Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137342e302f32342d3234203d3e20323132333335.roa
File: 3130392e3131302e3137342e302f32342d3234203d3e20323132333335.roa (raw, json)
Hash identifier: SckBW1NA/OVs99CAm/TqZEZAnwy4geAJ1TwcGWgYrVg=
Subject key identifier: 45:32:C2:B3:5A:C6:08:9D:21:C2:D6:FA:E5:05:6D:EA:56:0B:99:0D
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 1A56BC62F9753B0AEA2F9A26681F474685DD8504
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137342e302f32342d3234203d3e20323132333335.roa
Signing time: Fri 09 Feb 2024 14:53:14 +0000
ROA not before: Fri 09 Feb 2024 14:48:14 +0000
ROA not after: Fri 07 Feb 2025 14:53:14 +0000
asID: 212335
IP address blocks: 109.110.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:56:bc:62:f9:75:3b:0a:ea:2f:9a:26:68:1f:47:46:85:dd:85:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Feb 9 14:48:14 2024 GMT
Not After : Feb 7 14:53:14 2025 GMT
Subject: CN=4532C2B35AC6089D21C2D6FAE5056DEA560B990D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:78:3b:3e:4b:f9:0e:23:23:2d:5a:08:57:86:
3a:da:11:58:3c:69:b6:48:1b:08:c9:8b:80:84:26:
47:63:8d:04:db:63:b1:b6:7d:b1:a2:27:9a:ba:7f:
b4:03:f7:cb:40:7b:b3:c4:ce:f8:75:27:a2:06:c0:
34:7a:bd:7f:c3:c8:9c:2a:05:2b:30:7f:2b:5a:91:
67:a0:eb:91:c0:72:c7:f3:6c:b0:6e:db:2d:fb:72:
b5:bb:41:52:8d:22:65:3d:ad:41:df:e5:ca:19:bc:
ef:d1:33:76:7e:77:bd:2d:ef:23:47:fe:e9:53:a0:
e9:3b:21:d5:39:a8:2b:66:34:43:af:26:e3:8a:f1:
45:41:eb:e3:87:71:ec:62:6b:db:45:99:3d:d0:a1:
7b:8e:15:35:c0:4f:ff:3f:05:cd:4a:16:c6:55:8f:
a2:33:7e:f2:d9:cf:fb:e7:6d:86:5f:41:b0:1e:ec:
55:4a:0d:f7:60:cd:22:35:ee:9b:17:92:3d:d3:92:
14:1b:73:f9:0c:c0:7e:67:ad:12:d9:d9:83:a3:4a:
00:72:ee:d2:e4:d9:89:44:de:a5:6e:2b:62:84:ac:
53:5e:0d:9d:2a:53:23:aa:f9:8e:4e:b2:ff:3a:b6:
63:95:9f:9a:3b:1f:c6:78:40:2b:78:5e:a9:bd:25:
de:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:32:C2:B3:5A:C6:08:9D:21:C2:D6:FA:E5:05:6D:EA:56:0B:99:0D
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137342e302f32342d3234203d3e20323132333335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.174.0/24
Signature Algorithm: sha256WithRSAEncryption
91:82:c8:70:cb:3d:2d:8e:17:b9:20:60:90:e6:35:9f:59:ef:
63:57:61:97:04:bc:ca:8e:90:7c:5c:24:9e:57:c2:3d:d9:10:
aa:74:96:e6:c9:67:d1:71:10:95:59:92:2a:36:97:66:0b:db:
4a:fa:8a:e4:80:67:a3:c7:9d:1e:45:bc:f2:55:06:a9:21:42:
b1:6c:16:c6:d4:cb:db:1b:72:25:b9:6b:bc:41:23:74:67:64:
4c:0b:10:e4:13:72:5e:a0:82:c4:48:ee:d5:ec:59:6e:ab:0d:
02:d0:40:e3:c5:58:0f:99:71:16:8c:96:47:e4:73:c2:1e:8c:
09:62:da:42:5c:56:2e:56:5b:00:f3:39:f6:c3:1b:ac:b4:b3:
11:37:a5:20:77:58:1a:3f:d9:48:f8:b1:2d:35:2f:4d:22:b8:
1b:2a:90:0d:aa:8f:9f:8d:60:d2:34:ba:75:d0:c3:ae:bb:ae:
38:d2:6e:49:ca:51:68:ab:3d:2a:02:bb:03:82:76:aa:5d:c0:
d5:57:f2:8a:86:b9:43:51:93:54:61:89:e5:9b:3b:e1:9f:bb:
c1:a6:8e:24:f1:60:d3:21:93:96:ec:2d:c3:d6:27:9e:a4:38:
9e:4b:2e:a7:36:e7:14:42:70:16:b9:0f:d1:fb:70:77:0a:ab:
83:a8:b8:ce
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUGla8Yvl1OwrqL5omaB9HRoXdhQQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDAyMDkxNDQ4MTRaFw0yNTAyMDcxNDUzMTRaMDMxMTAvBgNV
BAMTKDQ1MzJDMkIzNUFDNjA4OUQyMUMyRDZGQUU1MDU2REVBNTYwQjk5MEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCneDs+S/kOIyMtWghXhjraEVg8
abZIGwjJi4CEJkdjjQTbY7G2fbGiJ5q6f7QD98tAe7PEzvh1J6IGwDR6vX/DyJwq
BSswfytakWeg65HAcsfzbLBu2y37crW7QVKNImU9rUHf5coZvO/RM3Z+d70t7yNH
/ulToOk7IdU5qCtmNEOvJuOK8UVB6+OHcexia9tFmT3QoXuOFTXAT/8/Bc1KFsZV
j6IzfvLZz/vnbYZfQbAe7FVKDfdgzSI17psXkj3TkhQbc/kMwH5nrRLZ2YOjSgBy
7tLk2YlE3qVuK2KErFNeDZ0qUyOq+Y5Osv86tmOVn5o7H8Z4QCt4Xqm9Jd5zAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQURTLCs1rGCJ0hwtb65QVt6lYLmQ0wHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzczNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMzMzMzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1urjANBgkqhkiG9w0BAQsFAAOCAQEAkYLIcMs9LY4XuSBgkOY1n1nvY1dh
lwS8yo6QfFwknlfCPdkQqnSW5sln0XEQlVmSKjaXZgvbSvqK5IBno8edHkW88lUG
qSFCsWwWxtTL2xtyJblrvEEjdGdkTAsQ5BNyXqCCxEju1exZbqsNAtBA48VYD5lx
FoyWR+Rzwh6MCWLaQlxWLlZbAPM59sMbrLSzETelIHdYGj/ZSPixLTUvTSK4GyqQ
DaqPn41g0jS6ddDDrruuONJuScpRaKs9KgK7A4J2ql3A1Vfyioa5Q1GTVGGJ5Zs7
4Z+7waaOJPFg0yGTluwtw9YnnqQ4nksupzbnFEJwFrkP0ftwdwqrg6i4zg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org