Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137352e302f32342d3234203d3e203538323132.roa
File: 3130392e3131302e3137352e302f32342d3234203d3e203538323132.roa (raw, json)
Hash identifier: hT44w0uLebcBzTVOewTPezxLxUuD4jrB3z64uy7gb40=
Subject key identifier: 0C:E4:2F:2F:CF:5F:4C:98:AD:81:A3:E3:C8:6F:49:E5:72:67:C8:D2
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 258889094405F79F1FB4228B53E53CB1188B8368
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137352e302f32342d3234203d3e203538323132.roa
Signing time: Wed 25 Sep 2024 22:11:28 +0000
ROA not before: Wed 25 Sep 2024 22:06:28 +0000
ROA not after: Wed 24 Sep 2025 22:11:28 +0000
asID: 58212
IP address blocks: 109.110.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:88:89:09:44:05:f7:9f:1f:b4:22:8b:53:e5:3c:b1:18:8b:83:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Sep 25 22:06:28 2024 GMT
Not After : Sep 24 22:11:28 2025 GMT
Subject: CN=0CE42F2FCF5F4C98AD81A3E3C86F49E57267C8D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b4:c6:7b:da:e8:fe:8c:c4:3f:22:17:af:93:
ce:56:28:e0:cc:ca:02:56:87:3e:72:85:bd:bc:06:
f4:30:c8:f7:2f:1a:6b:94:40:ff:72:b0:8d:56:1e:
13:89:cf:8e:1f:4c:56:bc:91:49:d1:91:dd:57:d7:
c7:9c:39:37:06:86:fd:81:8f:36:e6:3d:1a:78:a5:
58:b3:bf:85:c4:7f:0c:f7:29:c8:c2:76:eb:b2:78:
10:3a:12:e9:7b:1d:c6:63:e1:f5:10:1e:58:ae:6a:
40:da:6d:15:17:ee:5c:c8:bb:d1:d5:71:d6:7c:a2:
36:70:e4:5b:28:cc:51:ae:a7:4c:94:ce:41:1a:7a:
cf:00:96:1f:2a:2e:94:e2:73:3d:b6:ca:08:c5:4f:
76:f4:93:c4:7c:66:a6:d6:d2:6b:d3:58:d2:34:f7:
29:7f:8a:cc:e4:95:26:f5:27:f2:47:55:6d:f5:15:
2f:66:0a:41:9e:5d:e2:82:9c:bf:2e:5b:9f:63:a8:
9f:a7:60:f0:af:8d:7b:69:cb:10:0a:89:1e:a2:67:
83:fb:ab:b5:07:28:28:2f:5c:98:a9:af:9a:79:20:
c6:be:7a:73:7a:00:fc:6c:f7:3b:e8:5e:01:d8:b6:
2d:78:f4:e9:c8:8c:54:d8:b0:bd:44:68:a9:cb:81:
45:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:E4:2F:2F:CF:5F:4C:98:AD:81:A3:E3:C8:6F:49:E5:72:67:C8:D2
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137352e302f32342d3234203d3e203538323132.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.175.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:90:a2:cc:83:ed:34:af:f6:cb:10:df:47:d1:0d:eb:50:fb:
c5:c8:5b:cb:ca:0d:22:a7:96:4f:16:1d:c7:e9:6c:e0:56:5e:
5d:aa:17:9a:41:24:4c:78:f4:7b:c4:ed:f2:a2:c4:0a:ca:e1:
3b:55:70:78:2d:8d:b5:0d:fe:c2:84:5e:69:81:80:ec:2e:24:
08:e5:d6:f3:89:84:af:e4:d4:17:2d:20:f5:0d:76:78:9c:5e:
73:dc:38:33:8e:89:22:48:32:6f:02:19:70:84:55:06:34:0f:
bc:9c:32:d9:da:d0:51:b8:d7:cd:5a:7c:53:4d:b7:8f:4e:a6:
29:e2:6d:b9:9f:69:dc:13:11:52:3f:c2:1e:e3:57:60:72:de:
c3:28:f0:cb:82:f4:df:74:4a:ee:a9:8d:6f:e4:49:96:97:47:
b0:51:50:d2:64:9b:ec:0e:8b:91:67:e4:96:3a:d5:ff:fa:25:
98:1b:ea:8e:1b:ac:5b:81:5b:f8:68:71:29:61:9f:d6:bf:f5:
a1:de:ae:64:6f:19:2e:95:eb:4b:7c:fb:f0:a1:83:df:27:bd:
46:1f:6a:1d:06:e1:8f:ab:83:c4:06:39:5d:a3:e5:d7:a7:3e:
60:de:a9:f2:8d:42:fe:21:7e:72:df:72:85:fe:f8:df:34:5b:
26:a2:f6:04
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJYiJCUQF958ftCKLU+U8sRiLg2gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDA5MjUyMjA2MjhaFw0yNTA5MjQyMjExMjhaMDMxMTAvBgNV
BAMTKDBDRTQyRjJGQ0Y1RjRDOThBRDgxQTNFM0M4NkY0OUU1NzI2N0M4RDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCctMZ72uj+jMQ/Ihevk85WKODM
ygJWhz5yhb28BvQwyPcvGmuUQP9ysI1WHhOJz44fTFa8kUnRkd1X18ecOTcGhv2B
jzbmPRp4pVizv4XEfwz3KcjCduuyeBA6Eul7HcZj4fUQHliuakDabRUX7lzIu9HV
cdZ8ojZw5FsozFGup0yUzkEaes8Alh8qLpTicz22ygjFT3b0k8R8ZqbW0mvTWNI0
9yl/iszklSb1J/JHVW31FS9mCkGeXeKCnL8uW59jqJ+nYPCvjXtpyxAKiR6iZ4P7
q7UHKCgvXJipr5p5IMa+enN6APxs9zvoXgHYti149OnIjFTYsL1EaKnLgUWtAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUDOQvL89fTJitgaPjyG9J5XJnyNIwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzczNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzgzMjMxMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtbq8wDQYJKoZIhvcNAQELBQADggEBAJuQosyD7TSv9ssQ30fRDetQ+8XIW8vK
DSKnlk8WHcfpbOBWXl2qF5pBJEx49HvE7fKixArK4TtVcHgtjbUN/sKEXmmBgOwu
JAjl1vOJhK/k1BctIPUNdnicXnPcODOOiSJIMm8CGXCEVQY0D7ycMtna0FG4181a
fFNNt49OpinibbmfadwTEVI/wh7jV2By3sMo8MuC9N90Su6pjW/kSZaXR7BRUNJk
m+wOi5Fn5JY61f/6JZgb6o4brFuBW/hocSlhn9a/9aHermRvGS6V60t8+/Chg98n
vUYfah0G4Y+rg8QGOV2j5denPmDeqfKNQv4hfnLfcoX++N80Wyai9gQ=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org