Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20313938313730.roa
File: 34352e382e3231372e302f32342d3234203d3e20313938313730.roa (raw, json)
Hash identifier: Ob3MOJmZzadtJRD3uWgJZK1DBUMLMxphttJbHhV2mXE=
Subject key identifier: 0B:8E:8B:18:E2:2A:34:DA:B2:C1:23:21:28:DB:6A:89:D5:A2:85:61
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 51198E0E9A3B347219EA84BA779227E66D5B937D
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20313938313730.roa
Signing time: Sun 18 Jun 2023 12:01:02 +0000
ROA not before: Sun 18 Jun 2023 11:56:02 +0000
ROA not after: Sun 16 Jun 2024 12:01:02 +0000
asID: 198170
IP address blocks: 45.8.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 15 May 2024 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:19:8e:0e:9a:3b:34:72:19:ea:84:ba:77:92:27:e6:6d:5b:93:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jun 18 11:56:02 2023 GMT
Not After : Jun 16 12:01:02 2024 GMT
Subject: CN=0B8E8B18E22A34DAB2C1232128DB6A89D5A28561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:14:9a:cd:f3:e2:af:1a:85:ed:76:05:bd:6a:
96:d4:7d:e7:4a:8f:c2:47:1a:46:d1:6d:06:6c:1e:
30:dc:e5:14:59:f1:0a:77:da:38:73:c5:53:0e:80:
a2:05:76:f6:d4:62:85:03:ad:82:d1:74:31:ad:8e:
8e:a8:42:f7:c8:e4:2f:37:cb:71:18:a1:ae:10:a9:
19:ec:fe:2f:f6:a0:e6:1b:7e:46:89:be:63:2a:90:
13:47:fe:0a:97:13:ba:c6:ce:b7:02:c8:8f:34:6a:
fa:db:3c:56:c4:98:87:71:cb:d0:be:b3:26:03:0b:
1a:75:90:0f:d0:7a:37:3a:57:b9:67:8c:48:13:36:
da:3e:f8:6c:24:e9:4f:2c:b2:26:37:9f:9a:6e:5a:
73:45:3e:ce:60:0e:9e:81:6c:a7:09:d9:08:4e:e6:
2c:ad:6d:17:e7:9a:f5:28:4f:bd:81:8f:e5:89:df:
7f:af:9f:f3:e8:20:18:3a:fb:e5:82:c2:9f:fe:8c:
f3:da:b6:d4:db:3c:1a:45:57:20:6d:25:fc:d8:13:
91:3a:47:50:74:27:d6:0f:cf:a5:df:af:0d:f2:66:
26:ed:04:13:98:e3:27:eb:de:1f:a1:7f:82:89:70:
9c:0f:e0:0c:58:b9:25:67:6f:dc:aa:37:af:62:51:
f4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:8E:8B:18:E2:2A:34:DA:B2:C1:23:21:28:DB:6A:89:D5:A2:85:61
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20313938313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.217.0/24
Signature Algorithm: sha256WithRSAEncryption
78:96:d7:40:06:79:3e:d0:01:a8:40:76:6c:61:de:cd:9d:b8:
d1:c3:1e:d7:02:23:d9:7e:bb:35:58:b8:58:a1:03:13:be:42:
cb:60:4c:d1:88:74:98:99:ad:f5:8f:7a:7b:f6:16:8f:4d:f9:
ea:23:c8:f4:f8:cc:e8:74:00:15:9c:f1:42:6c:51:fd:b0:28:
bc:8c:50:80:03:7f:c6:e1:61:ee:3a:59:a4:b2:f1:c1:8a:6c:
ea:77:1b:17:f7:56:76:a0:6a:c0:4a:01:4d:72:21:c7:8d:c7:
ad:b5:71:50:ae:e2:52:c7:3b:83:46:6b:7a:33:32:eb:39:fd:
54:bb:fa:28:6d:c5:0d:44:68:5a:13:5a:b8:59:1f:47:8c:f2:
7e:aa:78:a7:d2:f9:9c:9a:ef:1e:7d:77:d8:ef:ed:74:ec:cf:
35:08:c4:5c:f7:ae:3f:90:26:ba:56:1e:a1:6d:f8:e3:05:4c:
5a:aa:78:bd:bf:a4:ed:c6:b0:f6:6a:6a:b3:80:c2:6f:23:61:
a6:8d:52:c6:76:a5:ba:18:01:f0:e5:38:58:3a:f4:77:6e:fc:
4d:3a:89:1c:93:94:f7:dc:44:d5:5c:63:47:33:be:5a:21:d9:
d5:06:6f:69:d8:10:ab:d0:72:1d:85:63:63:bd:e4:86:95:15:
e8:66:22:2b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUURmODpo7NHIZ6oS6d5In5m1bk30wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzA2MTgxMTU2MDJaFw0yNDA2MTYxMjAxMDJaMDMxMTAvBgNV
BAMTKDBCOEU4QjE4RTIyQTM0REFCMkMxMjMyMTI4REI2QTg5RDVBMjg1NjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjFJrN8+KvGoXtdgW9apbUfedK
j8JHGkbRbQZsHjDc5RRZ8Qp32jhzxVMOgKIFdvbUYoUDrYLRdDGtjo6oQvfI5C83
y3EYoa4QqRns/i/2oOYbfkaJvmMqkBNH/gqXE7rGzrcCyI80avrbPFbEmIdxy9C+
syYDCxp1kA/Qejc6V7lnjEgTNto++Gwk6U8ssiY3n5puWnNFPs5gDp6BbKcJ2QhO
5iytbRfnmvUoT72Bj+WJ33+vn/PoIBg6++WCwp/+jPPattTbPBpFVyBtJfzYE5E6
R1B0J9YPz6Xfrw3yZibtBBOY4yfr3h+hf4KJcJwP4AxYuSVnb9yqN69iUfRLAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUC46LGOIqNNqywSMhKNtqidWihWEwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzgyZTMyMzEzNzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzkzODMxMzczMC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0I
2TANBgkqhkiG9w0BAQsFAAOCAQEAeJbXQAZ5PtABqEB2bGHezZ240cMe1wIj2X67
NVi4WKEDE75Cy2BM0Yh0mJmt9Y96e/YWj0356iPI9PjM6HQAFZzxQmxR/bAovIxQ
gAN/xuFh7jpZpLLxwYps6ncbF/dWdqBqwEoBTXIhx43HrbVxUK7iUsc7g0ZrejMy
6zn9VLv6KG3FDURoWhNauFkfR4zyfqp4p9L5nJrvHn132O/tdOzPNQjEXPeuP5Am
ulYeoW344wVMWqp4vb+k7caw9mpqs4DCbyNhpo1SxnaluhgB8OU4WDr0d278TTqJ
HJOU99xE1VxjRzO+WiHZ1QZvadgQq9ByHYVjY73khpUV6GYiKw==
-----END CERTIFICATE-----
Generated at Wed May 15 03:59:44 2024 by rpki-client on console-fra.rpki-client.org