Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3130392e3130372e33322e302f31392d3139203d3e203531303539.roa
File: 3130392e3130372e33322e302f31392d3139203d3e203531303539.roa (raw, json)
Hash identifier: X2z2XPrgUr9xIts6n1d1e4f9jy7uzF9LQOiTf+AM3H0=
Subject key identifier: C0:47:CC:66:CB:AE:AE:22:20:C1:A5:0B:0D:D3:05:BB:57:50:13:0B
Certificate issuer: /CN=4502e63ce01cad239ac397bc2bb5e6c347dceeea
Certificate serial: 20A5754B04A328264189B67298D4E13B24E366CC
Authority key identifier: 45:02:E6:3C:E0:1C:AD:23:9A:C3:97:BC:2B:B5:E6:C3:47:DC:EE:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3130392e3130372e33322e302f31392d3139203d3e203531303539.roa
Signing time: Tue 08 Oct 2024 10:36:39 +0000
ROA not before: Tue 08 Oct 2024 10:31:39 +0000
ROA not after: Tue 07 Oct 2025 10:36:39 +0000
asID: 51059
IP address blocks: 109.107.32.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:a5:75:4b:04:a3:28:26:41:89:b6:72:98:d4:e1:3b:24:e3:66:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4502e63ce01cad239ac397bc2bb5e6c347dceeea
Validity
Not Before: Oct 8 10:31:39 2024 GMT
Not After : Oct 7 10:36:39 2025 GMT
Subject: CN=C047CC66CBAEAE2220C1A50B0DD305BB5750130B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f4:5a:a8:b8:e1:97:d3:25:be:bd:5e:ed:8b:
fe:84:08:80:be:ad:7b:37:dd:cb:93:7c:6b:a2:c3:
c4:04:37:38:da:7f:bd:28:ce:6c:55:a7:c4:4a:0b:
de:dc:67:15:2b:cb:d3:67:cf:42:c4:0f:25:80:19:
ea:81:ab:f6:8e:84:3a:dd:a3:a7:72:fc:c0:15:05:
c4:53:d3:59:07:55:89:de:b7:d6:03:8f:76:b7:f3:
e9:bd:26:3b:45:5b:32:f0:cf:47:64:2d:9a:7b:b9:
80:8f:77:bc:50:07:68:e0:ca:b5:5f:de:8e:40:34:
43:6f:80:2b:86:52:42:20:1b:64:38:0b:bf:e5:b7:
72:4c:39:1b:80:bf:05:f3:e3:9f:b7:e4:f4:72:f6:
a3:18:15:0c:10:e4:6d:ba:7d:cf:4c:ba:0e:e5:7a:
6d:ea:ed:8c:a6:45:5c:d1:99:fd:19:0b:b4:80:c2:
28:87:ec:4a:3b:ff:b7:2d:0d:8f:42:48:39:9c:f8:
ee:0b:92:ba:20:37:24:66:3b:6b:3f:2c:8a:d0:a1:
7a:84:25:c1:29:29:46:4b:04:22:3c:c2:af:16:a1:
d0:3d:d4:46:32:95:0d:e6:f5:2e:a0:ad:96:5f:fe:
63:5b:75:4e:09:bb:82:18:5c:08:a4:27:65:e4:2b:
d5:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:47:CC:66:CB:AE:AE:22:20:C1:A5:0B:0D:D3:05:BB:57:50:13:0B
X509v3 Authority Key Identifier:
keyid:45:02:E6:3C:E0:1C:AD:23:9A:C3:97:BC:2B:B5:E6:C3:47:DC:EE:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3130392e3130372e33322e302f31392d3139203d3e203531303539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.32.0/19
Signature Algorithm: sha256WithRSAEncryption
45:28:cc:db:bb:6f:9b:97:97:a2:41:d7:bf:fd:55:7c:16:f5:
