Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136342e302f32342d3234203d3e20313339363630.roa
File: 3130392e3131302e3136342e302f32342d3234203d3e20313339363630.roa (raw, json)
Hash identifier: s/dOdnaa8UkUMkHv+g86mMZvrIkJdP6YwMz9daui5io=
Subject key identifier: 1C:78:6D:5C:68:E2:BA:10:D7:2D:11:C7:00:7F:6A:46:1B:9C:7B:C9
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 4903B312E87E92992D1C164D348312CB9792B718
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136342e302f32342d3234203d3e20313339363630.roa
Signing time: Sun 10 Mar 2024 10:45:41 +0000
ROA not before: Sun 10 Mar 2024 10:40:41 +0000
ROA not after: Sun 09 Mar 2025 10:45:41 +0000
asID: 139660
IP address blocks: 109.110.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:03:b3:12:e8:7e:92:99:2d:1c:16:4d:34:83:12:cb:97:92:b7:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Mar 10 10:40:41 2024 GMT
Not After : Mar 9 10:45:41 2025 GMT
Subject: CN=1C786D5C68E2BA10D72D11C7007F6A461B9C7BC9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c7:20:47:1e:d3:f8:8f:a9:ec:d5:7a:05:6b:
0f:6b:e9:52:8f:3e:ed:65:eb:18:58:7a:70:d1:d6:
a1:57:b4:b3:89:bd:33:70:5d:3f:f0:ef:4b:35:64:
5f:97:a4:ae:93:34:0b:9b:73:01:d5:be:6f:2d:3b:
a8:15:ab:52:df:0e:05:19:63:92:2f:26:6f:d3:ab:
64:e0:74:d2:e4:93:04:f3:5b:0c:c8:92:5e:f1:2f:
76:e1:a1:0c:df:6b:b4:71:a5:d0:e2:11:f6:a1:72:
03:9e:dc:8a:48:26:42:08:d7:41:06:7c:5b:08:9a:
8e:96:b5:e9:af:da:fe:69:d8:84:34:49:9c:f1:2b:
b4:da:52:75:ed:d6:3a:3a:35:36:c9:13:10:f1:c3:
72:a1:50:18:91:fa:0d:37:ab:20:8e:ad:c5:60:71:
4e:82:03:17:0b:fa:5d:81:e2:81:f6:e1:84:9c:c3:
3f:da:7d:60:02:91:99:33:ab:e4:e8:33:7a:62:a4:
71:f5:d9:36:90:cb:e0:17:a9:e7:bf:84:10:e3:ae:
ed:e1:ac:2d:b9:b2:bd:b1:fb:b2:17:24:b0:fb:4c:
21:66:43:32:f3:bc:f2:a2:d8:2a:d0:9c:33:23:a0:
50:5b:40:aa:c9:af:21:b4:76:db:67:6a:e0:77:b0:
27:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:78:6D:5C:68:E2:BA:10:D7:2D:11:C7:00:7F:6A:46:1B:9C:7B:C9
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136342e302f32342d3234203d3e20313339363630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.164.0/24
Signature Algorithm: sha256WithRSAEncryption
50:ec:5d:cd:2e:70:29:bf:8c:08:40:76:69:ec:9b:5e:56:dd:
28:b0:89:37:89:f0:c7:d1:b6:23:3f:c7:b2:6a:d6:46:a6:a6:
12:61:9e:fa:a6:c2:c6:ca:56:27:59:a9:a1:28:dc:11:f7:76:
e7:ec:1d:ed:df:1a:9b:37:79:79:e2:30:21:eb:1a:ad:ae:93:
de:9e:20:09:de:4d:89:cd:e0:0b:54:b7:5b:23:d7:f9:24:e4:
c7:09:d0:f3:04:b8:9e:bf:b7:07:bd:e9:a1:f6:2f:cd:45:02:
44:4e:7b:67:46:61:c5:f1:8d:93:cd:6d:6a:c0:da:f8:82:11:
40:25:c5:87:76:c5:5b:da:be:9e:38:75:16:73:8d:cf:86:44:
00:b2:94:0b:23:90:6f:e7:7c:c1:dd:de:dd:45:bf:95:50:fa:
17:29:4d:9b:6c:01:74:3c:6e:8e:e2:c3:2b:b4:ad:2d:99:1d:
aa:d2:e0:32:0b:75:88:54:d1:a6:bb:ce:7e:be:70:2f:24:ec:
78:0b:bc:40:fd:ae:c6:80:7a:fc:89:43:15:2d:f3:ca:53:9b:
bf:ca:2e:f9:34:fa:89:9e:fe:70:53:83:3f:23:0e:21:99:d3:
b9:f9:bb:b3:27:0a:a1:8c:80:b3:56:d9:45:5c:d6:fd:63:a9:
52:db:c9:33
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUSQOzEuh+kpktHBZNNIMSy5eStxgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDAzMTAxMDQwNDFaFw0yNTAzMDkxMDQ1NDFaMDMxMTAvBgNV
BAMTKDFDNzg2RDVDNjhFMkJBMTBENzJEMTFDNzAwN0Y2QTQ2MUI5QzdCQzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvxyBHHtP4j6ns1XoFaw9r6VKP
Pu1l6xhYenDR1qFXtLOJvTNwXT/w70s1ZF+XpK6TNAubcwHVvm8tO6gVq1LfDgUZ
Y5IvJm/Tq2TgdNLkkwTzWwzIkl7xL3bhoQzfa7RxpdDiEfahcgOe3IpIJkII10EG
fFsImo6Wtemv2v5p2IQ0SZzxK7TaUnXt1jo6NTbJExDxw3KhUBiR+g03qyCOrcVg
cU6CAxcL+l2B4oH24YScwz/afWACkZkzq+ToM3pipHH12TaQy+AXqee/hBDjru3h
rC25sr2x+7IXJLD7TCFmQzLzvPKi2CrQnDMjoFBbQKrJryG0dttnauB3sCfPAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUHHhtXGjiuhDXLRHHAH9qRhuce8kwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzYzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzOTM2MzYzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1upDANBgkqhkiG9w0BAQsFAAOCAQEAUOxdzS5wKb+MCEB2aeybXlbdKLCJ
N4nwx9G2Iz/HsmrWRqamEmGe+qbCxspWJ1mpoSjcEfd25+wd7d8amzd5eeIwIesa
ra6T3p4gCd5Nic3gC1S3WyPX+STkxwnQ8wS4nr+3B73pofYvzUUCRE57Z0ZhxfGN
k81tasDa+IIRQCXFh3bFW9q+njh1FnONz4ZEALKUCyOQb+d8wd3e3UW/lVD6FylN
m2wBdDxujuLDK7StLZkdqtLgMgt1iFTRprvOfr5wLyTseAu8QP2uxoB6/IlDFS3z
ylObv8ou+TT6iZ7+cFODPyMOIZnTufm7sycKoYyAs1bZRVzW/WOpUtvJMw==
-----END CERTIFICATE-----
Generated at Thu May 2 13:51:13 2024 by rpki-client on console-fra.rpki-client.org