Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3233203d3e20323732303733.roa
File: 3130392e3131302e3139302e302f32332d3233203d3e20323732303733.roa (raw, json)
Hash identifier: 4e2qw5cbaUVaGyEZnjNWgqx4lV5NBzdGZuilHkUHlzU=
Subject key identifier: 04:97:6B:92:B4:35:3F:70:DA:B3:97:F8:AB:0A:2B:19:67:69:6F:29
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 13E6FE5DA95007AE63FFDBA81734F24912DF3D14
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3233203d3e20323732303733.roa
Signing time: Sat 20 Apr 2024 22:00:45 +0000
ROA not before: Sat 20 Apr 2024 21:55:45 +0000
ROA not after: Sat 19 Apr 2025 22:00:45 +0000
asID: 272073
IP address blocks: 109.110.190.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:e6:fe:5d:a9:50:07:ae:63:ff:db:a8:17:34:f2:49:12:df:3d:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Apr 20 21:55:45 2024 GMT
Not After : Apr 19 22:00:45 2025 GMT
Subject: CN=04976B92B4353F70DAB397F8AB0A2B1967696F29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:52:1d:ef:06:85:39:22:2e:0f:2c:d1:15:30:
15:74:43:9f:88:99:8e:5e:f1:88:e2:40:c5:59:1c:
db:e5:d9:af:d0:c7:7f:77:08:e3:15:df:f0:8a:39:
e2:e0:df:c8:a4:8c:83:83:b7:ce:a7:9b:44:cd:39:
35:02:b8:8f:4a:3a:c7:cb:ed:9e:7b:99:c2:46:58:
32:d8:66:24:be:8a:a4:3f:24:26:8c:1c:c0:42:96:
32:db:3a:0d:59:d0:c3:88:4c:a8:1e:df:59:96:74:
c1:96:60:59:ed:87:d6:b4:63:ad:0e:ea:a3:aa:4b:
2f:e8:76:2f:bf:54:43:ea:93:09:05:1b:22:62:31:
1a:9c:a4:3f:db:1a:26:80:4b:47:30:ec:8b:7b:64:
0d:52:98:ba:ec:0f:49:ee:c3:62:53:bc:cb:ba:dc:
8d:42:26:93:c4:ff:cc:f1:6b:08:8a:b8:78:d9:e2:
ee:42:ce:09:a4:e1:ad:ae:8d:5e:14:e3:63:cf:1a:
97:e8:3c:ed:93:57:d3:2d:4b:f9:23:0d:86:bc:26:
35:67:89:71:c3:5f:c1:e2:90:1e:19:3b:5d:df:42:
d3:74:ee:df:07:0d:e4:89:58:2f:7d:d8:8c:20:f3:
c3:4d:7a:79:5c:56:51:2d:8b:23:98:06:c5:46:2b:
53:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:97:6B:92:B4:35:3F:70:DA:B3:97:F8:AB:0A:2B:19:67:69:6F:29
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3233203d3e20323732303733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.190.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:3b:09:b6:4d:2d:f8:d8:e6:e8:74:c6:1f:99:67:d3:bd:4b:
b3:f1:bc:2c:ba:4d:ad:04:21:e0:bf:4f:09:3e:2c:86:39:ec:
d1:ef:eb:a3:cd:5f:4a:0a:71:af:8e:89:7f:5f:62:68:df:e3:
9b:5e:27:10:da:4a:29:4a:47:d1:a0:18:76:14:1f:54:70:94:
5e:01:2f:9c:19:4d:6b:08:9d:3a:d2:f8:56:8a:75:e9:6b:22:
f1:ab:6f:e0:53:24:ab:e7:f5:5e:e3:ec:4f:1f:96:0a:42:29:
cc:12:73:ca:34:17:39:5f:50:77:20:d7:6b:45:e2:aa:f3:72:
d4:b6:38:fa:30:91:6f:9d:b5:f8:87:8f:95:3b:5e:6b:e5:b5:
45:77:69:69:ef:a4:ee:d8:20:85:63:72:a6:f0:19:78:f3:e6:
5c:37:2c:22:33:19:76:3c:79:21:24:b3:06:e8:c9:67:cb:61:
4c:ce:e2:e6:28:5d:cc:bc:a5:cc:d3:81:dd:9c:b4:8f:26:af:
2a:f0:bb:2d:00:e8:a9:d2:12:bb:91:63:8e:6f:eb:8b:b5:be:
6e:cb:21:8d:c4:56:0a:ea:36:01:3f:04:9e:f9:3a:bd:07:45:
f8:cc:d0:f9:1b:29:3a:32:a0:8d:72:4f:03:1e:06:15:2e:da:
12:a9:00:2e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUE+b+XalQB65j/9uoFzTySRLfPRQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDA0MjAyMTU1NDVaFw0yNTA0MTkyMjAwNDVaMDMxMTAvBgNV
BAMTKDA0OTc2QjkyQjQzNTNGNzBEQUIzOTdGOEFCMEEyQjE5Njc2OTZGMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYUh3vBoU5Ii4PLNEVMBV0Q5+I
mY5e8YjiQMVZHNvl2a/Qx393COMV3/CKOeLg38ikjIODt86nm0TNOTUCuI9KOsfL
7Z57mcJGWDLYZiS+iqQ/JCaMHMBCljLbOg1Z0MOITKge31mWdMGWYFnth9a0Y60O
6qOqSy/odi+/VEPqkwkFGyJiMRqcpD/bGiaAS0cw7It7ZA1SmLrsD0nuw2JTvMu6
3I1CJpPE/8zxawiKuHjZ4u5Czgmk4a2ujV4U42PPGpfoPO2TV9MtS/kjDYa8JjVn
iXHDX8HikB4ZO13fQtN07t8HDeSJWC992Iwg88NNenlcVlEtiyOYBsVGK1MLAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUBJdrkrQ1P3Das5f4qworGWdpbykwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzkzMDJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDMyMzczMjMwMzczMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAW1uvjANBgkqhkiG9w0BAQsFAAOCAQEArDsJtk0t+Njm6HTGH5ln071Ls/G8
LLpNrQQh4L9PCT4shjns0e/ro81fSgpxr46Jf19iaN/jm14nENpKKUpH0aAYdhQf
VHCUXgEvnBlNawidOtL4Vop16Wsi8atv4FMkq+f1XuPsTx+WCkIpzBJzyjQXOV9Q
dyDXa0XiqvNy1LY4+jCRb521+IePlTtea+W1RXdpae+k7tgghWNypvAZePPmXDcs
IjMZdjx5ISSzBujJZ8thTM7i5ihdzLylzNOB3Zy0jyavKvC7LQDoqdISu5Fjjm/r
i7W+bsshjcRWCuo2AT8Envk6vQdF+MzQ+RspOjKgjXJPAx4GFS7aEqkALg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org