Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137322e302f32342d3234203d3e20323135343430.roa
File: 3130392e3131302e3137322e302f32342d3234203d3e20323135343430.roa (raw, json)
Hash identifier: exD9+gRsSleZawGRPKOYNlCWxwTEbg8uWX+Tq3p+Zn8=
Subject key identifier: 6A:58:2C:D9:E8:1A:B7:AF:60:C8:9F:A2:85:12:CE:F7:3B:C7:22:49
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 56FCF3B7B0D7B87F33E5D2115D11165F12264FC0
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137322e302f32342d3234203d3e20323135343430.roa
Signing time: Wed 04 Sep 2024 16:11:18 +0000
ROA not before: Wed 04 Sep 2024 16:06:18 +0000
ROA not after: Wed 03 Sep 2025 16:11:18 +0000
asID: 215440
IP address blocks: 109.110.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:fc:f3:b7:b0:d7:b8:7f:33:e5:d2:11:5d:11:16:5f:12:26:4f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Sep 4 16:06:18 2024 GMT
Not After : Sep 3 16:11:18 2025 GMT
Subject: CN=6A582CD9E81AB7AF60C89FA28512CEF73BC72249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:99:a3:b4:36:7a:4d:7d:76:30:60:50:60:10:
f4:c7:2f:c3:66:ec:5a:1b:21:71:34:c3:01:a0:28:
ad:45:1f:fc:ba:12:43:6f:62:90:e5:48:6f:87:33:
8a:d1:cc:a8:7b:97:e0:5b:07:da:fe:ef:1f:18:34:
31:08:3e:c1:8b:f9:d4:6e:1f:8c:4a:92:9e:15:81:
ed:a8:27:0b:a8:4c:de:ba:5f:7d:3c:9b:34:62:38:
55:2e:c9:16:e9:f7:b2:48:61:66:33:c2:7a:b8:2b:
a9:3e:f8:aa:a6:92:bd:5d:81:cf:ca:ec:1f:32:5d:
e1:95:ef:1b:5f:18:10:eb:74:46:ba:b5:0f:ba:d9:
c3:9e:a6:20:ba:55:33:02:49:77:9e:3a:aa:db:55:
14:dc:44:8e:96:7a:05:ec:2b:f3:57:52:e6:7b:24:
dc:08:3b:d1:b5:a9:f4:1f:94:f1:32:68:bb:21:73:
81:30:19:dd:9b:65:63:fe:99:a2:30:2f:9f:c6:4c:
ba:9b:f7:9b:11:f5:30:ae:40:22:f9:0d:d6:e0:93:
d4:1d:d8:94:f5:32:30:a9:e1:98:4a:ec:6d:4d:d3:
02:b1:80:9e:5c:6d:03:7c:d0:07:f3:3a:a0:37:3b:
03:c9:9f:87:64:3c:0c:b8:da:ea:2e:87:a8:04:67:
df:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:58:2C:D9:E8:1A:B7:AF:60:C8:9F:A2:85:12:CE:F7:3B:C7:22:49
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137322e302f32342d3234203d3e20323135343430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.172.0/24
Signature Algorithm: sha256WithRSAEncryption
57:92:91:bb:71:eb:b0:f2:47:ee:ba:89:3e:10:78:90:40:3b:
4c:0a:39:6e:59:1b:4b:d7:c4:7b:63:ec:a7:40:a6:f3:3b:fc:
8b:26:5b:db:16:98:f4:01:3f:04:6f:8f:3c:e2:2e:44:bd:96:
02:6a:46:45:a5:6c:03:38:9a:aa:6c:07:71:1b:77:59:1d:ee:
96:15:30:99:6d:c8:10:fa:0e:56:8c:4c:a3:e0:ba:a5:be:31:
c5:52:60:45:d8:23:2c:a4:1b:79:f9:9d:20:60:d8:ac:98:f9:
81:94:e2:b1:b4:a1:11:da:6c:9d:33:60:01:92:dc:d4:1d:75:
2c:7b:82:9d:de:76:93:b1:ac:6d:1b:14:5a:a8:f2:3f:ec:9a:
88:02:e8:02:71:84:0e:2d:d7:77:55:0d:f1:a3:62:ef:a9:b5:
1d:36:7e:69:7e:47:2e:61:e9:d6:56:49:c4:3b:7f:92:3d:57:
fc:d5:a1:6a:35:f9:c3:a1:3c:ad:db:50:0b:6c:d4:dc:ca:31:
31:29:03:5c:7a:e0:5c:13:25:00:6e:ff:c9:10:12:ab:11:32:
67:83:5a:9f:4c:d1:52:92:55:92:f5:ee:e0:69:05:77:ac:e2:
9c:a9:69:65:3e:c8:84:4f:73:90:c1:1d:26:02:91:69:32:e0:
6e:d6:a7:c2
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUVvzzt7DXuH8z5dIRXREWXxImT8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDA5MDQxNjA2MThaFw0yNTA5MDMxNjExMThaMDMxMTAvBgNV
BAMTKDZBNTgyQ0Q5RTgxQUI3QUY2MEM4OUZBMjg1MTJDRUY3M0JDNzIyNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDImaO0NnpNfXYwYFBgEPTHL8Nm
7FobIXE0wwGgKK1FH/y6EkNvYpDlSG+HM4rRzKh7l+BbB9r+7x8YNDEIPsGL+dRu
H4xKkp4Vge2oJwuoTN66X308mzRiOFUuyRbp97JIYWYzwnq4K6k++Kqmkr1dgc/K
7B8yXeGV7xtfGBDrdEa6tQ+62cOepiC6VTMCSXeeOqrbVRTcRI6WegXsK/NXUuZ7
JNwIO9G1qfQflPEyaLshc4EwGd2bZWP+maIwL5/GTLqb95sR9TCuQCL5Ddbgk9Qd
2JT1MjCp4ZhK7G1N0wKxgJ5cbQN80AfzOqA3OwPJn4dkPAy42uouh6gEZ99BAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUalgs2egat69gyJ+ihRLO9zvHIkkwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzczMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTM0MzQzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1urDANBgkqhkiG9w0BAQsFAAOCAQEAV5KRu3HrsPJH7rqJPhB4kEA7TAo5
blkbS9fEe2Psp0Cm8zv8iyZb2xaY9AE/BG+PPOIuRL2WAmpGRaVsAziaqmwHcRt3
WR3ulhUwmW3IEPoOVoxMo+C6pb4xxVJgRdgjLKQbefmdIGDYrJj5gZTisbShEdps
nTNgAZLc1B11LHuCnd52k7GsbRsUWqjyP+yaiALoAnGEDi3Xd1UN8aNi76m1HTZ+
aX5HLmHp1lZJxDt/kj1X/NWhajX5w6E8rdtQC2zU3MoxMSkDXHrgXBMlAG7/yRAS
qxEyZ4Nan0zRUpJVkvXu4GkFd6zinKlpZT7IhE9zkMEdJgKRaTLgbtanwg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org