Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138352e302f32342d3234203d3e20323134323430.roa
File: 3130392e3131302e3138352e302f32342d3234203d3e20323134323430.roa (raw, json)
Hash identifier: b43ySaznwo1zNXeSutZsBMx4ta0jNrS2QWJJN5g/xLc=
Subject key identifier: 79:2F:40:74:EC:2C:CA:98:CF:A8:6B:4A:B4:76:58:26:84:2B:8C:13
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 0BC06BE1B8225B7FB30E01D61BC51995C39DA065
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138352e302f32342d3234203d3e20323134323430.roa
Signing time: Mon 18 Nov 2024 21:15:59 +0000
ROA not before: Mon 18 Nov 2024 21:10:59 +0000
ROA not after: Mon 17 Nov 2025 21:15:59 +0000
asID: 214240
IP address blocks: 109.110.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:c0:6b:e1:b8:22:5b:7f:b3:0e:01:d6:1b:c5:19:95:c3:9d:a0:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Nov 18 21:10:59 2024 GMT
Not After : Nov 17 21:15:59 2025 GMT
Subject: CN=792F4074EC2CCA98CFA86B4AB4765826842B8C13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f0:fe:10:b0:2d:e1:3d:ac:af:7b:96:f8:72:
76:2e:c4:06:c0:92:48:d7:89:34:09:1d:ef:01:01:
69:30:28:6b:3a:32:14:1d:86:37:67:5c:54:b7:0a:
e9:87:b7:6c:04:28:9a:8a:ba:25:05:91:a2:e6:54:
f5:7a:83:5c:c9:fc:35:ce:e1:8a:84:71:d2:3a:c7:
17:f0:50:5c:d4:20:10:38:42:86:7f:cb:17:95:11:
fc:48:a9:4c:47:0c:d4:3b:0d:e8:1a:d6:ef:b7:c8:
f9:7d:7b:90:6f:65:e0:42:77:7f:d0:70:bd:5a:9f:
45:c7:02:93:d1:4f:f8:6a:1f:b3:9b:49:54:aa:4f:
60:56:b4:f7:2f:43:f1:a3:ac:e8:6e:80:09:b2:33:
24:bb:d1:88:b0:9c:88:b5:be:2e:6c:e6:fd:d9:eb:
23:90:fc:e4:38:14:a9:29:77:f2:a2:c1:52:b1:4c:
7f:34:da:3a:ab:e2:da:c1:1e:1d:e5:11:66:bb:d1:
26:2d:bd:fb:72:98:7a:0e:1c:39:25:c9:5b:e9:3e:
54:23:7d:0e:a4:4f:53:26:a1:fd:11:f4:2f:c2:51:
81:7a:35:87:0d:0d:f0:fc:6b:31:18:5f:8e:f0:6e:
98:dc:ce:83:75:f4:99:4c:e0:67:01:b3:b5:75:a1:
7f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:2F:40:74:EC:2C:CA:98:CF:A8:6B:4A:B4:76:58:26:84:2B:8C:13
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138352e302f32342d3234203d3e20323134323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.185.0/24
Signature Algorithm: sha256WithRSAEncryption
14:c9:4b:72:91:9d:f7:82:7a:3a:54:c2:45:7c:48:38:75:9d:
88:dc:4c:09:fe:0a:12:56:24:6b:15:24:81:1b:84:fa:17:48:
e0:8a:60:af:a7:ab:05:a2:3c:c9:21:dd:4c:fb:b3:21:52:ef:
4c:e5:f4:cf:b6:a6:24:c3:cd:fd:24:7f:e7:a3:15:77:d3:5f:
24:60:3d:ad:2b:62:16:71:99:a1:0b:f2:24:64:30:5f:77:03:
dd:5a:e4:17:d5:5d:47:1b:a4:85:c0:1b:3b:7b:13:29:3c:32:
9e:e1:73:42:db:aa:de:e1:9f:e6:2c:3e:d9:0a:fb:ec:37:6a:
7f:54:0f:50:24:c9:80:2d:4f:3e:d1:57:4c:17:0d:98:b4:1f:
dc:f3:e2:33:e1:28:49:c1:19:08:36:49:3d:88:57:57:22:64:
f1:f9:ca:ff:2b:23:04:11:5a:86:38:e5:17:b3:52:9e:87:86:
a0:59:7b:be:cb:28:3a:18:6b:10:95:98:83:76:7a:6f:1f:ba:
d6:93:44:70:19:6d:20:ad:86:19:4e:36:fb:47:d6:1e:ab:31:
65:9c:78:36:0c:86:09:4c:e9:6a:a5:56:a8:bc:3f:35:23:6d:
f1:e9:88:2d:72:8a:26:73:6c:c0:3e:39:ca:65:29:21:0b:a2:
c5:90:c2:77
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUC8Br4bgiW3+zDgHWG8UZlcOdoGUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDExMTgyMTEwNTlaFw0yNTExMTcyMTE1NTlaMDMxMTAvBgNV
BAMTKDc5MkY0MDc0RUMyQ0NBOThDRkE4NkI0QUI0NzY1ODI2ODQyQjhDMTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDl8P4QsC3hPayve5b4cnYuxAbA
kkjXiTQJHe8BAWkwKGs6MhQdhjdnXFS3CumHt2wEKJqKuiUFkaLmVPV6g1zJ/DXO
4YqEcdI6xxfwUFzUIBA4QoZ/yxeVEfxIqUxHDNQ7Dega1u+3yPl9e5BvZeBCd3/Q
cL1an0XHApPRT/hqH7ObSVSqT2BWtPcvQ/GjrOhugAmyMyS70YiwnIi1vi5s5v3Z
6yOQ/OQ4FKkpd/KiwVKxTH802jqr4trBHh3lEWa70SYtvftymHoOHDklyVvpPlQj
fQ6kT1Mmof0R9C/CUYF6NYcNDfD8azEYX47wbpjczoN19JlM4GcBs7V1oX9vAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUeS9AdOwsypjPqGtKtHZYJoQrjBMwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzgzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNDMyMzQzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1uuTANBgkqhkiG9w0BAQsFAAOCAQEAFMlLcpGd94J6OlTCRXxIOHWdiNxM
Cf4KElYkaxUkgRuE+hdI4Ipgr6erBaI8ySHdTPuzIVLvTOX0z7amJMPN/SR/56MV
d9NfJGA9rStiFnGZoQvyJGQwX3cD3VrkF9VdRxukhcAbO3sTKTwynuFzQtuq3uGf
5iw+2Qr77Ddqf1QPUCTJgC1PPtFXTBcNmLQf3PPiM+EoScEZCDZJPYhXVyJk8fnK
/ysjBBFahjjlF7NSnoeGoFl7vssoOhhrEJWYg3Z6bx+61pNEcBltIK2GGU42+0fW
HqsxZZx4NgyGCUzpaqVWqLw/NSNt8emILXKKJnNswD45ymUpIQuixZDCdw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org