Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
File: AS834.roa (raw, json)
Hash identifier: Pxq2NJdAoWgkb4bNaivufxUP4YXTggfQT22Z6F4Cg8k=
Subject key identifier: BC:1D:EF:59:58:48:A6:58:67:91:18:06:C3:E9:06:5A:27:EA:BE:E1
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3F47592AEA80064967E3E7A8126E0F3B4252EC62
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
Signing time: Wed 01 May 2024 00:03:50 +0000
ROA not before: Tue 30 Apr 2024 23:58:50 +0000
ROA not after: Wed 30 Apr 2025 00:03:50 +0000
asID: 834
IP address blocks: 146.103.32.0/24 maxlen: 24
146.103.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:47:59:2a:ea:80:06:49:67:e3:e7:a8:12:6e:0f:3b:42:52:ec:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 30 23:58:50 2024 GMT
Not After : Apr 30 00:03:50 2025 GMT
Subject: CN=BC1DEF595848A65867911806C3E9065A27EABEE1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:2c:64:d6:0a:15:3a:9f:40:48:1f:50:63:92:
9e:de:b9:0c:dc:5e:60:db:3c:66:dd:6d:2e:64:c0:
64:6a:11:ed:82:43:91:76:5b:e9:b7:ef:66:ff:43:
ec:4d:b7:9b:ef:f7:30:b7:82:4d:f2:27:42:d7:eb:
1e:c8:82:8e:79:12:3d:6f:ce:12:0f:20:6b:5f:a3:
68:20:6f:bf:cc:c7:f2:04:7d:8c:fc:e9:b4:1b:de:
53:88:49:e3:c9:29:64:a0:98:d5:e1:a0:82:6e:53:
4b:b2:6b:b5:63:41:2a:45:7b:e3:ab:d4:98:f9:a1:
2e:65:c9:dd:81:12:5a:47:a9:32:5a:eb:ef:f5:82:
31:a4:8a:5a:77:24:ec:4e:c9:61:3c:2a:d2:ee:14:
7c:6a:82:89:9d:b2:4d:8f:51:ac:12:15:a8:e7:43:
7b:29:08:5b:ac:27:19:bc:9f:af:85:b6:11:ca:7f:
52:a7:bd:b9:a2:a0:25:95:8d:da:11:f6:a9:11:0c:
ee:5c:57:32:8f:0e:4b:05:6b:c5:b6:3b:1e:71:73:
15:3a:c3:99:10:41:53:fe:5f:58:78:12:7d:2b:d2:
91:c5:7c:37:85:db:07:bc:10:93:23:0e:fc:5b:2d:
40:0c:b3:6e:be:a4:88:16:ce:10:b9:99:fc:03:27:
dc:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:1D:EF:59:58:48:A6:58:67:91:18:06:C3:E9:06:5A:27:EA:BE:E1
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.32.0/24
146.103.44.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:9f:e5:c3:b2:fd:d3:e1:71:2d:c2:35:a1:77:db:70:2a:58:
e3:16:6a:8d:f6:f2:1c:ef:68:ef:ab:73:1f:92:7f:9d:a6:86:
c8:73:0c:25:40:cb:b7:4e:48:76:44:45:5c:2d:0c:fa:fc:40:
5a:fb:bf:82:f6:9f:b9:03:b3:f2:2c:cf:e7:75:f1:46:c7:12:
00:40:18:ee:7f:03:f8:9b:6c:26:94:1e:6e:3e:bb:4d:83:1f:
43:d1:39:99:b6:e6:00:55:43:15:42:66:a1:34:7a:b0:10:99:
46:25:4a:39:f8:17:7e:14:e6:86:c7:db:11:f3:19:94:cc:37:
59:2f:62:a2:ea:c8:54:a8:6e:ad:69:8d:3f:77:dc:8d:0f:cc:
fc:96:f0:b4:f3:8e:fc:3a:91:a0:06:69:48:15:92:5f:49:e2:
d4:cf:71:b3:50:8e:65:59:69:83:d4:10:9d:be:89:65:b9:ba:
a8:1f:de:db:7f:82:04:85:da:9f:93:ee:1d:d8:e8:30:0c:e8:
25:9f:14:12:d6:3f:58:55:ad:15:10:17:4b:90:1e:76:72:88:
c4:56:ec:35:9d:28:a5:7a:75:51:70:65:77:22:ec:29:98:06:
3f:77:39:7a:25:eb:6b:70:e4:71:a1:90:82:1e:d7:d9:5f:e6:
5f:db:06:27
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUP0dZKuqABkln4+eoEm4PO0JS7GIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA0MzAyMzU4NTBaFw0yNTA0MzAwMDAzNTBaMDMxMTAvBgNV
BAMTKEJDMURFRjU5NTg0OEE2NTg2NzkxMTgwNkMzRTkwNjVBMjdFQUJFRTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWLGTWChU6n0BIH1Bjkp7euQzc
XmDbPGbdbS5kwGRqEe2CQ5F2W+m372b/Q+xNt5vv9zC3gk3yJ0LX6x7Igo55Ej1v
zhIPIGtfo2ggb7/Mx/IEfYz86bQb3lOISePJKWSgmNXhoIJuU0uya7VjQSpFe+Or
1Jj5oS5lyd2BElpHqTJa6+/1gjGkilp3JOxOyWE8KtLuFHxqgomdsk2PUawSFajn
Q3spCFusJxm8n6+FthHKf1KnvbmioCWVjdoR9qkRDO5cVzKPDksFa8W2Ox5xcxU6
w5kQQVP+X1h4En0r0pHFfDeF2we8EJMjDvxbLUAMs26+pIgWzhC5mfwDJ9wJAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUvB3vWVhIplhnkRgGw+kGWifqvuEwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkmcgAwQA
kmcsMA0GCSqGSIb3DQEBCwUAA4IBAQCcn+XDsv3T4XEtwjWhd9twKljjFmqN9vIc
72jvq3Mfkn+dpobIcwwlQMu3Tkh2REVcLQz6/EBa+7+C9p+5A7PyLM/ndfFGxxIA
QBjufwP4m2wmlB5uPrtNgx9D0TmZtuYAVUMVQmahNHqwEJlGJUo5+Bd+FOaGx9sR
8xmUzDdZL2Ki6shUqG6taY0/d9yND8z8lvC08478OpGgBmlIFZJfSeLUz3GzUI5l
WWmD1BCdvollubqoH97bf4IEhdqfk+4d2OgwDOglnxQS1j9YVa0VEBdLkB52cojE
Vuw1nSilenVRcGV3IuwpmAY/dzl6JetrcORxoZCCHtfZX+Zf2wYn
-----END CERTIFICATE-----
Generated at Thu May 2 00:23:40 2024 by rpki-client on console-fra.rpki-client.org