Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3135362e302f32322d3232203d3e203432363839.roa
File: 39352e3137352e3135362e302f32322d3232203d3e203432363839.roa (raw, json)
Hash identifier: zhb0yhoIPOrwy5C2/o98fZhHOV3MdcanHiQPLl3gYoo=
Subject key identifier: 88:B5:F7:19:32:C0:B1:8A:63:A7:E7:E4:2E:57:58:27:94:71:20:3A
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 0DFC14EC3F8B0FBF11818E8CE9C22DE0BD29B999
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3135362e302f32322d3232203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 10:58:55 +0000
ROA not before: Thu 07 Nov 2024 10:53:55 +0000
ROA not after: Thu 06 Nov 2025 10:58:55 +0000
asID: 42689
IP address blocks: 95.175.156.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:fc:14:ec:3f:8b:0f:bf:11:81:8e:8c:e9:c2:2d:e0:bd:29:b9:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 10:53:55 2024 GMT
Not After : Nov 6 10:58:55 2025 GMT
Subject: CN=88B5F71932C0B18A63A7E7E42E5758279471203A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:61:14:54:34:43:84:23:25:3e:20:49:c0:d4:
b8:ef:4e:cb:83:77:c3:0e:2b:57:01:22:ce:c9:03:
34:5e:4d:5a:ee:b7:7f:80:f7:df:ab:04:fd:07:bb:
66:5e:6d:f9:d7:22:d7:38:4d:a4:a2:ed:fd:4c:a7:
97:ae:e3:80:c5:4b:ce:d4:6d:22:81:e9:4e:48:aa:
48:e7:ec:fb:fb:92:95:d1:e5:7f:17:a6:8c:da:57:
dc:e7:fb:e5:56:f0:e5:b3:ba:a1:76:f2:35:cf:21:
2a:43:78:26:72:c9:29:56:28:6b:81:65:46:d7:2a:
0a:2a:34:7f:f4:59:6e:19:3a:db:02:f2:7a:9a:dd:
09:48:9d:6d:d6:fd:5d:54:2a:c3:4d:e3:c9:45:37:
6e:94:1e:2d:23:95:c2:15:e9:c7:08:7d:bd:b0:9a:
de:61:94:2a:ba:5f:8f:f7:38:2a:9e:a3:18:6b:33:
3f:dc:25:0c:b9:82:3d:50:7b:6e:02:cd:88:e9:db:
31:86:45:1d:1e:73:fa:d4:cb:76:54:71:81:71:90:
56:d4:2e:70:17:cb:86:ad:7f:3e:ed:45:be:72:05:
7e:24:3b:a2:2c:45:c9:66:fc:d3:96:45:92:d1:92:
0e:0e:6c:91:30:79:00:8a:80:c2:0f:40:20:3f:32:
bb:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:B5:F7:19:32:C0:B1:8A:63:A7:E7:E4:2E:57:58:27:94:71:20:3A
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39352e3137352e3135362e302f32322d3232203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.175.156.0/22
Signature Algorithm: sha256WithRSAEncryption
66:f8:a5:82:ec:e2:d4:25:ff:50:13:5a:50:70:85:75:fc:ef:
2a:fa:b7:ea:b4:67:6f:90:83:2b:43:e1:a6:10:be:52:2c:16:
c9:8a:09:07:28:69:54:ad:56:a8:ed:b9:04:56:b2:32:14:13:
8c:87:42:fe:6a:f1:09:d2:97:9e:4b:61:f8:79:fb:62:fb:c8:
e4:a2:b2:d5:02:3b:b1:11:33:5d:a1:80:41:7e:5f:05:0d:46:
d0:6e:e5:d8:31:31:6b:45:8b:b4:47:ac:b3:78:07:cf:9b:9e:
df:8b:b3:50:1d:ee:aa:ca:1c:49:f3:5c:f4:df:2e:ca:da:37:
90:9c:35:a2:19:6f:95:4f:85:2b:0d:c2:1b:75:68:2d:7d:f8:
a8:93:21:f9:59:7a:ed:57:f9:46:14:ad:02:a7:ba:0f:90:9c:
91:01:d3:23:0c:dd:fd:4c:e1:5b:fc:48:76:a3:aa:86:ee:b1:
3a:33:46:ac:ab:5c:16:14:b6:ea:31:2f:db:8f:a8:4a:7a:67:
26:90:bd:7e:17:60:59:50:98:e0:33:c9:7a:2e:d9:b4:ea:eb:
f7:81:e2:b8:35:90:ac:85:f2:d0:a5:1b:21:1c:4d:5e:1b:00:
d1:38:c2:25:40:fa:e1:85:ac:cc:c7:f8:15:e1:85:bb:f4:16:
25:3d:fe:86
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDfwU7D+LD78RgY6M6cIt4L0puZkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMDUzNTVaFw0yNTExMDYxMDU4NTVaMDMxMTAvBgNV
BAMTKDg4QjVGNzE5MzJDMEIxOEE2M0E3RTdFNDJFNTc1ODI3OTQ3MTIwM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvYRRUNEOEIyU+IEnA1LjvTsuD
d8MOK1cBIs7JAzReTVrut3+A99+rBP0Hu2ZebfnXItc4TaSi7f1Mp5eu44DFS87U
bSKB6U5Iqkjn7Pv7kpXR5X8XpozaV9zn++VW8OWzuqF28jXPISpDeCZyySlWKGuB
ZUbXKgoqNH/0WW4ZOtsC8nqa3QlInW3W/V1UKsNN48lFN26UHi0jlcIV6ccIfb2w
mt5hlCq6X4/3OCqeoxhrMz/cJQy5gj1Qe24CzYjp2zGGRR0ec/rUy3ZUcYFxkFbU
LnAXy4atfz7tRb5yBX4kO6IsRclm/NOWRZLRkg4ObJEweQCKgMIPQCA/MrvvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUiLX3GTLAsYpjp+fkLldYJ5RxIDowHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzkzNTJlMzEzNzM1MmUzMTM1
MzYyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
X6+cMA0GCSqGSIb3DQEBCwUAA4IBAQBm+KWC7OLUJf9QE1pQcIV1/O8q+rfqtGdv
kIMrQ+GmEL5SLBbJigkHKGlUrVao7bkEVrIyFBOMh0L+avEJ0peeS2H4efti+8jk
orLVAjuxETNdoYBBfl8FDUbQbuXYMTFrRYu0R6yzeAfPm57fi7NQHe6qyhxJ81z0
3y7K2jeQnDWiGW+VT4UrDcIbdWgtffiokyH5WXrtV/lGFK0Cp7oPkJyRAdMjDN39
TOFb/Eh2o6qG7rE6M0asq1wWFLbqMS/bj6hKemcmkL1+F2BZUJjgM8l6Ltm06uv3
geK4NZCshfLQpRshHE1eGwDROMIlQPrhhazMx/gV4YW79BYlPf6G
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org