Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/34362e3138332e32392e302f32342d3234203d3e20313734.roa
File: 34362e3138332e32392e302f32342d3234203d3e20313734.roa (raw, json)
Hash identifier: iFoLwhPM2dsVM0j9MR72yEvFI7xyXfHeaQDbIOf/NSg=
Subject key identifier: 61:05:71:0B:9A:B7:57:79:AF:03:A0:03:EF:4B:A1:2E:1C:BB:6C:DF
Certificate issuer: /CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00
Certificate serial: 167F8058BE93970E117988F9DF10757D69D4A741
Authority key identifier: 24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/34362e3138332e32392e302f32342d3234203d3e20313734.roa
Signing time: Thu 08 Aug 2024 12:53:10 +0000
ROA not before: Thu 08 Aug 2024 12:48:10 +0000
ROA not after: Thu 07 Aug 2025 12:53:10 +0000
asID: 174
IP address blocks: 46.183.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl
rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft
rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 08:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:7f:80:58:be:93:97:0e:11:79:88:f9:df:10:75:7d:69:d4:a7:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00
Validity
Not Before: Aug 8 12:48:10 2024 GMT
Not After : Aug 7 12:53:10 2025 GMT
Subject: CN=6105710B9AB75779AF03A003EF4BA12E1CBB6CDF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3d:81:13:b8:a8:73:41:56:ef:c3:a9:75:56:
a4:74:c6:13:e8:fa:68:fe:1f:b0:86:3e:32:92:af:
5f:88:b9:70:4b:cb:bf:5f:45:5c:3e:ad:28:f5:df:
2e:99:88:44:f0:e8:ee:42:7d:88:82:1b:f1:62:4c:
8b:87:ec:7e:98:b5:76:4a:05:23:f2:ea:a6:e3:80:
e2:e4:19:cf:16:39:52:57:c1:2a:d9:45:63:5c:48:
6f:39:19:74:85:0f:e0:f4:1c:b7:94:fc:86:8a:9b:
3b:f9:56:6f:70:8a:79:0a:22:bd:d1:03:1f:0d:5e:
54:1f:8e:f1:83:48:a2:23:6f:70:56:b4:c1:f1:1a:
77:35:65:11:c6:1d:7d:1b:da:51:4f:e9:89:7f:27:
7d:a4:02:ff:bc:70:08:29:e9:8d:02:d2:6b:13:c7:
ee:7d:3e:c8:83:8c:d5:11:ec:9b:93:ca:87:c8:a1:
68:2d:b8:60:82:f7:c8:ee:66:41:c0:69:59:50:fd:
ed:fb:2f:7c:e1:53:91:2c:a4:e8:81:df:6a:65:a3:
25:08:e5:be:55:31:5a:ad:24:d8:e4:95:f8:84:31:
60:90:37:23:06:e3:43:cc:3d:53:3a:6e:f2:48:fa:
06:46:f2:1e:7f:a5:e7:9b:c4:1b:0a:e2:3e:2b:55:
07:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:05:71:0B:9A:B7:57:79:AF:03:A0:03:EF:4B:A1:2E:1C:BB:6C:DF
X509v3 Authority Key Identifier:
keyid:24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/34362e3138332e32392e302f32342d3234203d3e20313734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.29.0/24
Signature Algorithm: sha256WithRSAEncryption
40:d7:8c:89:1b:9b:08:e3:4d:50:c7:c2:a1:eb:8e:f3:33:d4:
