Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136392e302f32342d3234203d3e20313339363630.roa
File: 3130392e3131302e3136392e302f32342d3234203d3e20313339363630.roa (raw, json)
Hash identifier: cXA6V3N0PEDT+4ZPO4f1eus2nYC5M5o+Y3W90xzU1ow=
Subject key identifier: F2:D0:9F:00:DC:68:8B:2A:4F:5D:45:79:D5:98:F0:90:FB:E3:EE:79
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 4B1DD9286AFF84AA98254D5797FA1F512DAE751F
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136392e302f32342d3234203d3e20313339363630.roa
Signing time: Sun 10 Mar 2024 10:45:42 +0000
ROA not before: Sun 10 Mar 2024 10:40:42 +0000
ROA not after: Sun 09 Mar 2025 10:45:42 +0000
asID: 139660
IP address blocks: 109.110.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:1d:d9:28:6a:ff:84:aa:98:25:4d:57:97:fa:1f:51:2d:ae:75:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Mar 10 10:40:42 2024 GMT
Not After : Mar 9 10:45:42 2025 GMT
Subject: CN=F2D09F00DC688B2A4F5D4579D598F090FBE3EE79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d6:b3:93:27:11:15:04:01:67:5d:3e:70:0c:
27:9b:7b:50:fc:39:63:77:b2:22:9a:80:a4:25:0a:
46:2f:b0:b3:94:74:5b:97:a9:ed:22:d9:00:58:a5:
65:8b:db:7d:65:db:5c:8e:7e:b0:9b:0d:b0:3b:f9:
ba:92:8c:4e:ae:d4:33:1f:12:e1:f7:6e:a6:ca:21:
63:e0:8e:b6:e3:1d:77:45:39:f8:ea:90:86:1e:8a:
0e:dc:17:f2:2b:34:22:47:b8:68:90:ed:21:08:8d:
60:f9:e3:fc:cf:9f:9c:b4:8e:c0:f2:00:ca:20:70:
a5:d6:15:3a:9d:d6:72:35:1a:b2:f3:e6:7f:50:e9:
bc:cf:1b:69:2b:59:44:7e:23:f9:be:e7:70:1c:99:
c2:e3:60:f2:3c:e8:7d:b9:21:97:39:d9:39:b5:d3:
a3:fc:e0:f8:01:b2:3d:14:87:80:68:de:e3:22:09:
b8:3b:f6:b7:ec:ad:c7:3c:40:62:bd:c5:0a:b1:03:
72:d9:86:61:33:13:b4:1a:fd:a1:4f:46:40:af:2f:
9a:88:a9:85:1a:e2:2a:c0:8c:6c:b2:ac:06:ea:d1:
8f:c5:4a:21:e1:ff:c3:9a:61:88:ef:31:05:7a:52:
32:9b:d8:df:34:f9:fd:19:14:07:ea:f9:e0:bf:b1:
44:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:D0:9F:00:DC:68:8B:2A:4F:5D:45:79:D5:98:F0:90:FB:E3:EE:79
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136392e302f32342d3234203d3e20313339363630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.169.0/24
Signature Algorithm: sha256WithRSAEncryption
60:f0:a5:c6:4e:59:ed:de:85:d0:20:e7:9c:28:3f:2e:8a:82:
09:c8:22:28:06:c5:74:c8:9e:76:f1:b4:3f:ae:a6:80:a7:0d:
5f:ce:9b:8d:83:6d:80:33:bc:31:97:1c:f8:3c:2b:db:26:93:
e1:40:d3:a6:40:ef:de:4e:b3:12:ec:22:72:cf:61:f9:ac:0f:
9d:31:c5:0f:9c:3e:4c:62:a4:8c:d2:92:09:9d:71:e3:48:18:
f8:f1:4d:50:90:d1:1f:f2:95:3f:d9:18:9c:ab:cf:0e:52:90:
68:54:3a:f4:4c:23:31:57:58:00:84:c4:c1:1d:da:46:4d:a6:
0a:41:85:5c:68:c8:aa:5a:ef:38:3c:02:46:41:04:4b:3d:7c:
bd:c6:ea:28:f1:8d:64:27:fd:f9:b6:29:89:fb:09:85:78:1b:
2f:6b:ba:01:c9:3a:c2:04:e7:e2:fb:15:98:ca:b8:66:d7:25:
11:8f:1d:6a:5b:90:6c:5d:1b:56:35:e6:4f:cf:41:75:7d:95:
96:ab:ae:f6:63:16:aa:e3:d3:d8:c5:1a:9d:9c:ee:1c:f6:75:
d4:f7:92:fa:5e:0d:e0:49:73:62:be:44:6b:b8:f9:b5:7b:13:
43:85:ef:29:70:e1:62:15:1e:c7:43:7d:92:52:0f:6a:b7:57:
61:b8:a9:81
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUSx3ZKGr/hKqYJU1Xl/ofUS2udR8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDAzMTAxMDQwNDJaFw0yNTAzMDkxMDQ1NDJaMDMxMTAvBgNV
BAMTKEYyRDA5RjAwREM2ODhCMkE0RjVENDU3OUQ1OThGMDkwRkJFM0VFNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ1rOTJxEVBAFnXT5wDCebe1D8
OWN3siKagKQlCkYvsLOUdFuXqe0i2QBYpWWL231l21yOfrCbDbA7+bqSjE6u1DMf
EuH3bqbKIWPgjrbjHXdFOfjqkIYeig7cF/IrNCJHuGiQ7SEIjWD54/zPn5y0jsDy
AMogcKXWFTqd1nI1GrLz5n9Q6bzPG2krWUR+I/m+53AcmcLjYPI86H25IZc52Tm1
06P84PgBsj0Uh4Bo3uMiCbg79rfsrcc8QGK9xQqxA3LZhmEzE7Qa/aFPRkCvL5qI
qYUa4irAjGyyrAbq0Y/FSiHh/8OaYYjvMQV6UjKb2N80+f0ZFAfq+eC/sUSxAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU8tCfANxoiypPXUV51ZjwkPvj7nkwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzYzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzOTM2MzYzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1uqTANBgkqhkiG9w0BAQsFAAOCAQEAYPClxk5Z7d6F0CDnnCg/LoqCCcgi
KAbFdMiedvG0P66mgKcNX86bjYNtgDO8MZcc+Dwr2yaT4UDTpkDv3k6zEuwics9h
+awPnTHFD5w+TGKkjNKSCZ1x40gY+PFNUJDRH/KVP9kYnKvPDlKQaFQ69EwjMVdY
AITEwR3aRk2mCkGFXGjIqlrvODwCRkEESz18vcbqKPGNZCf9+bYpifsJhXgbL2u6
Ack6wgTn4vsVmMq4ZtclEY8daluQbF0bVjXmT89BdX2Vlquu9mMWquPT2MUanZzu
HPZ11PeS+l4N4ElzYr5Ea7j5tXsTQ4XvKXDhYhUex0N9klIPardXYbipgQ==
-----END CERTIFICATE-----
Generated at Thu May 2 13:51:13 2024 by rpki-client on console-fra.rpki-client.org