Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231322e302f32322d3232203d3e2037303239.roa
File: 34352e39352e3231322e302f32322d3232203d3e2037303239.roa (raw, json)
Hash identifier: hLdtDysfpXS5N8LC99dYLqnL3PjPb8am3/YhSTSHVUY=
Subject key identifier: 4B:4C:05:08:37:CA:EA:C0:9E:37:FF:F6:34:3A:4A:CF:31:BC:45:BF
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 73715FDACECE5C003256E16C44CBAA2F1133F540
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231322e302f32322d3232203d3e2037303239.roa
Signing time: Fri 22 Dec 2023 08:05:08 +0000
ROA not before: Fri 22 Dec 2023 08:00:08 +0000
ROA not after: Fri 20 Dec 2024 08:05:08 +0000
asID: 7029
IP address blocks: 45.95.212.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 15 May 2024 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:71:5f:da:ce:ce:5c:00:32:56:e1:6c:44:cb:aa:2f:11:33:f5:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Dec 22 08:00:08 2023 GMT
Not After : Dec 20 08:05:08 2024 GMT
Subject: CN=4B4C050837CAEAC09E37FFF6343A4ACF31BC45BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:43:3e:73:9b:74:00:ab:df:35:3c:6a:44:c8:
d8:2a:d0:82:f8:4e:27:41:c8:01:73:1a:f9:57:d1:
f3:f7:94:f2:b5:01:45:9f:9d:45:0b:13:e3:1f:96:
2e:2a:b2:75:07:0d:78:c6:49:44:3d:c1:1c:9e:da:
c1:52:39:c6:4e:4f:21:02:9d:51:82:1b:3a:70:69:
71:d1:5e:76:56:02:70:f2:3e:67:86:ae:59:83:c3:
d4:18:a4:3f:c8:60:24:3b:8a:5e:3a:01:df:ec:c5:
e2:84:27:38:90:7a:41:46:01:f0:52:9f:62:65:4e:
3d:c5:be:25:89:cf:80:80:76:13:6d:34:d7:fa:7d:
56:da:3e:55:49:4e:4c:c5:46:64:fb:27:44:7e:cd:
32:40:46:8b:14:86:03:4d:22:27:30:ea:b8:15:d6:
f9:b9:0d:48:ca:b1:11:2e:81:7a:49:0f:5c:0b:df:
50:8f:78:30:41:b6:c4:fe:d2:85:38:90:4e:15:07:
4c:67:ae:5b:8b:27:0c:69:39:7e:6c:4e:0c:05:0c:
59:62:3e:ff:bf:1c:fa:3f:ba:c4:38:ce:ae:23:d6:
a0:9f:89:54:ce:60:81:25:3b:3d:a9:49:a6:7c:5e:
29:79:ac:0a:3a:fb:18:54:f0:01:7a:27:61:a3:83:
cb:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:4C:05:08:37:CA:EA:C0:9E:37:FF:F6:34:3A:4A:CF:31:BC:45:BF
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231322e302f32322d3232203d3e2037303239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.212.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:21:31:99:0f:a0:a7:29:ac:62:ed:0e:71:93:92:52:ac:82:
a3:6c:f3:a3:96:e2:f9:48:3b:7c:d9:ee:c3:82:da:a8:3a:a0:
7b:2e:55:33:74:40:16:cd:80:68:50:37:0c:6e:59:6e:f6:cc:
f0:c0:05:1f:49:0f:9e:90:c7:36:0c:c1:2b:09:1c:33:4a:94:
46:70:cc:18:99:3a:79:f6:f7:3d:6f:7e:ae:53:f3:8d:09:32:
a5:e0:ce:c2:18:3a:53:28:4f:a7:44:d1:85:00:b9:d0:0e:8e:
3d:9e:29:c2:4f:3c:d5:29:c4:24:7a:bd:19:e4:e8:26:e4:fa:
cd:88:40:89:ad:11:60:b1:03:dc:ac:f6:d8:8a:21:03:d0:23:
57:b7:18:19:07:fb:66:e4:55:36:e3:ea:69:97:dd:15:36:19:
c1:0d:c6:7e:aa:cd:44:c9:00:85:e3:50:af:da:9f:7a:1b:61:
cd:44:bf:10:e8:d9:81:79:a1:c8:37:9a:30:2f:41:b8:d3:14:
0c:13:bb:df:32:76:1b:cf:ab:c1:cd:e8:af:ac:c7:c1:00:ff:
bf:3a:5e:37:74:57:d2:1d:36:c3:be:78:fa:82:12:70:b0:83:
d5:b9:ce:26:93:fd:66:73:3c:67:3c:1a:6f:06:44:23:48:8e:
26:94:b2:f7
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUc3Ff2s7OXAAyVuFsRMuqLxEz9UAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzEyMjIwODAwMDhaFw0yNDEyMjAwODA1MDhaMDMxMTAvBgNV
BAMTKDRCNEMwNTA4MzdDQUVBQzA5RTM3RkZGNjM0M0E0QUNGMzFCQzQ1QkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMQz5zm3QAq981PGpEyNgq0IL4
TidByAFzGvlX0fP3lPK1AUWfnUULE+Mfli4qsnUHDXjGSUQ9wRye2sFSOcZOTyEC
nVGCGzpwaXHRXnZWAnDyPmeGrlmDw9QYpD/IYCQ7il46Ad/sxeKEJziQekFGAfBS
n2JlTj3FviWJz4CAdhNtNNf6fVbaPlVJTkzFRmT7J0R+zTJARosUhgNNIicw6rgV
1vm5DUjKsREugXpJD1wL31CPeDBBtsT+0oU4kE4VB0xnrluLJwxpOX5sTgwFDFli
Pv+/HPo/usQ4zq4j1qCfiVTOYIElOz2pSaZ8Xil5rAo6+xhU8AF6J2Gjg8txAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUS0wFCDfK6sCeN//2NDpKzzG8Rb8wHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzkzNTJlMzIzMTMy
MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzczMDMyMzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAItX9Qw
DQYJKoZIhvcNAQELBQADggEBAC4hMZkPoKcprGLtDnGTklKsgqNs86OW4vlIO3zZ
7sOC2qg6oHsuVTN0QBbNgGhQNwxuWW72zPDABR9JD56QxzYMwSsJHDNKlEZwzBiZ
Onn29z1vfq5T840JMqXgzsIYOlMoT6dE0YUAudAOjj2eKcJPPNUpxCR6vRnk6Cbk
+s2IQImtEWCxA9ys9tiKIQPQI1e3GBkH+2bkVTbj6mmX3RU2GcENxn6qzUTJAIXj
UK/an3obYc1EvxDo2YF5ocg3mjAvQbjTFAwTu98ydhvPq8HN6K+sx8EA/786Xjd0
V9IdNsO+ePqCEnCwg9W5ziaT/WZzPGc8Gm8GRCNIjiaUsvc=
-----END CERTIFICATE-----
Generated at Wed May 15 03:10:39 2024 by rpki-client on console-ams.rpki-client.org