Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3135342e302f32332d3233203d3e203432363839.roa
File: 39352e3137352e3135342e302f32332d3233203d3e203432363839.roa (raw, json)
Hash identifier: P5p9HsNqeUoL/wK8UrQwRE0r9JHU8gdXsHVAlizStFc=
Subject key identifier: 79:43:D2:D0:7C:DC:A9:81:0F:8F:4C:78:57:75:AF:FB:82:EC:36:EE
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 73A28ADF03A4D435FAF5912EBBC56E51B9F76519
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3135342e302f32332d3233203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 10:58:41 +0000
ROA not before: Thu 07 Nov 2024 10:53:41 +0000
ROA not after: Thu 06 Nov 2025 10:58:41 +0000
asID: 42689
IP address blocks: 95.175.154.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:a2:8a:df:03:a4:d4:35:fa:f5:91:2e:bb:c5:6e:51:b9:f7:65:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 10:53:41 2024 GMT
Not After : Nov 6 10:58:41 2025 GMT
Subject: CN=7943D2D07CDCA9810F8F4C785775AFFB82EC36EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c1:cc:c1:86:9a:e2:5c:79:24:9a:cf:b2:4f:
3b:ce:0a:51:30:67:4f:23:3a:ae:5c:0b:8a:7f:df:
d0:cb:8c:45:4e:65:a8:ef:5e:b3:73:8b:d4:fe:da:
51:44:16:a6:0e:79:6a:22:cf:4f:36:a6:cc:bf:56:
1b:c4:c2:77:b2:56:54:9d:88:e5:3e:00:90:33:e9:
4c:ca:bc:6c:3c:2c:d3:ec:d0:10:41:d3:a0:72:11:
5a:38:f1:47:59:21:ba:e5:f7:72:a7:61:ca:91:be:
cb:84:54:99:2d:0c:92:51:7b:b0:ac:52:ad:90:3c:
5d:f6:71:1f:d5:03:f0:cb:a7:43:0f:74:46:51:78:
3d:6b:5e:b2:e4:1a:f0:9e:0e:9f:2c:9d:69:34:68:
0e:11:ca:eb:c4:18:04:01:89:db:35:be:1c:ec:f1:
16:3b:d5:8d:20:cf:70:78:17:2f:54:be:50:f1:ae:
ee:1a:52:46:73:2c:03:b8:55:ce:46:93:35:a7:5e:
e1:14:92:26:9f:31:bc:41:b6:3d:00:af:93:e7:ed:
c2:bc:d6:7d:2f:18:3c:55:e3:c0:64:ff:2c:b4:82:
61:29:bc:f2:94:3c:73:7d:e5:df:6c:6b:6b:75:06:
ba:49:5a:60:d4:01:ba:23:1a:2f:58:d1:4a:62:4d:
f5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:43:D2:D0:7C:DC:A9:81:0F:8F:4C:78:57:75:AF:FB:82:EC:36:EE
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3135342e302f32332d3233203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.175.154.0/23
Signature Algorithm: sha256WithRSAEncryption
66:ec:1c:88:bf:32:23:e2:aa:64:0e:d5:b4:4b:44:ac:1e:a9:
16:0f:6c:5e:40:d6:cf:27:7c:9d:40:7b:89:2c:e2:6f:49:45:
01:b7:69:6b:c3:ce:ef:33:3a:ae:d3:4f:91:c2:cf:ec:1c:a4:
ad:96:06:3d:5a:9e:5b:53:17:66:2f:35:20:b8:e8:f7:53:16:
8c:7c:b9:34:ca:9e:30:24:f6:28:ef:98:02:0f:ec:82:82:54:
e9:bf:f6:a5:30:bf:89:0f:e5:5a:16:77:11:15:62:86:16:72:
bc:6d:c2:fd:f9:5d:17:36:cc:06:da:b6:79:3d:1e:f9:9e:39:
95:b2:9f:48:89:d0:e5:c4:f3:3e:b4:c7:0c:76:d8:d2:f6:36:
c3:c4:1f:8f:1c:a9:51:6f:ae:f3:f6:3d:39:24:02:f4:6a:58:
c3:87:50:ba:21:2c:56:62:a6:23:84:a9:ed:a0:96:90:68:de:
37:6e:83:2a:b3:ef:d5:4e:9b:b7:09:c7:1d:a6:4f:43:1e:a5:
30:a5:d3:9c:40:99:3e:f7:64:bb:87:00:e8:48:62:1d:df:5b:
68:33:f3:78:9e:f4:de:de:27:4c:d8:75:ca:b7:8e:f8:a0:14:
6a:f2:75:95:eb:ff:31:5d:c3:61:3e:ce:1f:e1:9c:67:d1:14:
6f:1a:cc:bb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUc6KK3wOk1DX69ZEuu8VuUbn3ZRkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMDUzNDFaFw0yNTExMDYxMDU4NDFaMDMxMTAvBgNV
BAMTKDc5NDNEMkQwN0NEQ0E5ODEwRjhGNEM3ODU3NzVBRkZCODJFQzM2RUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6wczBhpriXHkkms+yTzvOClEw
Z08jOq5cC4p/39DLjEVOZajvXrNzi9T+2lFEFqYOeWoiz082psy/VhvEwneyVlSd
iOU+AJAz6UzKvGw8LNPs0BBB06ByEVo48UdZIbrl93KnYcqRvsuEVJktDJJRe7Cs
Uq2QPF32cR/VA/DLp0MPdEZReD1rXrLkGvCeDp8snWk0aA4RyuvEGAQBids1vhzs
8RY71Y0gz3B4Fy9UvlDxru4aUkZzLAO4Vc5GkzWnXuEUkiafMbxBtj0Ar5Pn7cK8
1n0vGDxV48Bk/yy0gmEpvPKUPHN95d9sa2t1BrpJWmDUAbojGi9Y0UpiTfUZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUeUPS0HzcqYEPj0x4V3Wv+4LsNu4wHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzkzNTJlMzEzNzM1MmUzMTM1
MzQyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
X6+aMA0GCSqGSIb3DQEBCwUAA4IBAQBm7ByIvzIj4qpkDtW0S0SsHqkWD2xeQNbP
J3ydQHuJLOJvSUUBt2lrw87vMzqu00+Rws/sHKStlgY9Wp5bUxdmLzUguOj3UxaM
fLk0yp4wJPYo75gCD+yCglTpv/alML+JD+VaFncRFWKGFnK8bcL9+V0XNswG2rZ5
PR75njmVsp9IidDlxPM+tMcMdtjS9jbDxB+PHKlRb67z9j05JAL0aljDh1C6ISxW
YqYjhKntoJaQaN43boMqs+/VTpu3Cccdpk9DHqUwpdOcQJk+92S7hwDoSGId31to
M/N4nvTe3idM2HXKt474oBRq8nWV6/8xXcNhPs4f4Zxn0RRvGsy7
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org