Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133392e302f32342d3234203d3e203634353135.roa
File: 34352e39312e3133392e302f32342d3234203d3e203634353135.roa (raw, json)
Hash identifier: YGSCak73+UuXoCIiYkmFcC2pdc+tbXT4hYwRzbQXjm0=
Subject key identifier: 7B:34:AE:01:7B:48:75:CE:2E:46:10:AE:23:3A:21:74:C5:B0:E7:CB
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 4B6574F680DFBF8A86722F2BBAD8B754FB52C8DA
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133392e302f32342d3234203d3e203634353135.roa
Signing time: Tue 11 Jun 2024 13:05:18 +0000
ROA not before: Tue 11 Jun 2024 13:00:18 +0000
ROA not after: Tue 10 Jun 2025 13:05:18 +0000
asID: 64515
IP address blocks: 45.91.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 05:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:65:74:f6:80:df:bf:8a:86:72:2f:2b:ba:d8:b7:54:fb:52:c8:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 11 13:00:18 2024 GMT
Not After : Jun 10 13:05:18 2025 GMT
Subject: CN=7B34AE017B4875CE2E4610AE233A2174C5B0E7CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:db:04:42:d0:9e:dc:9d:44:fc:fa:d5:70:a1:
9d:da:95:6c:59:4c:57:b0:e9:15:b1:84:e2:ca:a1:
6e:53:d1:82:b6:ec:8a:33:80:f6:87:99:71:66:2e:
9d:34:67:84:c6:aa:02:f7:83:8f:c8:8e:0d:f2:42:
19:cf:e0:dc:6f:86:86:df:02:1a:ab:02:4b:76:4b:
58:3e:39:2b:3f:55:c0:3b:d3:5f:4b:d4:77:4c:11:
1e:41:99:21:6b:21:df:d9:9b:8e:a5:1b:0c:7a:2b:
04:eb:d3:ff:ec:63:32:34:ab:1f:3b:64:38:e3:09:
4c:4b:ec:3a:90:36:ef:a2:74:d4:a6:e3:9c:26:d7:
83:d8:e1:5a:06:0a:78:7e:31:c7:ee:63:d0:e7:c8:
3a:e3:0e:3c:61:27:bb:f6:9d:73:c7:d4:54:0b:8e:
68:c7:1c:ea:dc:f1:f4:29:16:25:bf:4a:52:92:0d:
9b:c8:84:88:50:2e:c9:bd:32:af:f7:e0:f1:d4:56:
00:67:0d:73:21:78:8a:7c:be:78:f8:bb:c1:fc:4e:
fd:2d:80:cf:6c:23:77:c1:97:25:c8:57:8b:1a:7d:
c5:68:cf:27:31:20:93:b3:72:3e:63:83:66:9d:81:
b3:5d:f4:56:ec:df:b9:8e:a0:c8:76:d7:a7:8e:82:
8f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:34:AE:01:7B:48:75:CE:2E:46:10:AE:23:3A:21:74:C5:B0:E7:CB
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133392e302f32342d3234203d3e203634353135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.139.0/24
Signature Algorithm: sha256WithRSAEncryption
99:9d:cf:c6:b0:54:a9:27:a2:e8:c0:f1:53:8a:ff:f5:61:1a:
a2:2c:cd:21:51:05:71:62:11:08:45:83:ae:8b:b7:fb:db:e8:
a6:bb:2b:a9:bf:64:cd:e8:fa:c3:ad:6c:3c:28:bc:01:08:d0:
7b:73:7a:5c:ee:62:22:7a:65:61:2d:d0:db:db:07:76:d8:3a:
fd:2e:1a:6b:1d:ac:0f:67:6a:30:2b:f7:2d:89:25:d5:7f:dd:
84:4d:d0:3f:34:f2:6c:97:fe:ef:ba:d0:13:11:37:c5:cd:18:
82:60:e2:ec:93:24:48:2f:c1:a1:6c:51:46:b1:a8:f8:24:db:
c1:62:9d:7f:18:67:15:0c:07:6c:d0:01:32:62:1d:44:78:25:
18:95:2a:fc:cc:0a:f3:09:2a:42:fc:fb:d6:bc:9d:fb:a7:b2:
80:b0:77:64:4a:e6:8f:7c:8c:2c:61:05:a7:c9:cf:7f:a3:e0:
8d:32:92:13:3c:6a:13:f0:48:12:fa:0a:80:ea:cc:bf:99:3d:
23:d5:4e:90:ba:10:85:b5:08:18:16:4c:1c:ed:9d:b8:f8:34:
48:fe:24:d3:16:f7:35:d5:5d:07:af:00:7e:70:79:b2:cd:3c:
23:23:2e:5f:6c:d1:cd:c9:b6:03:6a:29:88:d8:42:82:c3:eb:
ef:53:50:16
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUS2V09oDfv4qGci8ruti3VPtSyNowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA2MTExMzAwMThaFw0yNTA2MTAxMzA1MThaMDMxMTAvBgNV
BAMTKDdCMzRBRTAxN0I0ODc1Q0UyRTQ2MTBBRTIzM0EyMTc0QzVCMEU3Q0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD2wRC0J7cnUT8+tVwoZ3alWxZ
TFew6RWxhOLKoW5T0YK27IozgPaHmXFmLp00Z4TGqgL3g4/Ijg3yQhnP4Nxvhobf
AhqrAkt2S1g+OSs/VcA7019L1HdMER5BmSFrId/Zm46lGwx6KwTr0//sYzI0qx87
ZDjjCUxL7DqQNu+idNSm45wm14PY4VoGCnh+McfuY9DnyDrjDjxhJ7v2nXPH1FQL
jmjHHOrc8fQpFiW/SlKSDZvIhIhQLsm9Mq/34PHUVgBnDXMheIp8vnj4u8H8Tv0t
gM9sI3fBlyXIV4safcVozycxIJOzcj5jg2adgbNd9Fbs37mOoMh216eOgo/DAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUezSuAXtIdc4uRhCuIzohdMWw58swHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzkzMTJlMzEzMzM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzNDM1MzEzNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1b
izANBgkqhkiG9w0BAQsFAAOCAQEAmZ3PxrBUqSei6MDxU4r/9WEaoizNIVEFcWIR
CEWDrou3+9voprsrqb9kzej6w61sPCi8AQjQe3N6XO5iInplYS3Q29sHdtg6/S4a
ax2sD2dqMCv3LYkl1X/dhE3QPzTybJf+77rQExE3xc0YgmDi7JMkSC/BoWxRRrGo
+CTbwWKdfxhnFQwHbNABMmIdRHglGJUq/MwK8wkqQvz71ryd+6eygLB3ZErmj3yM
LGEFp8nPf6PgjTKSEzxqE/BIEvoKgOrMv5k9I9VOkLoQhbUIGBZMHO2duPg0SP4k
0xb3NdVdB68AfnB5ss08IyMuX2zRzcm2A2opiNhCgsPr71NQFg==
-----END CERTIFICATE-----
Generated at Sat Jun 15 15:40:53 2024 by rpki-client on console-ams.rpki-client.org