Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/34362e3138332e32372e302f32342d3234203d3e20383334.roa
File: 34362e3138332e32372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: xjxEfQFhHGqkc/C44qRTxTTSUKOtUUcK4K06YC//jrY=
Subject key identifier: AE:87:D9:E2:A9:38:E9:2D:A0:A0:C9:C1:C7:7A:1B:CD:E0:57:EF:27
Certificate issuer: /CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00
Certificate serial: 7AD6A9765EF9E7474D0294142EBC0F1CAD556EF5
Authority key identifier: 24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/34362e3138332e32372e302f32342d3234203d3e20383334.roa
Signing time: Thu 29 Feb 2024 00:03:49 +0000
ROA not before: Wed 28 Feb 2024 23:58:49 +0000
ROA not after: Thu 27 Feb 2025 00:03:49 +0000
asID: 834
IP address blocks: 46.183.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl
rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft
rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:d6:a9:76:5e:f9:e7:47:4d:02:94:14:2e:bc:0f:1c:ad:55:6e:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00
Validity
Not Before: Feb 28 23:58:49 2024 GMT
Not After : Feb 27 00:03:49 2025 GMT
Subject: CN=AE87D9E2A938E92DA0A0C9C1C77A1BCDE057EF27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:55:28:89:ee:d6:8a:49:e4:15:2b:1b:4f:45:
4c:62:4b:50:10:77:fa:bb:31:01:eb:af:82:4e:ee:
4b:1b:5b:3b:9a:c4:88:77:02:b7:00:bb:c7:ce:04:
ce:94:3f:9a:f0:e2:5c:dd:84:8d:5f:6d:ed:65:ce:
80:51:96:5a:3c:0d:f3:06:63:bf:43:66:92:b4:fb:
99:da:5c:d7:57:9e:dd:ab:0d:e6:28:6b:3e:85:62:
44:fe:90:29:a6:db:04:fb:07:03:28:8f:cb:c7:70:
1e:7b:15:c2:e0:9b:35:bd:7e:e3:fb:1d:cc:b9:be:
b4:13:08:d1:d0:4b:e5:15:9b:2d:9f:58:0c:d0:99:
b9:ca:54:63:3b:fc:cc:0a:f6:b7:58:d2:bc:7b:91:
dd:c0:1d:1a:af:0f:f9:84:53:f2:8c:4a:a7:0a:e2:
b9:46:79:25:d8:fe:a0:e3:3c:7a:80:27:32:d2:f3:
bb:13:60:39:d0:9b:56:ee:15:3a:0f:45:bf:f8:a7:
23:48:02:86:80:1e:91:63:21:9d:62:f4:a6:f9:25:
af:07:c0:fa:a9:e4:f7:85:47:0f:26:70:e1:b1:32:
d1:aa:7c:62:80:90:5c:55:48:1a:c0:2a:2c:83:f1:
d1:8d:cd:09:73:95:c0:96:ac:15:38:32:7f:67:4b:
57:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:87:D9:E2:A9:38:E9:2D:A0:A0:C9:C1:C7:7A:1B:CD:E0:57:EF:27
X509v3 Authority Key Identifier:
keyid:24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/34362e3138332e32372e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.27.0/24
Signature Algorithm: sha256WithRSAEncryption
40:2d:29:84:3a:dc:7c:d4:03:a0:00:2b:94:97:da:37:93:c5:
f6:43:99:ca:34:d1:b0:6e:d1:6d:75:f1:d5:fd:98:eb:be:5f:
