Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31342e39312e302f32342d3234203d3e20383334.roa
File: 34352e31342e39312e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 8xYBNbAQh7dTHr6qM204MuS0b8YCZ6jdOT0fReeq9WY=
Subject key identifier: 69:F8:FD:EB:D9:C3:AF:D5:FF:97:4C:3D:E8:C7:21:53:5F:A0:D3:53
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 14D8BAA4104F99C9686D6BA3490754A612930114
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31342e39312e302f32342d3234203d3e20383334.roa
Signing time: Wed 26 Jul 2023 09:55:14 +0000
ROA not before: Wed 26 Jul 2023 09:50:14 +0000
ROA not after: Wed 24 Jul 2024 09:55:14 +0000
asID: 834
IP address blocks: 45.14.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:d8:ba:a4:10:4f:99:c9:68:6d:6b:a3:49:07:54:a6:12:93:01:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 26 09:50:14 2023 GMT
Not After : Jul 24 09:55:14 2024 GMT
Subject: CN=69F8FDEBD9C3AFD5FF974C3DE8C721535FA0D353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:73:21:8b:52:3f:82:49:b6:f8:2e:db:2d:3f:
96:2e:6c:15:6e:4c:0f:ab:80:2d:f5:e6:56:93:31:
96:a2:84:f4:15:3c:78:a7:9e:15:58:ec:a9:de:2c:
3c:38:32:5f:aa:5d:f6:0a:8d:8f:60:21:b0:b3:27:
22:3f:b9:8e:2b:a9:40:3a:2c:d6:45:0d:36:39:6f:
46:31:08:8f:fc:55:ed:7e:04:bb:9e:80:34:9f:ac:
2e:af:c5:24:9a:d0:2b:b7:7d:1d:ca:a9:51:dd:34:
b9:76:4d:ca:99:08:e9:1b:c1:c6:0e:c9:20:d2:35:
c5:a5:78:d1:36:78:a8:ad:99:3c:f1:17:12:72:ed:
43:55:f5:46:6a:0f:a4:69:f8:62:f9:d2:8a:03:5c:
b6:06:eb:63:27:ea:6c:32:02:9d:9c:b0:dd:dd:87:
e0:7c:11:af:7b:bd:45:7e:fe:dc:7a:2c:f1:13:a1:
7d:17:7b:f4:67:1e:22:49:06:39:e3:36:70:87:50:
e2:52:32:68:36:9e:17:64:32:b6:cf:51:ed:af:71:
59:68:78:00:82:af:8d:3f:65:02:ed:bb:d8:a5:74:
7e:00:ec:9a:1a:08:a3:23:23:c3:53:d0:21:ea:db:
16:ed:21:c4:ff:3f:94:79:ef:0f:f5:9a:7e:a2:bb:
99:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F8:FD:EB:D9:C3:AF:D5:FF:97:4C:3D:E8:C7:21:53:5F:A0:D3:53
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31342e39312e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.91.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:7a:61:2c:37:ed:b9:6e:ae:81:89:a7:63:0c:61:9c:71:af:
88:0c:43:1d:f7:e9:ca:f3:21:b9:21:0f:ee:b1:5c:5c:78:cb:
50:a0:5a:0a:a0:97:f3:2b:e0:03:2a:dd:72:66:18:74:f6:44:
ea:94:b1:64:38:a6:b1:76:fe:5e:a7:f2:ac:3e:42:09:79:e7:
2e:e0:2f:4c:35:91:08:c4:3e:33:70:e2:93:28:50:c6:eb:29:
94:f6:71:f0:3c:69:e4:a6:93:e4:3a:5a:5b:34:66:3a:b5:a6:
10:64:14:2b:9a:fa:1d:3b:2d:c4:8c:48:2c:86:72:13:ca:66:
7c:3e:0e:62:e0:d2:17:66:ad:a7:84:42:a5:54:6a:93:56:a7:
60:ad:c7:e0:19:1a:50:7c:42:38:79:d5:07:d1:f5:ec:4a:c2:
df:40:e9:cc:76:c4:e8:cf:e1:7a:2d:a4:7c:06:eb:36:f0:db:
82:98:7f:10:5a:b7:97:cd:93:d7:86:f3:0a:b7:66:e9:c6:f7:
66:2d:b4:06:2f:ed:ab:67:7a:e6:6a:7f:1d:d1:4c:ce:61:ab:
9e:e8:50:dd:1f:18:7d:c1:f7:84:f0:e4:1e:75:6d:c4:d9:9b:
43:5d:75:a2:2c:f2:37:6b:d7:08:9f:70:54:fb:80:35:69:f8:
a8:71:cf:e1
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUFNi6pBBPmclobWujSQdUphKTARQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA3MjYwOTUwMTRaFw0yNDA3MjQwOTU1MTRaMDMxMTAvBgNV
BAMTKDY5RjhGREVCRDlDM0FGRDVGRjk3NEMzREU4QzcyMTUzNUZBMEQzNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBcyGLUj+CSbb4LtstP5YubBVu
TA+rgC315laTMZaihPQVPHinnhVY7KneLDw4Ml+qXfYKjY9gIbCzJyI/uY4rqUA6
LNZFDTY5b0YxCI/8Ve1+BLuegDSfrC6vxSSa0Cu3fR3KqVHdNLl2TcqZCOkbwcYO
ySDSNcWleNE2eKitmTzxFxJy7UNV9UZqD6Rp+GL50ooDXLYG62Mn6mwyAp2csN3d
h+B8Ea97vUV+/tx6LPEToX0Xe/RnHiJJBjnjNnCHUOJSMmg2nhdkMrbPUe2vcVlo
eACCr40/ZQLtu9ildH4A7JoaCKMjI8NT0CHq2xbtIcT/P5R57w/1mn6iu5njAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUafj969nDr9X/l0w96MchU1+g01MwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzNDJlMzkzMTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0OWzANBgkq
hkiG9w0BAQsFAAOCAQEALnphLDftuW6ugYmnYwxhnHGviAxDHffpyvMhuSEP7rFc
XHjLUKBaCqCX8yvgAyrdcmYYdPZE6pSxZDimsXb+XqfyrD5CCXnnLuAvTDWRCMQ+
M3DikyhQxusplPZx8Dxp5KaT5DpaWzRmOrWmEGQUK5r6HTstxIxILIZyE8pmfD4O
YuDSF2atp4RCpVRqk1anYK3H4BkaUHxCOHnVB9H17ErC30DpzHbE6M/hei2kfAbr
NvDbgph/EFq3l82T14bzCrdm6cb3Zi20Bi/tq2d65mp/HdFMzmGrnuhQ3R8YfcH3
hPDkHnVtxNmbQ111oizyN2vXCJ9wVPuANWn4qHHP4Q==
-----END CERTIFICATE-----
Generated at Thu May 2 05:35:07 2024 by rpki-client on console-fra.rpki-client.org