Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231332e302f32342d3234203d3e20343030303339.roa
File: 34352e39352e3231332e302f32342d3234203d3e20343030303339.roa (raw, json)
Hash identifier: w5NU7XhSCx4TB+ZVVuz65lQXaRG4sh/qolM03TzoQNc=
Subject key identifier: 1C:BE:06:E2:4B:24:80:C5:32:AD:21:6B:D6:42:D9:A1:8D:2D:F2:8E
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 6952F7344678A74BFF3BBF6A521D465767FCA588
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231332e302f32342d3234203d3e20343030303339.roa
Signing time: Tue 08 Oct 2024 18:43:22 +0000
ROA not before: Tue 08 Oct 2024 18:38:22 +0000
ROA not after: Tue 07 Oct 2025 18:43:22 +0000
asID: 400039
IP address blocks: 45.95.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 02:10:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:52:f7:34:46:78:a7:4b:ff:3b:bf:6a:52:1d:46:57:67:fc:a5:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Oct 8 18:38:22 2024 GMT
Not After : Oct 7 18:43:22 2025 GMT
Subject: CN=1CBE06E24B2480C532AD216BD642D9A18D2DF28E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:fb:43:01:a3:05:70:99:6e:c8:df:36:0b:29:
3e:67:be:dd:33:eb:49:51:b5:b2:45:7f:3b:d9:df:
37:ef:98:1c:cd:75:fe:20:ef:aa:ea:b2:6e:72:80:
d2:b6:43:56:83:f6:2d:28:d1:87:a0:65:4c:00:b9:
0c:f7:cc:5f:30:16:68:2a:0a:05:96:4c:69:aa:5f:
8e:a7:e5:3a:d6:a8:fe:58:5d:53:94:6d:60:29:60:
5e:bc:b4:27:ad:e4:d5:92:80:3c:37:cd:87:d0:b7:
ca:b8:d9:91:ca:ec:f5:0c:90:a0:ff:83:14:e6:45:
9c:99:e2:fb:fa:dc:38:dd:bf:8d:31:6b:55:a4:b3:
1f:5f:c7:f6:71:c5:c6:a5:0c:ea:2a:6e:ae:9e:31:
d1:41:85:35:c4:ce:03:d5:28:81:ec:7c:39:26:3d:
e6:e3:7b:1b:17:da:c2:0e:69:d0:47:b2:d9:10:de:
34:76:18:86:e5:10:dd:36:b8:2b:0d:8f:3e:b1:8a:
7d:55:0a:14:30:25:3f:00:50:d2:23:0b:9a:76:a3:
3e:26:26:31:20:39:a3:70:f1:05:7e:aa:f2:5d:a3:
77:88:d3:17:17:eb:d4:a5:43:f0:4d:f5:b0:69:f6:
cf:2d:e1:df:8e:6a:b8:31:b6:43:ed:ba:cf:74:0c:
ca:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:BE:06:E2:4B:24:80:C5:32:AD:21:6B:D6:42:D9:A1:8D:2D:F2:8E
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231332e302f32342d3234203d3e20343030303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.213.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:d2:2d:ee:96:85:ba:ae:a9:e7:11:d9:08:47:c0:e0:8a:d1:
98:e4:1e:29:ed:81:86:ea:e6:dd:e6:01:ff:a6:b0:c4:62:17:
07:1f:f4:04:a3:1a:f4:78:f8:c6:38:1d:ed:74:eb:48:4f:3a:
e9:61:1c:c7:7b:46:7f:6b:94:4c:82:78:df:a4:52:7a:b0:87:
05:63:77:12:79:a1:8f:28:cb:73:5d:d6:a6:5e:e5:01:a7:9c:
d3:bd:cf:a9:02:5a:67:60:aa:a3:82:85:26:5b:79:1e:be:84:
82:ca:27:18:18:88:6b:93:c6:6c:a4:11:9a:fe:15:e6:9a:c3:
80:54:cb:bc:5a:b9:b4:b9:24:80:48:b1:08:c5:59:af:ba:d8:
dc:05:45:f6:c3:75:a7:a5:a0:a0:5e:22:a5:d1:7e:7b:4b:18:
e9:39:37:99:03:d3:8e:46:31:28:57:21:e3:a4:43:93:3d:99:
5a:89:d9:9a:15:d9:f1:fc:44:51:fe:7a:5d:9a:13:7d:c5:aa:
24:6c:54:a6:22:f4:74:9f:ca:bd:34:8a:6c:a4:5d:d0:78:ad:
46:91:77:d7:d2:ba:dd:a6:33:c1:86:f2:55:11:be:38:2c:65:
2e:45:24:e9:fa:f7:1f:32:a8:00:0f:c7:aa:20:c0:4d:9a:91:
90:6b:76:29
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUaVL3NEZ4p0v/O79qUh1GV2f8pYgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDEwMDgxODM4MjJaFw0yNTEwMDcxODQzMjJaMDMxMTAvBgNV
BAMTKDFDQkUwNkUyNEIyNDgwQzUzMkFEMjE2QkQ2NDJEOUExOEQyREYyOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCY+0MBowVwmW7I3zYLKT5nvt0z
60lRtbJFfzvZ3zfvmBzNdf4g76rqsm5ygNK2Q1aD9i0o0YegZUwAuQz3zF8wFmgq
CgWWTGmqX46n5TrWqP5YXVOUbWApYF68tCet5NWSgDw3zYfQt8q42ZHK7PUMkKD/
gxTmRZyZ4vv63Djdv40xa1Wksx9fx/ZxxcalDOoqbq6eMdFBhTXEzgPVKIHsfDkm
PebjexsX2sIOadBHstkQ3jR2GIblEN02uCsNjz6xin1VChQwJT8AUNIjC5p2oz4m
JjEgOaNw8QV+qvJdo3eI0xcX69SlQ/BN9bBp9s8t4d+OargxtkPtus90DMrFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUHL4G4kskgMUyrSFr1kLZoY0t8o4wHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzkzNTJlMzIzMTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMwMzAzMzM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LV/VMA0GCSqGSIb3DQEBCwUAA4IBAQCy0i3uloW6rqnnEdkIR8DgitGY5B4p7YGG
6ubd5gH/prDEYhcHH/QEoxr0ePjGOB3tdOtITzrpYRzHe0Z/a5RMgnjfpFJ6sIcF
Y3cSeaGPKMtzXdamXuUBp5zTvc+pAlpnYKqjgoUmW3kevoSCyicYGIhrk8ZspBGa
/hXmmsOAVMu8Wrm0uSSASLEIxVmvutjcBUX2w3WnpaCgXiKl0X57SxjpOTeZA9OO
RjEoVyHjpEOTPZlaidmaFdnx/ERR/npdmhN9xaokbFSmIvR0n8q9NIpspF3QeK1G
kXfX0rrdpjPBhvJVEb44LGUuRSTp+vcfMqgAD8eqIMBNmpGQa3Yp
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:12:12 2025 by rpki-client