Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137302e302f32342d3234203d3e20323135323837.roa
File: 3130392e3131302e3137302e302f32342d3234203d3e20323135323837.roa (raw, json)
Hash identifier: w5mXxM6/5fX1+ROoDrRN8N4vXyK5iv4PbEUDa8ikap0=
Subject key identifier: E9:D3:79:46:43:68:8A:19:66:28:A6:FA:25:B2:4B:3D:80:45:80:F0
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 2F0E339124FB54FCF1D45FE431DF3EA17DA26E31
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137302e302f32342d3234203d3e20323135323837.roa
Signing time: Mon 11 Nov 2024 13:33:04 +0000
ROA not before: Mon 11 Nov 2024 13:28:04 +0000
ROA not after: Mon 10 Nov 2025 13:33:04 +0000
asID: 215287
IP address blocks: 109.110.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:0e:33:91:24:fb:54:fc:f1:d4:5f:e4:31:df:3e:a1:7d:a2:6e:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Nov 11 13:28:04 2024 GMT
Not After : Nov 10 13:33:04 2025 GMT
Subject: CN=E9D3794643688A196628A6FA25B24B3D804580F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cb:46:fd:48:8b:fb:48:1d:1f:6c:ff:c1:95:
38:e1:2c:4c:11:13:54:83:43:12:d1:8d:eb:58:44:
28:d7:1f:29:1c:73:3f:9d:ce:e8:99:68:e8:59:0b:
ce:54:6d:35:32:9c:24:39:46:98:4d:63:33:b6:7b:
fe:71:aa:c5:bb:2d:3a:4e:a5:f8:7e:15:70:66:f3:
5d:39:19:b4:54:07:14:d4:68:c1:2a:0f:ab:7c:67:
a7:22:94:6f:50:1f:60:c9:fb:b0:cd:e4:83:29:36:
c0:d0:24:f2:3b:3d:18:db:8e:74:78:f9:b4:3e:1f:
21:35:01:ca:7c:1a:ed:10:5f:9a:1a:31:a3:55:8f:
f5:d9:46:c2:6b:6a:0c:74:fa:fe:53:73:a3:97:52:
70:17:5f:73:fc:89:2f:a9:f1:f6:05:0d:3c:5d:1d:
9f:d1:4b:28:79:3d:f3:2e:10:3d:d7:72:ec:55:e2:
4f:d5:e9:ed:fc:6e:2a:f6:92:52:94:3f:4b:0d:6b:
56:8b:67:57:5e:81:02:4d:0a:58:de:57:e7:02:28:
04:28:4c:6d:a6:ca:f2:7a:f9:e7:e1:7a:99:05:27:
a1:16:e3:93:66:f8:4d:f5:80:13:06:18:b6:34:99:
b7:65:70:11:d3:33:68:7b:8c:d6:12:17:7d:ad:d8:
b5:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:D3:79:46:43:68:8A:19:66:28:A6:FA:25:B2:4B:3D:80:45:80:F0
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137302e302f32342d3234203d3e20323135323837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.170.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:1c:c7:92:99:ab:48:13:f5:30:50:45:82:92:63:5e:7c:18:
5e:91:e6:bf:d5:b0:4a:64:a7:6e:e0:32:43:88:0e:34:de:8c:
9c:df:f3:e4:2f:30:f2:18:2b:fd:ba:4d:5e:96:f1:b6:13:8d:
11:51:67:54:37:c5:ae:d3:86:f5:2b:76:4b:10:a3:4e:c2:04:
79:34:30:c2:1d:47:8b:4e:83:04:16:45:10:b5:ec:55:f6:1e:
c0:f8:6c:e2:27:91:19:33:20:c9:ce:49:50:9b:a3:e2:ef:c3:
83:75:9f:f4:23:34:23:66:98:08:17:0b:f2:f8:3e:a1:72:fc:
df:cb:f8:9e:09:0c:b7:63:79:1a:43:cd:b4:ec:13:e6:fc:46:
4d:00:6c:a8:a5:ae:6a:a1:79:31:4f:dc:98:d1:dc:8d:25:cd:
f7:27:cd:47:f8:71:cf:3f:94:b1:a8:69:8e:04:8c:74:37:c9:
c9:6d:cf:9a:6a:88:b0:fc:d6:d3:f4:1a:78:c4:eb:9d:ce:01:
5e:b8:9c:db:39:38:55:c6:3d:51:45:25:16:fe:13:74:9e:a5:
ed:fb:6f:16:f0:84:8d:f2:16:5d:58:3d:b5:63:bf:e5:e6:48:
7f:a7:5d:b1:7f:92:1c:c6:a2:c5:9c:84:17:f1:04:2d:61:3f:
77:58:ff:a9
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIULw4zkST7VPzx1F/kMd8+oX2ibjEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDExMTExMzI4MDRaFw0yNTExMTAxMzMzMDRaMDMxMTAvBgNV
BAMTKEU5RDM3OTQ2NDM2ODhBMTk2NjI4QTZGQTI1QjI0QjNEODA0NTgwRjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGy0b9SIv7SB0fbP/BlTjhLEwR
E1SDQxLRjetYRCjXHykccz+dzuiZaOhZC85UbTUynCQ5RphNYzO2e/5xqsW7LTpO
pfh+FXBm8105GbRUBxTUaMEqD6t8Z6cilG9QH2DJ+7DN5IMpNsDQJPI7PRjbjnR4
+bQ+HyE1Acp8Gu0QX5oaMaNVj/XZRsJragx0+v5Tc6OXUnAXX3P8iS+p8fYFDTxd
HZ/RSyh5PfMuED3XcuxV4k/V6e38bir2klKUP0sNa1aLZ1degQJNCljeV+cCKAQo
TG2myvJ6+efhepkFJ6EW45Nm+E31gBMGGLY0mbdlcBHTM2h7jNYSF32t2LXNAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU6dN5RkNoihlmKKb6JbJLPYBFgPAwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzczMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTMyMzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1uqjANBgkqhkiG9w0BAQsFAAOCAQEApxzHkpmrSBP1MFBFgpJjXnwYXpHm
v9WwSmSnbuAyQ4gONN6MnN/z5C8w8hgr/bpNXpbxthONEVFnVDfFrtOG9St2SxCj
TsIEeTQwwh1Hi06DBBZFELXsVfYewPhs4ieRGTMgyc5JUJuj4u/Dg3Wf9CM0I2aY
CBcL8vg+oXL838v4ngkMt2N5GkPNtOwT5vxGTQBsqKWuaqF5MU/cmNHcjSXN9yfN
R/hxzz+UsahpjgSMdDfJyW3PmmqIsPzW0/QaeMTrnc4BXric2zk4VcY9UUUlFv4T
dJ6l7ftvFvCEjfIWXVg9tWO/5eZIf6ddsX+SHMaixZyEF/EELWE/d1j/qQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 07:52:36 2024 by rpki-client on console-fra.rpki-client.org