Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3135302e302f32332d3234203d3e20313532313739.roa
File: 34352e38392e3135302e302f32332d3234203d3e20313532313739.roa (raw, json)
Hash identifier: A63hwljj4f2YemcjsutvAiUsKI7UuQwY5z2kJlgdjWQ=
Subject key identifier: 4D:FC:E4:CF:DD:74:CB:0B:BF:43:11:B4:A2:84:18:BE:D6:BC:CB:8B
Certificate issuer: /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial: 127C7E00B8E5CA8A410F468CE2C743A733DAC7C9
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3135302e302f32332d3234203d3e20313532313739.roa
Signing time: Sun 07 Jan 2024 04:35:32 +0000
ROA not before: Sun 07 Jan 2024 04:30:32 +0000
ROA not after: Sun 05 Jan 2025 04:35:32 +0000
asID: 152179
IP address blocks: 45.89.150.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:7c:7e:00:b8:e5:ca:8a:41:0f:46:8c:e2:c7:43:a7:33:da:c7:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Validity
Not Before: Jan 7 04:30:32 2024 GMT
Not After : Jan 5 04:35:32 2025 GMT
Subject: CN=4DFCE4CFDD74CB0BBF4311B4A28418BED6BCCB8B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f1:3b:a0:e2:cb:e0:10:92:08:a9:66:6f:05:
22:0b:b8:4e:e7:04:ed:5f:b8:91:c0:b4:b4:2f:89:
bc:25:c1:8e:0b:dc:8d:71:b7:09:5a:1a:36:71:33:
5b:09:f4:dd:9d:a2:5e:45:51:bf:a7:6a:37:71:00:
a6:23:2f:bd:92:82:c8:fe:e4:ee:69:cb:9e:01:e9:
49:2d:5b:cb:a1:9b:d8:43:d7:16:72:ab:e3:88:2c:
9b:42:97:70:a4:b2:6f:52:8b:66:5d:44:ab:a9:48:
3c:81:a3:d5:17:41:b4:45:be:ce:9d:92:c2:15:a5:
de:5b:eb:89:7f:1a:d7:e7:e3:d0:57:e3:15:08:7f:
44:f2:89:0c:90:f5:40:07:c6:c4:dc:d3:cd:a0:22:
cd:36:91:9a:ef:5f:9c:fa:99:e0:58:4a:57:0e:44:
ef:b9:ee:21:57:22:76:3e:d2:e5:ca:95:e3:6e:a5:
69:bd:d5:a4:b6:43:9a:90:79:0d:a0:76:bd:7a:5a:
8c:a6:45:be:7c:35:d9:1f:cc:9a:57:32:70:bc:e2:
91:65:19:e5:b2:c2:63:d1:56:1e:b5:7e:7e:2a:fc:
98:e9:31:59:71:a8:79:0a:4f:5c:ae:6a:90:94:40:
70:41:5b:50:8c:69:e2:c7:e7:9a:5d:19:a5:55:fb:
3a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:FC:E4:CF:DD:74:CB:0B:BF:43:11:B4:A2:84:18:BE:D6:BC:CB:8B
X509v3 Authority Key Identifier:
keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3135302e302f32332d3234203d3e20313532313739.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.150.0/23
Signature Algorithm: sha256WithRSAEncryption
57:f8:c5:c6:0d:5f:db:b0:72:9f:77:6a:4d:15:e9:85:0f:d5:
f0:df:26:73:e5:6b:44:3c:b9:37:8a:d2:c6:5d:40:b1:69:a0:
8e:81:33:85:70:59:64:34:46:c3:a2:c2:12:cb:fb:4d:14:39:
f5:74:6b:3e:72:c8:05:ef:55:ee:70:00:1a:13:95:21:53:ba:
49:0b:d4:1f:2d:a4:65:36:72:82:f5:24:b7:ee:0a:8d:5f:3b:
49:a0:c1:22:cf:89:c5:68:95:e0:11:51:54:8f:24:36:ee:c0:
2b:a1:47:03:aa:79:2e:c1:a6:0c:de:cf:ab:06:19:02:bd:61:
38:d3:0b:7e:0a:c3:5d:08:1d:6e:70:d0:1f:20:a3:7c:65:c7:
7f:a9:42:b2:2d:1d:34:7d:d1:fc:c7:52:81:b6:4c:79:1a:9f:
43:70:b0:fb:cf:ce:6f:59:9b:0b:14:77:46:b5:e1:85:fd:85:
45:45:9c:c7:b8:fb:cd:31:f6:ae:2a:26:17:02:b0:0f:09:74:
bf:7b:f2:c4:ad:be:f2:a3:7e:3d:c7:1d:6f:6c:20:18:82:10:
a2:a1:ae:85:7d:58:f7:2e:39:64:76:32:e2:fb:6a:5a:e3:a4:
9c:40:cf:6a:e3:43:29:4d:af:ab:e6:56:f5:5f:a1:de:be:b8:
21:e7:24:aa
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEnx+ALjlyopBD0aM4sdDpzPax8kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yNDAxMDcwNDMwMzJaFw0yNTAxMDUwNDM1MzJaMDMxMTAvBgNV
BAMTKDRERkNFNENGREQ3NENCMEJCRjQzMTFCNEEyODQxOEJFRDZCQ0NCOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDg8Tug4svgEJIIqWZvBSILuE7n
BO1fuJHAtLQvibwlwY4L3I1xtwlaGjZxM1sJ9N2dol5FUb+najdxAKYjL72Sgsj+
5O5py54B6UktW8uhm9hD1xZyq+OILJtCl3Cksm9Si2ZdRKupSDyBo9UXQbRFvs6d
ksIVpd5b64l/Gtfn49BX4xUIf0TyiQyQ9UAHxsTc082gIs02kZrvX5z6meBYSlcO
RO+57iFXInY+0uXKleNupWm91aS2Q5qQeQ2gdr16WoymRb58NdkfzJpXMnC84pFl
GeWywmPRVh61fn4q/JjpMVlxqHkKT1yuapCUQHBBW1CMaeLH55pdGaVV+zrRAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUTfzkz910ywu/QxG0ooQYvta8y4swHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzQzNTJlMzgzOTJlMzEzNTMw
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzEzNTMyMzEzNzM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
LVmWMA0GCSqGSIb3DQEBCwUAA4IBAQBX+MXGDV/bsHKfd2pNFemFD9Xw3yZz5WtE
PLk3itLGXUCxaaCOgTOFcFlkNEbDosISy/tNFDn1dGs+csgF71XucAAaE5UhU7pJ
C9QfLaRlNnKC9SS37gqNXztJoMEiz4nFaJXgEVFUjyQ27sAroUcDqnkuwaYM3s+r
BhkCvWE40wt+CsNdCB1ucNAfIKN8Zcd/qUKyLR00fdH8x1KBtkx5Gp9DcLD7z85v
WZsLFHdGteGF/YVFRZzHuPvNMfauKiYXArAPCXS/e/LErb7yo349xx1vbCAYghCi
oa6FfVj3LjlkdjLi+2pa46ScQM9q40MpTa+r5lb1X6Hevrgh5ySq
-----END CERTIFICATE-----
Generated at Fri May 31 23:16:06 2024 by rpki-client on console-ams.rpki-client.org