Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e203633303233.roa
File: 34352e3133372e39372e302f32342d3234203d3e203633303233.roa (raw, json)
Hash identifier: 0Fh9nVNcvcj+ixu1lbxTOCuVcvy6dF3Uznomgc0U3CA=
Subject key identifier: 27:11:CA:36:2D:B8:FE:DF:87:C2:1A:40:77:41:BD:D4:4E:ED:7C:2E
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 48812DBF75B5135DC2C03E3B9059979DA76FA8FB
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e203633303233.roa
Signing time: Wed 21 Feb 2024 19:05:12 +0000
ROA not before: Wed 21 Feb 2024 19:00:12 +0000
ROA not after: Wed 19 Feb 2025 19:05:12 +0000
asID: 63023
IP address blocks: 45.137.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:81:2d:bf:75:b5:13:5d:c2:c0:3e:3b:90:59:97:9d:a7:6f:a8:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 21 19:00:12 2024 GMT
Not After : Feb 19 19:05:12 2025 GMT
Subject: CN=2711CA362DB8FEDF87C21A407741BDD44EED7C2E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:67:a3:5f:c4:e4:55:4a:83:62:c8:a4:3e:d3:
34:92:62:bb:1f:45:a0:a5:48:df:01:31:9e:a5:90:
09:7d:87:cd:95:fc:2a:61:fd:15:a0:3d:f7:81:ea:
32:eb:98:54:03:04:80:ab:fe:bd:c5:75:aa:f6:89:
48:01:9b:5a:38:64:43:8d:66:aa:88:7e:cf:3e:46:
bd:b1:03:2a:38:ad:07:5a:73:cd:f8:ec:ba:55:10:
40:35:d0:67:2f:93:c7:cf:8a:d4:76:e6:86:ef:c5:
ce:c9:b2:04:e3:22:98:f1:a1:95:33:ee:76:64:5b:
4d:71:f0:43:9a:1f:f7:6e:81:dc:d5:4f:cf:b0:9f:
e8:23:78:ab:13:ac:2d:0e:0f:5e:08:05:7f:a5:15:
75:c6:94:42:18:6e:e0:37:17:70:d6:15:79:f9:2e:
e5:8f:82:eb:84:07:bd:91:ab:fb:29:c7:c9:86:73:
4c:53:85:34:b2:17:df:85:bd:04:da:e7:28:d3:74:
36:7d:d8:a1:1f:25:c0:38:0a:3f:cd:aa:35:d5:61:
5d:5c:2b:79:6c:7f:46:17:bf:1a:dd:3b:a7:b8:eb:
1c:b0:66:d0:eb:c7:1e:24:14:8c:a7:27:44:32:d9:
7c:db:b1:fa:38:b1:a9:b6:bd:0b:47:4f:78:16:c0:
bc:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:11:CA:36:2D:B8:FE:DF:87:C2:1A:40:77:41:BD:D4:4E:ED:7C:2E
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e203633303233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.97.0/24
Signature Algorithm: sha256WithRSAEncryption
90:99:55:9c:b8:00:e8:f3:00:e6:bd:5e:1f:53:d9:19:8b:56:
57:aa:29:a8:fe:c9:2e:fb:e7:70:51:ad:db:d9:ec:3d:81:7d:
85:68:42:ba:f1:e2:93:a7:90:23:6f:76:bb:ff:8a:db:3a:1a:
3b:c4:56:0b:df:37:53:c9:04:bb:87:02:3d:21:0d:13:02:24:
e9:5b:de:b2:93:c6:6b:f0:2c:8c:81:99:0b:72:09:21:9f:dd:
6c:29:ca:b2:5e:92:04:de:ba:f2:b8:53:bd:55:34:d9:13:5b:
99:25:f0:b2:46:8e:9e:50:e5:aa:c8:e1:07:2a:1a:6f:6e:c8:
fe:23:1f:cf:d1:80:ef:7b:a8:1b:6b:b9:56:e5:2d:00:8f:8e:
c3:06:40:8d:aa:42:51:68:7c:17:38:4a:b0:ce:bb:17:c6:9f:
03:82:76:74:64:83:3b:d1:b8:33:a0:48:e5:a1:77:59:ca:71:
19:4a:d7:3d:a0:5d:3d:cc:05:1f:42:fa:01:31:a5:c6:ae:f0:
56:95:5d:a5:9f:61:b7:89:43:59:b9:a4:6f:9a:a3:87:cc:b3:
0f:5e:9d:ed:1d:f6:7a:25:6b:61:06:fd:e3:82:6c:36:a3:f2:
ef:c2:77:82:bd:71:5d:32:e3:08:c8:8a:8c:26:4c:e9:a1:0d:
56:5b:87:9a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUSIEtv3W1E13CwD47kFmXnadvqPswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDAyMjExOTAwMTJaFw0yNTAyMTkxOTA1MTJaMDMxMTAvBgNV
BAMTKDI3MTFDQTM2MkRCOEZFREY4N0MyMUE0MDc3NDFCREQ0NEVFRDdDMkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlZ6NfxORVSoNiyKQ+0zSSYrsf
RaClSN8BMZ6lkAl9h82V/Cph/RWgPfeB6jLrmFQDBICr/r3Fdar2iUgBm1o4ZEON
ZqqIfs8+Rr2xAyo4rQdac8347LpVEEA10Gcvk8fPitR25obvxc7JsgTjIpjxoZUz
7nZkW01x8EOaH/dugdzVT8+wn+gjeKsTrC0OD14IBX+lFXXGlEIYbuA3F3DWFXn5
LuWPguuEB72Rq/spx8mGc0xThTSyF9+FvQTa5yjTdDZ92KEfJcA4Cj/NqjXVYV1c
K3lsf0YXvxrdO6e46xywZtDrxx4kFIynJ0Qy2Xzbsfo4sam2vQtHT3gWwLyzAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUJxHKNi24/t+HwhpAd0G91E7tfC4wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMzMwMzIzMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2J
YTANBgkqhkiG9w0BAQsFAAOCAQEAkJlVnLgA6PMA5r1eH1PZGYtWV6opqP7JLvvn
cFGt29nsPYF9hWhCuvHik6eQI292u/+K2zoaO8RWC983U8kEu4cCPSENEwIk6Vve
spPGa/AsjIGZC3IJIZ/dbCnKsl6SBN668rhTvVU02RNbmSXwskaOnlDlqsjhByoa
b27I/iMfz9GA73uoG2u5VuUtAI+OwwZAjapCUWh8FzhKsM67F8afA4J2dGSDO9G4
M6BI5aF3WcpxGUrXPaBdPcwFH0L6ATGlxq7wVpVdpZ9ht4lDWbmkb5qjh8yzD16d
7R32eiVrYQb944JsNqPy78J3gr1xXTLjCMiKjCZM6aENVluHmg==
-----END CERTIFICATE-----
Generated at Tue May 7 20:08:18 2024 by rpki-client on console-fra.rpki-client.org