8c:93:02:e6:0d:18:f8:3d:5d:c0:1f:56:6c:b6:7f:3c:1e:04:
bf:5d:f6:73:4f:3c:6c:d3:f7:02:29:2b:97:bd:7a:1a:2b:32:
e6:fa:4d:f5:c4:a0:96:3f:4c:f6:86:ac:f3:4a:c7:f0:8b:23:
3d:03:6f:45:29:bb:ac:00:45:7f:0b:c7:bd:8c:51:b4:de:38:
2d:e9:af:1d:a1:63:cd:a5:20:57:dd:de:4f:fc:3b:4e:f0:7e:
78:52:3f:4f:bd:38:85:47:9c:6e:02:b8:19:c2:76:e8:cc:db:
39:20:e4:d3:1b:ad:56:fc:fb:ab:f7:41:d4:54:c0:f1:5e:76:
a9:04:3a:be:ca:3f:92:4e:f7:18:9e:53:67:45:9e:80:d1:8b:
82:cb:96:3f:b7:b3:54:2e:1b:72:4f:6e:0e:eb:d7:86:63:ea:
bf:0c:94:0e:d6:8c:c0:60:04:ca:0b:13:1a:25:9e:a1:cc:3e:
64:eb:51:c1:e2:05:61:8a:1e:6b:fc:70:1c:23:a8:39:1d:9f:
73:89:41:a9:87:d4:8f:14:00:a0:35:83:f5:4e:99:32:b1:ca:
30:be:6d:38:5f:1d:e4:b5:16:2a:a9:ec:33:96:fd:db:49:c1:
42:b7:1c:cb
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUFn+AWL6Tlw4ReYj53xB1fWnUp0EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjRlNTM3ODhiZDRlZmEyM2IxYTgyMDdiN2U3NGE4ZTFj
YzY3N2IwMDAeFw0yNDA4MDgxMjQ4MTBaFw0yNTA4MDcxMjUzMTBaMDMxMTAvBgNV
BAMTKDYxMDU3MTBCOUFCNzU3NzlBRjAzQTAwM0VGNEJBMTJFMUNCQjZDREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRPYETuKhzQVbvw6l1VqR0xhPo
+mj+H7CGPjKSr1+IuXBLy79fRVw+rSj13y6ZiETw6O5CfYiCG/FiTIuH7H6YtXZK
BSPy6qbjgOLkGc8WOVJXwSrZRWNcSG85GXSFD+D0HLeU/IaKmzv5Vm9winkKIr3R
Ax8NXlQfjvGDSKIjb3BWtMHxGnc1ZRHGHX0b2lFP6Yl/J32kAv+8cAgp6Y0C0msT
x+59PsiDjNUR7JuTyofIoWgtuGCC98juZkHAaVlQ/e37L3zhU5EspOiB32ployUI
5b5VMVqtJNjklfiEMWCQNyMG40PMPVM6bvJI+gZG8h5/peebxBsK4j4rVQdbAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUYQVxC5q3V3mvA6AD70uhLhy7bN8wHwYDVR0j
BBgwFoAUJOU3iL1O+iOxqCB7fnSo4cxnewAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMTZhY2I5YTAtNmQxZS00YWU0LTkxNzctZDkzOGU5ODA0
Mzk1LzAvMjRFNTM3ODhCRDRFRkEyM0IxQTgyMDdCN0U3NEE4RTFDQzY3N0IwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0pPVTNpTDFPLWlPeHFDQjdmblNvNGN4
bmV3QS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMTZhY2I5YTAt
NmQxZS00YWU0LTkxNzctZDkzOGU5ODA0Mzk1LzAvMzQzNjJlMzEzODMzMmUzMjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALrcdMA0G
CSqGSIb3DQEBCwUAA4IBAQBA14yJG5sI401Qx8Kh647zM9SMkwLmDRj4PV3AH1Zs
tn88HgS/XfZzTzxs0/cCKSuXvXoaKzLm+k31xKCWP0z2hqzzSsfwiyM9A29FKbus
AEV/C8e9jFG03jgt6a8doWPNpSBX3d5P/DtO8H54Uj9PvTiFR5xuArgZwnbozNs5
IOTTG61W/Pur90HUVMDxXnapBDq+yj+STvcYnlNnRZ6A0YuCy5Y/t7NULhtyT24O
69eGY+q/DJQO1ozAYATKCxMaJZ6hzD5k61HB4gVhih5r/HAcI6g5HZ9ziUGph9SP
FACgNYP1Tpkyscowvm04Xx3ktRYqqewzlv3bScFCtxzL
-----END CERTIFICATE-----
Generated at Tue Oct 22 13:52:03 2024 by rpki-client on console-fra.rpki-client.org