cf:a8:5a:6e:c2:ca:8e:52:79:ce:c1:5e:44:3b:61:cd:c8:39:
87:4b:0e:1a:07:b1:c8:5d:c2:51:ee:d3:2e:71:d3:3e:e5:3f:
5b:09:df:13:a6:79:b1:7a:c1:e9:6d:11:f5:02:83:48:2d:19:
2f:32:24:20:8a:55:8c:c1:63:19:89:af:5c:22:a8:8f:97:7f:
68:49:90:71:b5:7b:28:00:85:df:d7:db:e4:d2:d4:33:e9:ff:
ad:3d:a3:a5:0a:60:82:13:9a:e5:b2:34:2d:2e:74:12:f8:ea:
62:77:f5:24:76:35:d1:a9:33:c3:a2:2d:62:e0:aa:d4:47:49:
c2:87:d1:bc:28:34:60:65:4a:a8:62:45:21:ab:49:a3:4b:75:
d4:cc:44:5b:2c:71:51:02:97:cd:ef:46:e6:26:c3:66:c9:be:
d2:8e:40:c6:35:28:7b:09:4f:8a:cf:08:e1:50:ad:8f:31:43:
6b:47:eb:c1:8d:11:02:7e:7d:4c:e7:1a:b6:78:1e:11:1f:c3:
e1:0a:c6:24:42:b7:fa:b7:88:5b:68:75:5c:01:b2:4d:42:2e:
e3:67:e4:be:73:4b:65:d6:6c:b1:53:68:b4:d6:60:bd:dc:70:
5b:e3:c8:c3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIKV1SwSjKCZBibZymNThOyTjZswwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUwMmU2M2NlMDFjYWQyMzlhYzM5N2JjMmJiNWU2YzM0
N2RjZWVlYTAeFw0yNDEwMDgxMDMxMzlaFw0yNTEwMDcxMDM2MzlaMDMxMTAvBgNV
BAMTKEMwNDdDQzY2Q0JBRUFFMjIyMEMxQTUwQjBERDMwNUJCNTc1MDEzMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL9FqouOGX0yW+vV7ti/6ECIC+
rXs33cuTfGuiw8QENzjaf70ozmxVp8RKC97cZxUry9Nnz0LEDyWAGeqBq/aOhDrd
o6dy/MAVBcRT01kHVYnet9YDj3a38+m9JjtFWzLwz0dkLZp7uYCPd7xQB2jgyrVf
3o5ANENvgCuGUkIgG2Q4C7/lt3JMORuAvwXz45+35PRy9qMYFQwQ5G26fc9Mug7l
em3q7YymRVzRmf0ZC7SAwiiH7Eo7/7ctDY9CSDmc+O4LkrogNyRmO2s/LIrQoXqE
JcEpKUZLBCI8wq8WodA91EYylQ3m9S6grZZf/mNbdU4Ju4IYXAikJ2XkK9WPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUwEfMZsuuriIgwaULDdMFu1dQEwswHwYDVR0j
BBgwFoAURQLmPOAcrSOaw5e8K7Xmw0fc7uowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWRmMzNhNTctN2U0Zi00ODQ0LTg0ZTItYjcxNTNiNTUx
MWI0LzAvNDUwMkU2M0NFMDFDQUQyMzlBQzM5N0JDMkJCNUU2QzM0N0RDRUVFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JRTG1QT0FjclNPYXc1ZThLN1htdzBm
Yzd1by5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOWRmMzNhNTct
N2U0Zi00ODQ0LTg0ZTItYjcxNTNiNTUxMWI0LzAvMzEzMDM5MmUzMTMwMzcyZTMz
MzIyZTMwMmYzMTM5MmQzMTM5MjAzZDNlMjAzNTMxMzAzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF
bWsgMA0GCSqGSIb3DQEBCwUAA4IBAQBFKMzbu2+bl5eiQde//VV8FvXPqFpuwsqO
UnnOwV5EO2HNyDmHSw4aB7HIXcJR7tMucdM+5T9bCd8TpnmxesHpbRH1AoNILRkv
MiQgilWMwWMZia9cIqiPl39oSZBxtXsoAIXf19vk0tQz6f+tPaOlCmCCE5rlsjQt
LnQS+Opid/UkdjXRqTPDoi1i4KrUR0nCh9G8KDRgZUqoYkUhq0mjS3XUzERbLHFR
ApfN70bmJsNmyb7SjkDGNSh7CU+KzwjhUK2PMUNrR+vBjRECfn1M5xq2eB4RH8Ph
CsYkQrf6t4hbaHVcAbJNQi7jZ+S+c0tl1myxU2i01mC93HBb48jD
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org