Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231332e302f32342d3234203d3e20343030303339.roa
File: 34352e39352e3231332e302f32342d3234203d3e20343030303339.roa (raw, json)
Hash identifier: +Y3UcGYIqQxEr1jIFdqY4vUJrY7Q5m58oT3V7IJdAq8=
Subject key identifier: 7C:E7:85:79:A6:CC:9A:15:08:C0:12:E9:BD:08:0E:53:F9:85:20:F8
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 0F3251EF91FC4572A90DF2F34D77CEB55D4CC6D6
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231332e302f32342d3234203d3e20343030303339.roa
Signing time: Tue 07 Nov 2023 18:03:45 +0000
ROA not before: Tue 07 Nov 2023 17:58:45 +0000
ROA not after: Tue 05 Nov 2024 18:03:45 +0000
asID: 400039
IP address blocks: 45.95.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:32:51:ef:91:fc:45:72:a9:0d:f2:f3:4d:77:ce:b5:5d:4c:c6:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Nov 7 17:58:45 2023 GMT
Not After : Nov 5 18:03:45 2024 GMT
Subject: CN=7CE78579A6CC9A1508C012E9BD080E53F98520F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7f:f9:77:01:c9:d0:d0:09:46:55:8a:74:80:
92:cf:ee:d6:c6:86:7d:76:8b:45:f5:33:c3:d4:92:
2b:82:75:21:12:ac:20:68:86:88:14:ab:89:49:0c:
4e:eb:1b:b4:83:86:a3:6f:e0:5b:fa:ec:33:83:07:
bc:66:9b:b0:68:97:08:ab:46:9b:66:97:17:dd:1d:
07:b1:10:c2:fc:a8:f1:39:33:fb:19:07:1d:69:b6:
c3:d5:6f:78:c2:9e:3c:b0:ee:e9:4c:d8:7e:b4:b8:
51:6f:15:d0:92:88:ad:7e:a1:68:09:2d:94:e9:4a:
f8:dd:bc:b8:f0:a5:1a:53:69:ed:d8:97:c9:60:40:
d9:1b:bb:9a:29:70:5a:a5:a9:de:8e:2d:ae:71:d1:
4d:3d:9d:3e:d6:68:2f:20:e0:aa:2c:ea:71:dd:ae:
9f:8c:81:ee:b0:3c:77:b2:b1:4a:68:b5:df:7a:27:
3e:d0:bd:00:65:8e:1f:95:78:1f:d7:5f:d2:a3:fa:
7f:63:ee:dd:fa:94:70:11:88:fd:f6:dc:8a:8e:ef:
f4:15:e8:85:f1:25:8a:e1:1d:40:04:3b:67:90:08:
4d:57:61:af:cc:68:fd:1e:2f:ec:d9:61:40:8d:ce:
82:a1:da:21:d4:bc:9d:35:39:ed:3c:4c:cf:fc:fa:
c9:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:E7:85:79:A6:CC:9A:15:08:C0:12:E9:BD:08:0E:53:F9:85:20:F8
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231332e302f32342d3234203d3e20343030303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.213.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:4c:25:87:3f:02:77:90:22:26:68:bc:32:10:79:dd:97:d2:
a4:7f:51:dd:a1:fc:d1:ae:db:bd:07:39:ee:2e:97:2f:0c:7a:
c7:b1:36:d1:2e:47:ef:f7:15:91:ec:06:09:d5:a4:cf:1e:a9:
5e:17:47:46:93:09:a4:e1:78:ac:2d:e9:8e:f4:b7:dd:5a:f8:
05:1e:b4:1e:85:65:e3:d4:e1:77:64:16:80:72:59:da:6e:3d:
12:97:7b:e4:54:c9:f0:39:0e:c7:a4:51:60:0c:2f:60:ea:de:
8f:41:89:c1:42:2f:2a:78:d6:7a:c4:93:67:5a:5f:0f:2a:25:
a7:02:c3:e6:90:68:07:b4:c0:be:54:c2:61:cd:7f:79:1c:59:
c7:03:2c:1d:4b:31:1e:44:dd:7b:2e:76:10:6a:47:aa:52:9d:
e5:86:d8:89:04:d7:bc:2e:21:8d:7c:af:ea:b1:3c:51:f1:52:
d1:d4:e7:e4:e1:16:b4:14:73:1f:5a:a1:e7:fb:5a:2d:28:5b:
89:e2:09:e9:e1:99:d4:9e:97:f8:ab:54:1e:ec:a7:03:fe:d4:
64:69:89:44:65:fd:2b:c2:1c:fd:86:18:e4:8b:5c:c5:aa:4c:
67:ee:4a:4a:d6:bd:ad:25:95:7f:48:e5:68:86:4d:fb:12:da:
30:c9:41:7d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDzJR75H8RXKpDfLzTXfOtV1MxtYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzExMDcxNzU4NDVaFw0yNDExMDUxODAzNDVaMDMxMTAvBgNV
BAMTKDdDRTc4NTc5QTZDQzlBMTUwOEMwMTJFOUJEMDgwRTUzRjk4NTIwRjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/f/l3AcnQ0AlGVYp0gJLP7tbG
hn12i0X1M8PUkiuCdSESrCBohogUq4lJDE7rG7SDhqNv4Fv67DODB7xmm7Bolwir
RptmlxfdHQexEML8qPE5M/sZBx1ptsPVb3jCnjyw7ulM2H60uFFvFdCSiK1+oWgJ
LZTpSvjdvLjwpRpTae3Yl8lgQNkbu5opcFqlqd6OLa5x0U09nT7WaC8g4Kos6nHd
rp+Mge6wPHeysUpotd96Jz7QvQBljh+VeB/XX9Kj+n9j7t36lHARiP323IqO7/QV
6IXxJYrhHUAEO2eQCE1XYa/MaP0eL+zZYUCNzoKh2iHUvJ01Oe08TM/8+slbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUfOeFeabMmhUIwBLpvQgOU/mFIPgwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzkzNTJlMzIzMTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMwMzAzMzM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LV/VMA0GCSqGSIb3DQEBCwUAA4IBAQBcTCWHPwJ3kCImaLwyEHndl9Kkf1HdofzR
rtu9BznuLpcvDHrHsTbRLkfv9xWR7AYJ1aTPHqleF0dGkwmk4XisLemO9LfdWvgF
HrQehWXj1OF3ZBaAclnabj0Sl3vkVMnwOQ7HpFFgDC9g6t6PQYnBQi8qeNZ6xJNn
Wl8PKiWnAsPmkGgHtMC+VMJhzX95HFnHAywdSzEeRN17LnYQakeqUp3lhtiJBNe8
LiGNfK/qsTxR8VLR1Ofk4Ra0FHMfWqHn+1otKFuJ4gnp4ZnUnpf4q1Qe7KcD/tRk
aYlEZf0rwhz9hhjki1zFqkxn7kpK1r2tJZV/SOVohk37EtowyUF9
-----END CERTIFICATE-----
Generated at Sat May 4 15:08:02 2024 by rpki-client on console-ams.rpki-client.org