Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133382e3234302e302f32322d3232203d3e20323031333431.roa
File: 34352e3133382e3234302e302f32322d3232203d3e20323031333431.roa (raw, json)
Hash identifier: Oo8dkiyLTHckoep7lfryyZGxKCFul5kI/Mi3/kyxAP4=
Subject key identifier: 9F:25:9E:A5:A1:DC:87:B7:71:C7:95:E5:D3:5C:7B:F6:0C:93:67:1A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 32C47E5A15BB8B98DD6171E68D947E6C5966D1F9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133382e3234302e302f32322d3232203d3e20323031333431.roa
Signing time: Wed 01 May 2024 12:03:34 +0000
ROA not before: Wed 01 May 2024 11:58:34 +0000
ROA not after: Wed 30 Apr 2025 12:03:34 +0000
asID: 201341
IP address blocks: 45.138.240.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 16:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:c4:7e:5a:15:bb:8b:98:dd:61:71:e6:8d:94:7e:6c:59:66:d1:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 1 11:58:34 2024 GMT
Not After : Apr 30 12:03:34 2025 GMT
Subject: CN=9F259EA5A1DC87B771C795E5D35C7BF60C93671A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:88:e9:a2:1e:d3:d9:52:5b:6e:9b:7b:aa:09:
e3:99:88:79:76:2f:31:ec:42:b1:3b:9f:44:fa:07:
a2:06:8d:99:59:3b:dd:bc:e8:e9:61:95:04:6c:cd:
fa:45:82:c7:e4:6a:41:3a:9f:21:ec:7e:6d:aa:c4:
65:80:1c:53:59:f8:57:eb:8b:a0:4b:61:8c:b5:8c:
57:ab:b7:7f:0a:5b:40:ad:00:96:64:81:98:4f:6f:
91:55:69:fc:97:57:8b:6b:5d:4b:ee:0a:d9:ea:9b:
18:29:07:86:77:05:95:e4:1a:b8:1c:1c:cb:65:0b:
4e:c6:e9:b2:7d:65:9a:d8:16:f7:4f:2e:fc:d9:e1:
50:8c:2a:e2:85:83:c2:e0:77:d3:a5:f4:4a:69:8d:
df:fc:88:50:53:38:ef:2b:ac:f5:a4:c1:8c:86:cf:
44:ce:83:36:bd:ff:3b:f7:c0:91:71:79:ce:44:bf:
bb:1e:26:c8:88:a6:c3:8d:fb:7a:27:0b:14:c3:6e:
af:17:84:21:fa:42:b5:db:3c:9b:24:a9:b6:c9:7d:
14:0c:91:f2:20:95:d6:55:29:80:8d:76:82:f1:b2:
ab:62:43:65:46:1d:1d:8c:92:ca:14:7f:df:2c:f7:
72:d2:d6:16:35:f9:10:3e:e4:5c:65:c9:d9:9b:15:
9b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:25:9E:A5:A1:DC:87:B7:71:C7:95:E5:D3:5C:7B:F6:0C:93:67:1A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133382e3234302e302f32322d3232203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.240.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:51:8e:79:c0:32:6c:e6:cf:53:61:b7:42:3e:ef:ef:1f:8c:
66:78:bd:fc:60:0b:09:cf:a7:78:61:f8:e8:2b:20:9a:e1:33:
ba:0a:c2:18:55:c7:94:8c:1c:cb:cb:fa:ec:e1:18:ad:71:d0:
8f:f6:9c:db:49:78:da:3b:6e:4e:e4:7d:88:5b:15:34:a3:5f:
38:d8:06:a7:74:f5:48:e3:1e:37:a1:0e:7c:ac:86:c7:24:54:
ec:d0:1f:9b:4b:5d:4d:13:8c:24:9e:ab:36:98:37:a4:a0:d1:
84:7f:5d:7d:08:3f:89:76:39:c5:52:cb:fb:33:dc:ed:5e:4b:
45:3f:bb:d9:bf:c5:4f:a2:63:84:ae:f6:4b:18:5d:b0:f8:15:
58:42:8a:b3:a0:85:a1:19:22:dd:4a:2a:e9:dd:e7:bc:f3:58:
d7:c0:b0:46:2f:e8:ba:e1:6f:2b:5b:cb:19:5e:81:ea:cc:36:
74:bf:8c:26:3c:c4:a3:c0:94:0a:79:e1:d1:90:a6:c9:08:5c:
84:6c:10:1e:ce:29:84:3f:ac:9f:7e:bf:71:75:56:6c:89:8f:
bd:88:37:92:4c:b9:63:03:65:4e:c1:da:33:c4:83:71:58:49:
9b:4f:39:bd:08:00:73:f9:5d:d2:6b:bc:ee:0b:2c:ea:b1:62:
54:2f:1e:a5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMsR+WhW7i5jdYXHmjZR+bFlm0fkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MDExMTU4MzRaFw0yNTA0MzAxMjAzMzRaMDMxMTAvBgNV
BAMTKDlGMjU5RUE1QTFEQzg3Qjc3MUM3OTVFNUQzNUM3QkY2MEM5MzY3MUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEiOmiHtPZUltum3uqCeOZiHl2
LzHsQrE7n0T6B6IGjZlZO9286OlhlQRszfpFgsfkakE6nyHsfm2qxGWAHFNZ+Ffr
i6BLYYy1jFert38KW0CtAJZkgZhPb5FVafyXV4trXUvuCtnqmxgpB4Z3BZXkGrgc
HMtlC07G6bJ9ZZrYFvdPLvzZ4VCMKuKFg8Lgd9Ol9Eppjd/8iFBTOO8rrPWkwYyG
z0TOgza9/zv3wJFxec5Ev7seJsiIpsON+3onCxTDbq8XhCH6QrXbPJskqbbJfRQM
kfIgldZVKYCNdoLxsqtiQ2VGHR2MksoUf98s93LS1hY1+RA+5FxlydmbFZsZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUnyWepaHch7dxx5Xl01x79gyTZxowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzMzM4MmUzMjM0
MzAyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAItivAwDQYJKoZIhvcNAQELBQADggEBAC9RjnnAMmzmz1Nht0I+7+8fjGZ4vfxg
CwnPp3hh+OgrIJrhM7oKwhhVx5SMHMvL+uzhGK1x0I/2nNtJeNo7bk7kfYhbFTSj
XzjYBqd09UjjHjehDnyshsckVOzQH5tLXU0TjCSeqzaYN6Sg0YR/XX0IP4l2OcVS
y/sz3O1eS0U/u9m/xU+iY4Su9ksYXbD4FVhCirOghaEZIt1KKund57zzWNfAsEYv
6LrhbytbyxlegerMNnS/jCY8xKPAlAp54dGQpskIXIRsEB7OKYQ/rJ9+v3F1VmyJ
j72IN5JMuWMDZU7B2jPEg3FYSZtPOb0IAHP5XdJrvO4LLOqxYlQvHqU=
-----END CERTIFICATE-----
Generated at Mon May 20 19:28:05 2024 by rpki-client on console-fra.rpki-client.org