH/X1kFVrulf+1ejh4IumXOj3fEJ0vwltMYM6B6xs6oLL84exCZr
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org