Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138362e302f32342d3234203d3e20323039303433.roa
File: 3130392e3131302e3138362e302f32342d3234203d3e20323039303433.roa (raw, json)
Hash identifier: GTFREuzmdACV3hXktImSFz00WHjJymXB3CdadlW4Sro=
Subject key identifier: DA:7D:13:48:76:D1:0E:F0:AB:E4:A4:0F:4C:D2:D0:A1:29:54:9F:D4
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 28424C547CB2A9161D5B2F19FA8F5F7DD3F13C5E
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138362e302f32342d3234203d3e20323039303433.roa
Signing time: Tue 23 Apr 2024 13:03:56 +0000
ROA not before: Tue 23 Apr 2024 12:58:56 +0000
ROA not after: Tue 22 Apr 2025 13:03:56 +0000
asID: 209043
IP address blocks: 109.110.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:42:4c:54:7c:b2:a9:16:1d:5b:2f:19:fa:8f:5f:7d:d3:f1:3c:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Apr 23 12:58:56 2024 GMT
Not After : Apr 22 13:03:56 2025 GMT
Subject: CN=DA7D134876D10EF0ABE4A40F4CD2D0A129549FD4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:13:fc:31:83:e5:23:34:e6:61:1a:58:d7:2a:
16:6f:f8:72:75:5e:38:93:90:66:cc:c9:9b:13:60:
1e:59:18:9e:c6:2d:81:dd:04:7e:19:9e:e2:a3:36:
68:aa:78:4f:f7:20:8d:aa:f7:81:27:cd:9a:bf:3b:
66:17:0b:b8:ee:08:54:90:9c:85:3f:8f:5e:9d:1c:
00:da:76:4c:88:c8:90:97:cd:2e:3b:f9:6a:61:65:
09:c5:8f:24:59:41:b5:1f:16:3d:7a:11:b9:d9:59:
f1:2e:b5:91:b7:81:4d:55:e8:b9:78:2f:74:a2:b0:
00:43:01:04:a5:e1:fd:e0:ed:07:9c:1c:ce:c7:15:
a2:63:9d:83:b2:a0:0f:86:20:f1:e9:1d:6e:f8:2a:
ef:e0:45:9c:a5:65:d0:06:ed:28:e3:87:8a:f4:d5:
9b:02:8c:7f:07:af:55:76:1a:de:ee:39:1d:0a:e2:
59:17:c6:13:7c:79:ff:cf:bb:b7:b8:6d:0c:1f:5c:
29:45:df:3e:4e:50:fe:5b:83:24:7e:f2:68:65:5a:
08:19:54:dd:71:cf:b7:2e:72:f8:18:39:07:03:8e:
a5:cd:90:79:74:6e:91:08:93:74:d4:af:02:63:4e:
0a:a5:63:d3:14:94:89:90:5e:94:e2:96:6a:63:58:
00:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:7D:13:48:76:D1:0E:F0:AB:E4:A4:0F:4C:D2:D0:A1:29:54:9F:D4
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138362e302f32342d3234203d3e20323039303433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.186.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:ea:52:b9:44:3e:01:3f:a4:16:af:7d:d8:ce:98:f3:a4:2a:
0c:1c:e6:93:18:4a:26:31:f2:14:ff:06:9c:d7:74:c6:de:14:
f8:54:fb:e1:e2:09:91:81:3f:de:b5:b6:ed:e6:2e:a9:55:0a:
b7:01:91:ed:ae:ea:93:31:9e:84:4b:39:72:c7:ba:c2:8e:e3:
1e:87:76:4c:6a:26:6a:4b:4b:a6:2d:f8:c0:da:40:b6:98:52:
ff:e9:d7:f7:b9:f7:ef:90:d9:bd:c6:3a:87:fe:23:45:fe:ec:
20:94:4a:20:50:ed:1e:6f:53:3c:c4:42:06:fa:e0:f6:79:0e:
3f:1b:7d:f8:36:d8:b4:ed:88:a3:55:be:5c:dd:b7:7c:ed:75:
ff:84:fa:c3:91:cb:c0:9f:8d:42:71:f4:f0:c4:50:68:d9:31:
7e:fb:68:ac:a7:65:70:c9:da:72:30:b8:14:37:a0:ac:c7:5f:
a7:2d:37:40:38:c3:9e:5e:92:72:67:c1:14:39:0b:c0:85:19:
bb:c1:55:51:cf:8f:95:16:f9:95:33:f3:c7:3b:3d:79:05:ef:
ae:6a:b0:ca:c7:bf:45:43:19:e6:cd:fc:6e:4d:b8:e5:a1:05:
16:7e:95:17:c6:b3:3d:c9:be:f3:79:7b:23:8c:ba:ce:2b:67:
e0:41:b2:ac
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUKEJMVHyyqRYdWy8Z+o9ffdPxPF4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDA0MjMxMjU4NTZaFw0yNTA0MjIxMzAzNTZaMDMxMTAvBgNV
BAMTKERBN0QxMzQ4NzZEMTBFRjBBQkU0QTQwRjRDRDJEMEExMjk1NDlGRDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3E/wxg+UjNOZhGljXKhZv+HJ1
XjiTkGbMyZsTYB5ZGJ7GLYHdBH4ZnuKjNmiqeE/3II2q94EnzZq/O2YXC7juCFSQ
nIU/j16dHADadkyIyJCXzS47+WphZQnFjyRZQbUfFj16EbnZWfEutZG3gU1V6Ll4
L3SisABDAQSl4f3g7QecHM7HFaJjnYOyoA+GIPHpHW74Ku/gRZylZdAG7Sjjh4r0
1ZsCjH8Hr1V2Gt7uOR0K4lkXxhN8ef/Pu7e4bQwfXClF3z5OUP5bgyR+8mhlWggZ
VN1xz7cucvgYOQcDjqXNkHl0bpEIk3TUrwJjTgqlY9MUlImQXpTilmpjWACXAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU2n0TSHbRDvCr5KQPTNLQoSlUn9QwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzgzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzOTMwMzQzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1uujANBgkqhkiG9w0BAQsFAAOCAQEATepSuUQ+AT+kFq992M6Y86QqDBzm
kxhKJjHyFP8GnNd0xt4U+FT74eIJkYE/3rW27eYuqVUKtwGR7a7qkzGehEs5cse6
wo7jHod2TGomaktLpi34wNpAtphS/+nX97n375DZvcY6h/4jRf7sIJRKIFDtHm9T
PMRCBvrg9nkOPxt9+DbYtO2Io1W+XN23fO11/4T6w5HLwJ+NQnH08MRQaNkxfvto
rKdlcMnacjC4FDegrMdfpy03QDjDnl6ScmfBFDkLwIUZu8FVUc+PlRb5lTPzxzs9
eQXvrmqwyse/RUMZ5s38bk245aEFFn6VF8azPcm+83l7I4y6zitn4EGyrA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org