Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20323136303232.roa
File: 34352e382e3231372e302f32342d3234203d3e20323136303232.roa (raw, json)
Hash identifier: IZ1FK1LtUNnpDGA40P5RIJ6ZOXsvB1S0Y5ORDGh7xcg=
Subject key identifier: AE:68:06:BA:90:45:23:C2:BB:B2:7E:74:B3:1D:0F:74:26:28:16:24
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 5D74002BA02F0174E5808D7EC488B2D6F8D82C08
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20323136303232.roa
Signing time: Sat 18 Jan 2025 14:50:45 +0000
ROA not before: Sat 18 Jan 2025 14:45:45 +0000
ROA not after: Sat 17 Jan 2026 14:50:45 +0000
asID: 216022
IP address blocks: 45.8.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:74:00:2b:a0:2f:01:74:e5:80:8d:7e:c4:88:b2:d6:f8:d8:2c:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jan 18 14:45:45 2025 GMT
Not After : Jan 17 14:50:45 2026 GMT
Subject: CN=AE6806BA904523C2BBB27E74B31D0F7426281624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:14:c7:8e:74:3a:a2:6a:cf:66:88:4f:1d:d3:
b3:6f:2d:e8:84:c3:78:90:cc:3c:54:1f:5c:6a:ae:
a3:59:98:c5:7d:c3:66:20:7f:16:90:23:28:0b:2f:
a2:02:47:9a:9b:15:7b:ea:43:64:3b:94:d0:ce:0f:
68:99:91:ac:64:5c:d4:28:97:cc:13:0a:33:3c:82:
bb:e0:c1:d4:36:f0:e6:98:e0:65:64:f9:27:0a:65:
68:b7:f9:c1:9a:19:c1:32:a4:df:dd:cd:96:99:16:
5a:ed:b2:a3:34:96:56:ef:e2:0a:f4:1f:ef:73:13:
17:2f:48:bf:de:0b:37:61:50:a5:91:ac:07:07:ae:
43:35:c8:29:ce:87:a7:c4:92:2c:7c:18:12:d8:07:
3a:31:1b:84:3b:52:e4:22:c4:34:a0:f6:85:a3:91:
9f:62:aa:05:17:cd:81:36:8b:6a:d1:8c:26:af:d6:
f2:6f:cb:24:0b:3e:12:a4:00:02:33:71:e5:35:81:
52:f8:7f:f0:dc:d4:8b:d4:fe:78:d6:7f:fc:0f:fd:
c2:4d:17:da:32:0e:c9:eb:44:0c:85:c3:e9:3d:ff:
95:84:fd:13:43:5c:61:1c:a8:32:e9:bf:ab:2d:86:
63:f9:98:89:76:45:9e:4c:58:fc:1e:cc:8f:53:96:
c1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:68:06:BA:90:45:23:C2:BB:B2:7E:74:B3:1D:0F:74:26:28:16:24
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20323136303232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.217.0/24
Signature Algorithm: sha256WithRSAEncryption
18:c1:81:ff:84:c3:20:2b:27:21:dd:97:35:a6:19:db:e0:a6:
65:20:9f:81:a5:59:d7:12:05:a0:ed:66:b2:1e:e0:75:06:a7:
0a:47:32:ca:e8:a1:8b:a0:72:1f:50:27:e5:01:4b:b7:a1:ed:
91:1e:fa:55:e3:e0:36:c6:ef:9b:29:e0:bb:29:2f:69:ae:09:
5f:b4:3b:85:f4:c4:41:8b:42:13:8e:b6:f4:0c:b5:ef:0f:a5:
4a:1e:df:b8:eb:0e:ff:f9:79:bd:54:d8:e5:c6:18:ad:5e:dd:
ca:f9:e0:e7:c7:de:d6:7d:9f:e6:54:e2:68:e8:ac:6a:64:2c:
c9:e4:20:00:00:c9:ab:eb:75:af:3c:1f:4d:d6:62:32:dc:9d:
a6:3a:8e:d0:2d:a7:fc:84:e3:c7:e2:d4:03:0e:1a:a7:39:fd:
17:43:66:d8:d9:af:00:c4:4c:4c:f7:57:da:8d:be:ba:b4:38:
c4:6f:02:c3:66:c0:cb:37:76:79:da:69:ad:59:f3:66:64:36:
da:f6:c5:ed:8e:a3:f9:a1:ce:fd:84:5d:ee:fa:b6:7a:64:4d:
d0:9f:32:e1:e2:9b:6f:73:14:94:37:1b:57:31:97:45:8b:ca:
f3:57:9b:bc:f9:3f:f0:fe:00:66:ed:79:33:d4:ad:22:2d:38:
03:62:2c:d5
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUXXQAK6AvAXTlgI1+xIiy1vjYLAgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTAxMTgxNDQ1NDVaFw0yNjAxMTcxNDUwNDVaMDMxMTAvBgNV
BAMTKEFFNjgwNkJBOTA0NTIzQzJCQkIyN0U3NEIzMUQwRjc0MjYyODE2MjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcFMeOdDqias9miE8d07NvLeiE
w3iQzDxUH1xqrqNZmMV9w2YgfxaQIygLL6ICR5qbFXvqQ2Q7lNDOD2iZkaxkXNQo
l8wTCjM8grvgwdQ28OaY4GVk+ScKZWi3+cGaGcEypN/dzZaZFlrtsqM0llbv4gr0
H+9zExcvSL/eCzdhUKWRrAcHrkM1yCnOh6fEkix8GBLYBzoxG4Q7UuQixDSg9oWj
kZ9iqgUXzYE2i2rRjCav1vJvyyQLPhKkAAIzceU1gVL4f/Dc1IvU/njWf/wP/cJN
F9oyDsnrRAyFw+k9/5WE/RNDXGEcqDLpv6sthmP5mIl2RZ5MWPwezI9TlsGdAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUrmgGupBFI8K7sn50sx0PdCYoFiQwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzgyZTMyMzEzNzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNjMwMzIzMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0I
2TANBgkqhkiG9w0BAQsFAAOCAQEAGMGB/4TDICsnId2XNaYZ2+CmZSCfgaVZ1xIF
oO1msh7gdQanCkcyyuihi6ByH1An5QFLt6HtkR76VePgNsbvmynguykvaa4JX7Q7
hfTEQYtCE4629Ay17w+lSh7fuOsO//l5vVTY5cYYrV7dyvng58fe1n2f5lTiaOis
amQsyeQgAADJq+t1rzwfTdZiMtydpjqO0C2n/ITjx+LUAw4apzn9F0Nm2NmvAMRM
TPdX2o2+urQ4xG8Cw2bAyzd2edpprVnzZmQ22vbF7Y6j+aHO/YRd7vq2emRN0J8y
4eKbb3MUlDcbVzGXRYvK81ebvPk/8P4AZu15M9StIi04A2Is1Q==
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:02:13 2025 by rpki-client