dd:b0:ed:b4:54:5d:76:37:31:8c:73:4b:1b:f5:e8:8e:b9:67:
30:44:a2:6c:37:58:f4:ca:1c:bc:5d:9a:91:b1:0c:c5:81:22:
a6:a2:44:7c:e8:5b:56:c8:50:2f:e8:77:11:ef:66:88:f3:02:
9a:44:f2:1f:53:58:d4:70:78:4a:60:9a:fd:20:0b:10:2e:4e:
18:8d:80:dc:a0:43:af:08:64:49:ea:0f:ba:cb:8d:1d:55:d6:
0a:6e:8e:5d:83:cc:a9:16:80:e0:b9:33:69:01:c4:0a:78:53:
3b:71:b2:a7:bc:1f:74:61:3a:22:80:3d:b4:22:86:df:00:f7:
20:2f:d5:f2:ac:01:3a:be:8f:28:99:46:72:a8:d6:a4:34:88:
38:6c:e9:60:38:94:4f:55:13:6e:48:19:42:6a:b0:06:5d:91:
9a:59:37:cc:c2:df:b8:ec:15:1a:c8:89:8b:05:64:f8:12:52:
c9:fa:6e:c8:65:b4:e7:da:29:ab:21:bc:5a:eb:39:ae:8b:ff:
b0:2f:e5:5f:d2:6b:a2:41:f8:e5:a9:9d:4a:28:7d:72:72:c4:
e6:29:9e:d5
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUetapdl7550dNApQULrwPHK1VbvUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjRlNTM3ODhiZDRlZmEyM2IxYTgyMDdiN2U3NGE4ZTFj
YzY3N2IwMDAeFw0yNDAyMjgyMzU4NDlaFw0yNTAyMjcwMDAzNDlaMDMxMTAvBgNV
BAMTKEFFODdEOUUyQTkzOEU5MkRBMEEwQzlDMUM3N0ExQkNERTA1N0VGMjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdVSiJ7taKSeQVKxtPRUxiS1AQ
d/q7MQHrr4JO7ksbWzuaxIh3ArcAu8fOBM6UP5rw4lzdhI1fbe1lzoBRllo8DfMG
Y79DZpK0+5naXNdXnt2rDeYoaz6FYkT+kCmm2wT7BwMoj8vHcB57FcLgmzW9fuP7
Hcy5vrQTCNHQS+UVmy2fWAzQmbnKVGM7/MwK9rdY0rx7kd3AHRqvD/mEU/KMSqcK
4rlGeSXY/qDjPHqAJzLS87sTYDnQm1buFToPRb/4pyNIAoaAHpFjIZ1i9Kb5Ja8H
wPqp5PeFRw8mcOGxMtGqfGKAkFxVSBrAKiyD8dGNzQlzlcCWrBU4Mn9nS1fJAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUrofZ4qk46S2goMnBx3obzeBX7ycwHwYDVR0j
BBgwFoAUJOU3iL1O+iOxqCB7fnSo4cxnewAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMTZhY2I5YTAtNmQxZS00YWU0LTkxNzctZDkzOGU5ODA0
Mzk1LzAvMjRFNTM3ODhCRDRFRkEyM0IxQTgyMDdCN0U3NEE4RTFDQzY3N0IwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0pPVTNpTDFPLWlPeHFDQjdmblNvNGN4
bmV3QS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMTZhY2I5YTAt
NmQxZS00YWU0LTkxNzctZDkzOGU5ODA0Mzk1LzAvMzQzNjJlMzEzODMzMmUzMjM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALrcbMA0G
CSqGSIb3DQEBCwUAA4IBAQBALSmEOtx81AOgACuUl9o3k8X2Q5nKNNGwbtFtdfHV
/Zjrvl/dsO20VF12NzGMc0sb9eiOuWcwRKJsN1j0yhy8XZqRsQzFgSKmokR86FtW
yFAv6HcR72aI8wKaRPIfU1jUcHhKYJr9IAsQLk4YjYDcoEOvCGRJ6g+6y40dVdYK
bo5dg8ypFoDguTNpAcQKeFM7cbKnvB90YToigD20IobfAPcgL9XyrAE6vo8omUZy
qNakNIg4bOlgOJRPVRNuSBlCarAGXZGaWTfMwt+47BUayImLBWT4ElLJ+m7IZbTn
2imrIbxa6zmui/+wL+Vf0muiQfjlqZ1KKH1ycsTmKZ7V
-----END CERTIFICATE-----
Generated at Thu May 2 02:26:22 2024 by rpki-client on console-ams.rpki-client.org