Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133302e3232342e302f32322d3234203d3e20323031333431.roa
File: 34352e3133302e3232342e302f32322d3234203d3e20323031333431.roa (raw, json)
Hash identifier: 5eU+sVViEREjp4lPL1eTjFOjbe+yvyUseO4lG4VfgaA=
Subject key identifier: 6C:42:3E:76:6B:D5:F5:15:26:0C:70:95:8C:1E:F5:33:5B:94:4F:F6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6F1FBD1BA36B3E355B8AC1D9CF1191482C2846DC
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133302e3232342e302f32322d3234203d3e20323031333431.roa
Signing time: Thu 31 Aug 2023 14:08:13 +0000
ROA not before: Thu 31 Aug 2023 14:03:13 +0000
ROA not after: Thu 29 Aug 2024 14:08:13 +0000
asID: 201341
IP address blocks: 45.130.224.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 16:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:1f:bd:1b:a3:6b:3e:35:5b:8a:c1:d9:cf:11:91:48:2c:28:46:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 31 14:03:13 2023 GMT
Not After : Aug 29 14:08:13 2024 GMT
Subject: CN=6C423E766BD5F515260C70958C1EF5335B944FF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:f8:ef:b0:29:7b:a2:5b:38:ff:08:c2:71:61:
42:a1:3c:06:55:b9:e2:8a:e8:0a:68:c6:aa:60:ec:
ca:09:50:36:9b:5f:85:fe:74:03:7a:0e:a1:10:9b:
79:f3:39:ac:f6:53:37:09:26:f1:82:53:60:ba:b6:
d5:3a:b4:c0:20:ea:46:77:28:e3:9a:5f:95:ae:4a:
f9:64:78:04:b6:de:55:ba:cc:09:72:15:f7:4b:82:
a9:04:94:57:26:38:df:af:e7:7a:b5:78:e6:dc:59:
00:de:01:41:fc:28:29:09:6b:da:61:9b:0f:88:ad:
4f:d1:36:09:0d:87:02:4c:57:4d:ff:91:7d:e4:28:
ed:74:1a:50:95:08:e3:71:93:6f:04:08:04:95:82:
1f:ff:2c:90:bf:a1:0e:db:ea:ff:ef:25:5f:9f:b2:
6d:4c:81:a0:f2:88:fe:1f:c3:ba:67:d2:6d:1a:c3:
4d:15:05:ac:9d:0e:6c:78:43:6c:ba:67:cd:5c:58:
e1:48:75:90:a6:f0:7d:10:35:a4:dd:9f:36:c3:19:
3c:0d:f1:1d:a5:00:c3:c9:ae:a3:68:60:c3:6d:55:
75:ab:82:2e:92:cb:d1:97:34:f9:2b:a2:30:0f:a5:
4f:3e:79:e9:24:fe:36:65:0a:91:ad:fd:65:34:a0:
0f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:42:3E:76:6B:D5:F5:15:26:0C:70:95:8C:1E:F5:33:5B:94:4F:F6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133302e3232342e302f32322d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.224.0/22
Signature Algorithm: sha256WithRSAEncryption
49:8a:5c:22:0a:96:91:47:c3:7c:1c:b0:42:6d:09:5e:ae:02:
0f:a2:3c:fe:b7:f7:0c:8c:2e:58:95:52:db:78:58:c2:c1:18:
e6:25:79:5a:a2:c1:58:59:6e:be:11:ff:93:7a:ae:b6:88:94:
22:0c:09:87:54:44:21:d0:ee:32:0d:00:8d:65:86:80:4e:a8:
02:2b:71:06:8b:19:03:34:7b:e0:b1:03:b2:91:a9:77:93:03:
48:42:7a:fd:e7:2a:5b:55:c8:5a:69:0d:38:24:8b:5f:c3:a9:
f0:cd:5d:3e:13:96:d4:50:38:20:7c:5f:21:de:e7:11:68:f4:
19:b0:2b:40:88:7c:5f:3b:dc:9e:f5:7e:d7:a3:e7:7e:10:42:
1f:10:ba:26:fd:7b:9f:0c:b3:7f:d0:43:e6:3e:d5:04:df:63:
4b:ed:a4:85:1b:41:f6:95:e5:81:9a:72:e6:ae:2a:08:13:00:
fd:60:43:7a:1b:36:ae:82:92:20:14:fa:71:90:ac:05:47:9b:
85:f1:ed:b7:85:8f:d9:62:c3:8a:d4:65:bd:94:6e:b5:a7:53:
69:4e:2d:46:7f:ff:0b:ce:10:d0:60:dd:f1:6e:0e:84:48:17:
63:58:f4:f2:4d:3c:b4:04:b3:a3:b3:72:88:7c:fd:cd:21:52:
e2:8c:41:94
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUbx+9G6NrPjVbisHZzxGRSCwoRtwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA4MzExNDAzMTNaFw0yNDA4MjkxNDA4MTNaMDMxMTAvBgNV
BAMTKDZDNDIzRTc2NkJENUY1MTUyNjBDNzA5NThDMUVGNTMzNUI5NDRGRjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDr+O+wKXuiWzj/CMJxYUKhPAZV
ueKK6Apoxqpg7MoJUDabX4X+dAN6DqEQm3nzOaz2UzcJJvGCU2C6ttU6tMAg6kZ3
KOOaX5WuSvlkeAS23lW6zAlyFfdLgqkElFcmON+v53q1eObcWQDeAUH8KCkJa9ph
mw+IrU/RNgkNhwJMV03/kX3kKO10GlCVCONxk28ECASVgh//LJC/oQ7b6v/vJV+f
sm1MgaDyiP4fw7pn0m0aw00VBaydDmx4Q2y6Z81cWOFIdZCm8H0QNaTdnzbDGTwN
8R2lAMPJrqNoYMNtVXWrgi6Sy9GXNPkrojAPpU8+eekk/jZlCpGt/WU0oA8XAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUbEI+dmvV9RUmDHCVjB71M1uUT/YwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzMzMwMmUzMjMy
MzQyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAItguAwDQYJKoZIhvcNAQELBQADggEBAEmKXCIKlpFHw3wcsEJtCV6uAg+iPP63
9wyMLliVUtt4WMLBGOYleVqiwVhZbr4R/5N6rraIlCIMCYdURCHQ7jINAI1lhoBO
qAIrcQaLGQM0e+CxA7KRqXeTA0hCev3nKltVyFppDTgki1/DqfDNXT4TltRQOCB8
XyHe5xFo9BmwK0CIfF873J71ftej534QQh8Quib9e58Ms3/QQ+Y+1QTfY0vtpIUb
QfaV5YGacuauKggTAP1gQ3obNq6CkiAU+nGQrAVHm4Xx7beFj9liw4rUZb2UbrWn
U2lOLUZ//wvOENBg3fFuDoRIF2NY9PJNPLQEs6Ozcoh8/c0hUuKMQZQ=
-----END CERTIFICATE-----
Generated at Mon May 20 19:28:04 2024 by rpki-client on console-fra.rpki-client.org