Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138312e302f32342d3234203d3e203134363138.roa
File: 3130392e3131302e3138312e302f32342d3234203d3e203134363138.roa (raw, json)
Hash identifier: FT/ACPWfm22Mc7EmzrW3YYIjXiPP0r9grkSxlfqEUlI=
Subject key identifier: 85:5A:4D:9D:02:62:B8:59:C2:A7:9F:5E:57:CC:8C:DF:82:62:7D:66
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 2A67C26542C24A06CA2C779BCF3D7B47A67F5BE7
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138312e302f32342d3234203d3e203134363138.roa
Signing time: Wed 27 Mar 2024 10:11:04 +0000
ROA not before: Wed 27 Mar 2024 10:06:04 +0000
ROA not after: Wed 26 Mar 2025 10:11:04 +0000
asID: 14618
IP address blocks: 109.110.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:67:c2:65:42:c2:4a:06:ca:2c:77:9b:cf:3d:7b:47:a6:7f:5b:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Mar 27 10:06:04 2024 GMT
Not After : Mar 26 10:11:04 2025 GMT
Subject: CN=855A4D9D0262B859C2A79F5E57CC8CDF82627D66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fa:31:f2:e4:19:93:4b:f4:df:96:81:13:a8:
f4:7a:ab:b6:5e:90:a6:f0:a7:1a:7e:aa:d6:ad:9c:
11:ec:ab:77:e1:3e:37:28:8a:16:38:e4:84:fc:43:
d8:e7:8c:bc:6c:6b:42:59:f1:ff:e4:41:57:47:07:
cb:28:21:b9:12:e0:e9:b8:ac:af:8f:04:19:26:c8:
10:c9:68:a6:63:94:48:3b:01:c5:a0:e0:38:5d:c3:
17:80:4e:0c:6a:ed:46:b9:6b:72:ea:44:b5:cb:05:
e6:77:1a:a4:15:e2:c5:3e:62:de:74:cf:2a:ea:cf:
6e:a8:10:24:be:e3:d8:0e:08:ee:7a:2c:32:4d:5a:
1c:40:80:d8:5d:23:7a:cc:02:73:5d:ae:40:ee:a3:
cf:f6:9f:3c:d3:05:18:fc:57:a2:bf:87:71:26:74:
3b:2b:d9:27:f9:4b:7f:2d:7a:f9:a2:1e:c0:5f:e4:
dc:fb:aa:67:d0:cc:86:7c:85:e4:9a:f7:b1:55:da:
95:20:02:98:e9:fc:43:10:69:56:19:05:da:bd:34:
dc:50:91:30:2b:17:06:94:38:60:ab:69:2b:2b:2c:
af:38:c4:c5:63:d8:00:46:f0:c2:90:f6:d8:cc:55:
7d:83:05:29:8e:ba:1d:f8:f8:d2:c5:2d:89:f1:eb:
be:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:5A:4D:9D:02:62:B8:59:C2:A7:9F:5E:57:CC:8C:DF:82:62:7D:66
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138312e302f32342d3234203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.181.0/24
Signature Algorithm: sha256WithRSAEncryption
02:03:4d:a7:d8:8c:aa:38:20:40:f2:33:02:db:bc:4a:d5:de:
32:e1:2f:63:d9:20:bd:dc:92:3f:8c:43:c1:51:e5:a4:8d:e4:
b7:82:b8:21:d1:3c:60:b9:ef:9d:e7:85:a9:07:5f:22:29:72:
a1:e3:a0:6d:dc:b2:06:33:8f:44:af:db:b3:1b:ff:c1:1e:3a:
02:09:75:91:03:fa:bd:77:d8:9b:32:49:1e:61:bd:9b:94:25:
2f:59:79:f7:3b:de:ef:58:95:59:8c:a6:c5:18:81:76:ca:5c:
d7:48:ed:4b:6c:f9:e0:1e:73:c9:da:dc:e8:e2:16:0d:ee:88:
cd:d2:64:14:a7:49:11:c1:bd:6c:8e:70:7b:03:b4:c4:94:51:
90:0d:fe:11:98:e4:17:bb:76:cf:4e:ea:12:5c:5a:c7:7c:fd:
00:1f:00:c8:31:27:f0:ef:1f:6f:1f:d7:82:de:75:f7:8a:1b:
35:60:4f:ab:05:ac:ce:b3:83:18:dd:6e:29:45:fc:b7:79:f5:
d8:59:15:83:96:4b:62:8c:2b:c1:ce:0d:a0:db:47:69:06:7d:
38:be:98:be:f3:92:c1:b1:d6:fe:05:b3:43:6c:38:a2:8e:cc:
dc:22:ae:6d:5d:cb:3d:69:4a:71:76:14:1b:2c:42:86:12:2d:
58:18:ff:d9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKmfCZULCSgbKLHebzz17R6Z/W+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDAzMjcxMDA2MDRaFw0yNTAzMjYxMDExMDRaMDMxMTAvBgNV
BAMTKDg1NUE0RDlEMDI2MkI4NTlDMkE3OUY1RTU3Q0M4Q0RGODI2MjdENjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo+jHy5BmTS/TfloETqPR6q7Ze
kKbwpxp+qtatnBHsq3fhPjcoihY45IT8Q9jnjLxsa0JZ8f/kQVdHB8soIbkS4Om4
rK+PBBkmyBDJaKZjlEg7AcWg4DhdwxeATgxq7Ua5a3LqRLXLBeZ3GqQV4sU+Yt50
zyrqz26oECS+49gOCO56LDJNWhxAgNhdI3rMAnNdrkDuo8/2nzzTBRj8V6K/h3Em
dDsr2Sf5S38tevmiHsBf5Nz7qmfQzIZ8heSa97FV2pUgApjp/EMQaVYZBdq9NNxQ
kTArFwaUOGCraSsrLK84xMVj2ABG8MKQ9tjMVX2DBSmOuh34+NLFLYnx676rAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUhVpNnQJiuFnCp59eV8yM34JifWYwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzgzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNjMxMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtbrUwDQYJKoZIhvcNAQELBQADggEBAAIDTafYjKo4IEDyMwLbvErV3jLhL2PZ
IL3ckj+MQ8FR5aSN5LeCuCHRPGC5753nhakHXyIpcqHjoG3csgYzj0Sv27Mb/8Ee
OgIJdZED+r132JsySR5hvZuUJS9Zefc73u9YlVmMpsUYgXbKXNdI7Uts+eAec8na
3OjiFg3uiM3SZBSnSRHBvWyOcHsDtMSUUZAN/hGY5Be7ds9O6hJcWsd8/QAfAMgx
J/DvH28f14LedfeKGzVgT6sFrM6zgxjdbilF/Ld59dhZFYOWS2KMK8HODaDbR2kG
fTi+mL7zksGx1v4Fs0NsOKKOzNwirm1dyz1pSnF2FBssQoYSLVgY/9k=
-----END CERTIFICATE-----
Generated at Wed May 1 21:27:18 2024 by rpki-client on console-fra.rpki-client.org