Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231352e302f32342d3234203d3e203631333137.roa
File: 34352e39352e3231352e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: hw9AzvJhfi8XJwfjXImtNGwvFDNKzv0Xo8NMDCDttTs=
Subject key identifier: 73:EA:BD:A3:E6:F6:52:3C:B4:09:BC:2D:19:2F:10:99:B4:A2:DC:A2
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 1B2EF6F272DFBF28C1875FF823ACAECE34AC5B60
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231352e302f32342d3234203d3e203631333137.roa
Signing time: Thu 05 Oct 2023 10:43:23 +0000
ROA not before: Thu 05 Oct 2023 10:38:23 +0000
ROA not after: Thu 03 Oct 2024 10:43:23 +0000
asID: 61317
IP address blocks: 45.95.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:2e:f6:f2:72:df:bf:28:c1:87:5f:f8:23:ac:ae:ce:34:ac:5b:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Oct 5 10:38:23 2023 GMT
Not After : Oct 3 10:43:23 2024 GMT
Subject: CN=73EABDA3E6F6523CB409BC2D192F1099B4A2DCA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c5:dd:29:a9:f1:79:7c:fd:90:66:d4:f2:e1:
ff:3c:ba:92:ad:39:78:ea:ed:0a:c7:61:67:7f:85:
bb:80:80:51:4f:97:80:b5:ee:0b:7c:e4:87:17:13:
28:2a:09:f6:37:44:1d:eb:e3:db:eb:a7:a7:13:71:
3e:0d:93:48:5d:3f:14:04:b3:fa:49:a1:94:a5:d5:
d6:3f:ce:14:c9:6a:9c:f8:f5:49:93:a6:47:fd:63:
d3:f8:13:2d:f2:76:c1:4a:f1:d6:5c:25:48:ba:bc:
e4:fc:f4:72:b6:ae:b4:62:b8:f9:28:27:43:89:a3:
0d:46:94:a3:b1:e9:66:de:ca:dd:5b:8d:e1:5a:63:
7a:59:34:a8:dd:04:09:35:a2:68:1e:61:64:ce:50:
47:b0:3e:2b:01:3a:5a:c9:58:b1:93:ca:d3:82:7c:
dc:1d:cc:6f:89:db:aa:74:b2:d7:b5:bc:43:57:6e:
36:b7:f1:f9:c1:47:b8:fe:d7:2f:77:9e:0b:a6:92:
87:78:1a:60:3a:5d:cb:ea:90:a2:4d:18:73:4d:a3:
25:2b:d1:c3:ab:34:ae:d4:00:ab:b7:8d:d4:b6:bf:
61:66:9b:72:53:61:dd:06:52:dd:75:d2:c0:f0:2c:
9d:7e:96:27:fa:00:06:5d:2a:10:84:ab:6f:5f:59:
e0:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:EA:BD:A3:E6:F6:52:3C:B4:09:BC:2D:19:2F:10:99:B4:A2:DC:A2
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231352e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.215.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:c0:8f:ed:9b:77:f3:c8:01:a4:6d:15:0a:70:51:3a:21:7b:
4e:7b:e4:1e:84:69:74:94:7e:cb:ef:b6:85:58:8d:07:ef:53:
09:2d:8b:54:d1:f7:7e:5c:4f:22:26:cd:a1:24:92:aa:7d:dc:
d2:ef:1b:d4:d4:eb:98:58:90:6f:8f:95:21:87:8d:54:e2:57:
50:6e:01:79:17:a1:bd:04:64:13:56:54:d4:df:f5:7a:14:16:
f3:0a:17:55:cb:3d:6a:10:06:e1:73:9d:f2:6b:57:66:2d:34:
9a:3f:2a:6b:b1:86:61:c5:ad:10:d0:34:22:1c:06:50:61:f5:
37:33:c1:92:83:35:f7:73:a3:14:c6:80:93:28:2b:60:2d:e5:
f2:4a:de:e9:3d:2c:33:81:83:84:42:1b:98:6f:f9:9e:1f:3b:
3f:50:31:d9:cd:75:a1:1b:e3:ea:c3:c3:81:3e:c0:bd:a0:aa:
69:83:46:b9:db:9b:f3:b5:68:69:06:60:e4:57:d9:16:87:13:
04:70:19:df:7d:bf:32:e6:b7:22:94:c9:f7:24:e4:91:4c:82:
69:f4:7a:7a:a1:a5:e7:0c:6b:1e:ae:93:84:18:4f:32:81:9f:
94:7a:ed:bf:d4:9e:bf:16:d3:52:e2:44:24:f7:8e:3c:4c:73:
14:e0:19:1c
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUGy728nLfvyjBh1/4I6yuzjSsW2AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzEwMDUxMDM4MjNaFw0yNDEwMDMxMDQzMjNaMDMxMTAvBgNV
BAMTKDczRUFCREEzRTZGNjUyM0NCNDA5QkMyRDE5MkYxMDk5QjRBMkRDQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVxd0pqfF5fP2QZtTy4f88upKt
OXjq7QrHYWd/hbuAgFFPl4C17gt85IcXEygqCfY3RB3r49vrp6cTcT4Nk0hdPxQE
s/pJoZSl1dY/zhTJapz49UmTpkf9Y9P4Ey3ydsFK8dZcJUi6vOT89HK2rrRiuPko
J0OJow1GlKOx6Wbeyt1bjeFaY3pZNKjdBAk1omgeYWTOUEewPisBOlrJWLGTytOC
fNwdzG+J26p0ste1vENXbja38fnBR7j+1y93ngumkod4GmA6XcvqkKJNGHNNoyUr
0cOrNK7UAKu3jdS2v2Fmm3JTYd0GUt110sDwLJ1+lif6AAZdKhCEq29fWeB5AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUc+q9o+b2Ujy0CbwtGS8QmbSi3KIwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzkzNTJlMzIzMTM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTMzMzEzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1f
1zANBgkqhkiG9w0BAQsFAAOCAQEAvMCP7Zt388gBpG0VCnBROiF7TnvkHoRpdJR+
y++2hViNB+9TCS2LVNH3flxPIibNoSSSqn3c0u8b1NTrmFiQb4+VIYeNVOJXUG4B
eRehvQRkE1ZU1N/1ehQW8woXVcs9ahAG4XOd8mtXZi00mj8qa7GGYcWtENA0IhwG
UGH1NzPBkoM193OjFMaAkygrYC3l8kre6T0sM4GDhEIbmG/5nh87P1Ax2c11oRvj
6sPDgT7AvaCqaYNGudub87VoaQZg5FfZFocTBHAZ332/Mua3IpTJ9yTkkUyCafR6
eqGl5wxrHq6ThBhPMoGflHrtv9SevxbTUuJEJPeOPExzFOAZHA==
-----END CERTIFICATE-----
Generated at Sat May 4 15:08:38 2024 by rpki-client on console-fra.rpki-client.org