Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138382e302f32342d3234203d3e20313939363935.roa
File: 3130392e3131302e3138382e302f32342d3234203d3e20313939363935.roa (raw, json)
Hash identifier: Uk8zaax/gWARJcBkWkWbXGCgwis2oysE3VsVi6jYK4A=
Subject key identifier: D7:E0:23:86:86:FA:06:D6:4F:2F:CF:C0:F5:F9:62:1E:1D:94:51:4B
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 33DCFD7BD2A48D17E389DBDA28E7F23DE45AA2BD
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138382e302f32342d3234203d3e20313939363935.roa
Signing time: Thu 11 Jul 2024 14:47:39 +0000
ROA not before: Thu 11 Jul 2024 14:42:39 +0000
ROA not after: Thu 10 Jul 2025 14:47:39 +0000
asID: 199695
IP address blocks: 109.110.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:dc:fd:7b:d2:a4:8d:17:e3:89:db:da:28:e7:f2:3d:e4:5a:a2:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Jul 11 14:42:39 2024 GMT
Not After : Jul 10 14:47:39 2025 GMT
Subject: CN=D7E0238686FA06D64F2FCFC0F5F9621E1D94514B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8e:35:50:e6:6b:d9:07:05:e6:4d:2b:8b:7a:
27:be:01:d3:d3:a7:71:d7:fd:e4:78:06:21:83:80:
ba:fd:dc:02:04:be:71:b1:39:40:bf:a9:0c:0b:06:
43:06:b2:bb:81:10:e5:73:28:20:87:e0:2a:74:fc:
54:73:ae:cb:77:03:19:73:eb:68:47:16:8e:46:4e:
52:81:ca:a2:64:b5:2e:c4:40:c8:57:03:9e:f5:f0:
fe:d3:b0:1b:9a:e5:c4:6c:36:3e:58:4a:ce:f8:ca:
09:1f:2e:b9:71:78:6e:ce:47:95:11:af:1e:90:52:
8b:b4:97:52:21:90:ee:8f:57:55:f1:28:6c:70:34:
30:e0:dc:3f:1b:6b:16:93:7c:49:98:ea:e2:04:27:
6c:d3:ab:1d:88:ce:62:24:60:a2:21:ad:85:4a:f7:
b8:de:f8:3e:d6:56:c1:bc:ef:9a:8d:5b:83:18:a2:
e5:32:dd:3f:09:db:e1:57:be:45:6c:09:dc:40:23:
dd:76:20:87:00:c8:07:1f:d2:f6:6f:05:0c:5f:82:
1a:73:ff:06:21:02:8a:78:7e:25:09:18:5f:80:78:
b2:9e:38:6a:97:17:84:7c:10:0a:2f:de:59:41:66:
5d:11:38:7e:eb:39:d9:72:05:e1:bf:02:21:46:a5:
14:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E0:23:86:86:FA:06:D6:4F:2F:CF:C0:F5:F9:62:1E:1D:94:51:4B
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138382e302f32342d3234203d3e20313939363935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.188.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:7d:0f:e6:d4:b9:9a:b9:db:6f:34:72:42:65:e1:e9:c8:96:
53:8b:dd:1e:78:4b:6a:1f:ed:8b:2c:e9:95:76:2f:90:62:0a:
b4:92:e3:9f:10:e4:db:cd:cf:62:64:54:16:b2:1d:36:7e:df:
dd:6b:e5:b8:3b:5a:31:60:c8:cc:49:a7:f1:18:63:24:55:14:
72:dc:21:84:47:53:d1:d0:17:49:8d:f6:b2:fa:58:c2:ad:62:
9d:b1:db:64:94:8e:7f:8f:c1:aa:ba:fe:ba:be:36:f9:8f:12:
12:10:a1:38:8e:6b:39:eb:8f:b0:c4:43:02:1f:cf:e7:f6:b7:
a3:b2:a9:d4:ca:57:e7:2e:dc:53:8d:cd:49:1a:72:8b:55:d8:
11:2a:35:b4:62:3c:42:19:7d:ba:4b:dd:ed:99:1b:3b:e5:d2:
36:e3:39:fb:d6:fd:ec:9f:aa:4b:d0:36:06:15:d1:79:39:8c:
fa:95:74:fd:94:d6:86:63:e9:d6:0c:fb:c6:ef:90:f4:3f:6e:
9b:2d:ee:7e:1f:4c:ee:96:13:48:64:65:cc:4e:27:17:07:ec:
20:63:23:2a:2e:38:d3:8f:ea:e6:34:5e:95:22:ff:03:a9:a0:
8c:43:8e:83:5a:9b:05:0b:e5:0e:b0:b9:1d:e7:c4:be:eb:1a:
2f:a7:e2:db
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUM9z9e9KkjRfjidvaKOfyPeRaor0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDA3MTExNDQyMzlaFw0yNTA3MTAxNDQ3MzlaMDMxMTAvBgNV
BAMTKEQ3RTAyMzg2ODZGQTA2RDY0RjJGQ0ZDMEY1Rjk2MjFFMUQ5NDUxNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyjjVQ5mvZBwXmTSuLeie+AdPT
p3HX/eR4BiGDgLr93AIEvnGxOUC/qQwLBkMGsruBEOVzKCCH4Cp0/FRzrst3Axlz
62hHFo5GTlKByqJktS7EQMhXA5718P7TsBua5cRsNj5YSs74ygkfLrlxeG7OR5UR
rx6QUou0l1IhkO6PV1XxKGxwNDDg3D8baxaTfEmY6uIEJ2zTqx2IzmIkYKIhrYVK
97je+D7WVsG875qNW4MYouUy3T8J2+FXvkVsCdxAI912IIcAyAcf0vZvBQxfghpz
/wYhAop4fiUJGF+AeLKeOGqXF4R8EAov3llBZl0ROH7rOdlyBeG/AiFGpRQxAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU1+Ajhob6BtZPL8/A9fliHh2UUUswHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzgzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzkzOTM2MzkzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1uvDANBgkqhkiG9w0BAQsFAAOCAQEAXH0P5tS5mrnbbzRyQmXh6ciWU4vd
HnhLah/tiyzplXYvkGIKtJLjnxDk283PYmRUFrIdNn7f3WvluDtaMWDIzEmn8Rhj
JFUUctwhhEdT0dAXSY32svpYwq1inbHbZJSOf4/Bqrr+ur42+Y8SEhChOI5rOeuP
sMRDAh/P5/a3o7Kp1MpX5y7cU43NSRpyi1XYESo1tGI8Qhl9ukvd7ZkbO+XSNuM5
+9b97J+qS9A2BhXReTmM+pV0/ZTWhmPp1gz7xu+Q9D9umy3ufh9M7pYTSGRlzE4n
FwfsIGMjKi4404/q5jRelSL/A6mgjEOOg1qbBQvlDrC5HefEvusaL6fi2w==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org