Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231322e302f32322d3232203d3e2037303239.roa
File: 34352e39352e3231322e302f32322d3232203d3e2037303239.roa (raw, json)
Hash identifier: wXll8iGOq5bo/V4iKTWa0gWLbXOr0lpoVBYORUbUhI0=
Subject key identifier: BD:F8:88:2F:21:AA:E8:6B:36:72:5C:F7:D7:E8:7D:AC:4E:2F:8B:E4
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 103EBCD8592E7CA66074D9A19452487D2F4A935D
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231322e302f32322d3232203d3e2037303239.roa
Signing time: Fri 22 Nov 2024 08:43:28 +0000
ROA not before: Fri 22 Nov 2024 08:38:28 +0000
ROA not after: Fri 21 Nov 2025 08:43:28 +0000
asID: 7029
IP address blocks: 45.95.212.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 18:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:3e:bc:d8:59:2e:7c:a6:60:74:d9:a1:94:52:48:7d:2f:4a:93:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Nov 22 08:38:28 2024 GMT
Not After : Nov 21 08:43:28 2025 GMT
Subject: CN=BDF8882F21AAE86B36725CF7D7E87DAC4E2F8BE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:83:ec:78:4f:60:4f:59:1e:38:b0:23:92:e9:
cb:4c:a1:cb:0c:ba:90:d6:52:4f:e7:2c:3f:20:31:
4f:d2:ad:44:3d:1b:19:53:87:fc:74:4a:27:f3:37:
f8:ab:fc:17:ce:8b:09:cb:44:ed:3c:93:e0:24:79:
6b:a4:cf:78:08:ec:5c:73:4d:ef:66:01:0d:9b:ef:
13:5e:03:57:72:e0:aa:79:b6:40:86:85:c5:48:af:
4d:d5:8e:dc:de:27:d3:49:58:03:27:11:1c:c5:f7:
73:06:b4:0a:74:e5:61:cd:ed:25:1d:45:4a:7e:43:
35:71:46:6c:35:4f:a5:8c:b4:b7:92:bb:8a:85:7e:
40:9c:84:6c:5d:ca:f0:1e:4b:85:36:4c:11:08:c1:
b6:15:7c:d9:f4:29:39:71:39:d1:30:b0:d6:4c:59:
17:5d:02:7e:32:d5:44:24:c5:46:56:0b:4e:12:75:
2a:78:4b:81:3a:23:3b:f4:21:fd:88:07:47:6d:02:
8e:fa:99:bf:be:ec:6d:61:79:cc:6b:93:38:9a:be:
7e:fc:c5:d0:b0:eb:72:b8:b8:48:1d:54:43:f5:63:
8b:5e:b8:7a:00:2e:82:c8:a0:fb:85:3c:dd:81:04:
47:11:8b:7d:af:2d:d4:75:e3:5d:2f:1a:52:77:06:
73:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:F8:88:2F:21:AA:E8:6B:36:72:5C:F7:D7:E8:7D:AC:4E:2F:8B:E4
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231322e302f32322d3232203d3e2037303239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.212.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:30:27:09:b6:92:55:5c:85:ff:42:9d:48:56:cd:de:f6:b1:
4c:05:17:83:47:9a:c8:97:aa:cf:69:9e:b0:25:08:95:d8:c1:
13:cd:19:c9:9e:c3:f6:58:56:53:c8:f0:66:8f:78:7d:b3:ef:
b7:65:7c:3e:dd:75:b0:92:85:38:05:9a:61:91:67:7e:4c:2c:
1e:0a:01:80:83:61:e2:37:b0:be:49:c3:17:9e:c5:8c:fa:a7:
c9:61:aa:9b:40:d0:f9:fc:79:65:b1:dc:76:d0:7d:2e:10:d4:
29:49:a9:9a:dd:b6:9c:71:f1:11:93:cc:1c:2c:22:75:54:9e:
ab:9b:cd:06:e7:0d:67:0f:a5:c3:e6:78:72:f1:cc:9c:d1:df:
31:f3:31:2d:b8:93:34:db:44:46:2c:3d:32:ee:f5:b8:2a:1c:
e4:8a:2b:85:4e:17:eb:53:15:33:12:f1:6f:b9:6e:9f:18:a0:
ce:bd:b2:c7:d0:4f:12:3e:af:5a:13:0e:8c:31:7f:16:97:14:
24:a0:56:49:61:03:30:09:f0:e8:fb:18:86:67:d7:30:e9:b0:
a8:90:d2:b6:fd:81:45:db:12:6b:92:e7:ff:86:22:53:e3:04:
9a:0c:6d:68:d8:40:c5:05:b7:72:ea:82:dc:ea:5f:bb:a2:46:
db:08:3c:8e
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUED682FkufKZgdNmhlFJIfS9Kk10wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDExMjIwODM4MjhaFw0yNTExMjEwODQzMjhaMDMxMTAvBgNV
BAMTKEJERjg4ODJGMjFBQUU4NkIzNjcyNUNGN0Q3RTg3REFDNEUyRjhCRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNg+x4T2BPWR44sCOS6ctMocsM
upDWUk/nLD8gMU/SrUQ9GxlTh/x0SifzN/ir/BfOiwnLRO08k+AkeWukz3gI7Fxz
Te9mAQ2b7xNeA1dy4Kp5tkCGhcVIr03VjtzeJ9NJWAMnERzF93MGtAp05WHN7SUd
RUp+QzVxRmw1T6WMtLeSu4qFfkCchGxdyvAeS4U2TBEIwbYVfNn0KTlxOdEwsNZM
WRddAn4y1UQkxUZWC04SdSp4S4E6Izv0If2IB0dtAo76mb++7G1hecxrkziavn78
xdCw63K4uEgdVEP1Y4teuHoALoLIoPuFPN2BBEcRi32vLdR1410vGlJ3BnNjAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUvfiILyGq6Gs2clz31+h9rE4vi+QwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzkzNTJlMzIzMTMy
MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzczMDMyMzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAItX9Qw
DQYJKoZIhvcNAQELBQADggEBAKowJwm2klVchf9CnUhWzd72sUwFF4NHmsiXqs9p
nrAlCJXYwRPNGcmew/ZYVlPI8GaPeH2z77dlfD7ddbCShTgFmmGRZ35MLB4KAYCD
YeI3sL5JwxeexYz6p8lhqptA0Pn8eWWx3HbQfS4Q1ClJqZrdtpxx8RGTzBwsInVU
nqubzQbnDWcPpcPmeHLxzJzR3zHzMS24kzTbREYsPTLu9bgqHOSKK4VOF+tTFTMS
8W+5bp8YoM69ssfQTxI+r1oTDowxfxaXFCSgVklhAzAJ8Oj7GIZn1zDpsKiQ0rb9
gUXbEmuS5/+GIlPjBJoMbWjYQMUFt3LqgtzqX7uiRtsIPI4=
-----END CERTIFICATE-----
Generated at Fri Mar 14 02:03:12 2025 by rpki-client