Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231342e302f32342d3234203d3e203434353437.roa
File: 34352e39352e3231342e302f32342d3234203d3e203434353437.roa (raw, json)
Hash identifier: D708Awfnug4se1ovue6PBs92QQ5wyncVyei+IzTpPiY=
Subject key identifier: 69:06:35:8E:D6:C1:41:EE:16:A5:74:E7:57:8D:A1:10:7C:B1:E6:5B
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 54AC3E5026C857DEA82095DE8B2A872A9FA4B81E
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231342e302f32342d3234203d3e203434353437.roa
Signing time: Tue 01 Aug 2023 12:19:34 +0000
ROA not before: Tue 01 Aug 2023 12:14:34 +0000
ROA not after: Tue 30 Jul 2024 12:19:34 +0000
asID: 44547
IP address blocks: 45.95.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 15 May 2024 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:ac:3e:50:26:c8:57:de:a8:20:95:de:8b:2a:87:2a:9f:a4:b8:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Aug 1 12:14:34 2023 GMT
Not After : Jul 30 12:19:34 2024 GMT
Subject: CN=6906358ED6C141EE16A574E7578DA1107CB1E65B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:14:24:37:d4:34:49:ca:a6:48:cd:25:68:67:
05:64:9f:7b:cf:6f:d6:27:1f:11:73:3c:91:8d:4c:
2d:47:ce:58:65:01:c8:1d:10:4b:c3:b2:6a:0e:a0:
54:60:7a:ad:04:4a:c5:eb:73:9e:ee:0d:54:3d:0f:
7d:f5:1b:b3:5c:b3:68:8d:85:2d:14:05:7d:90:83:
38:c1:9b:d2:44:b4:b5:ff:5b:5c:a4:28:55:f7:1b:
25:ab:d9:ec:64:07:c8:ba:6b:46:19:dd:f0:8c:74:
62:96:cf:38:d2:42:41:51:b2:ad:82:51:9f:a0:50:
b0:a1:09:41:1f:3d:81:a1:cd:77:32:65:0b:ed:a9:
8c:0c:f3:50:8f:dc:e5:7e:f0:d9:06:6d:a6:86:6b:
1f:f7:92:86:30:28:11:c5:06:f5:04:e7:0f:12:5e:
79:e8:4b:bd:86:3c:4f:e0:58:54:89:61:07:f0:8c:
b4:cb:d9:e4:92:2b:67:8d:7e:46:c4:cb:07:b5:ba:
92:51:0d:27:1b:68:48:52:ce:fb:ea:bd:e2:17:2d:
c2:45:42:01:d6:1e:fe:aa:a9:32:4f:12:e4:cc:90:
37:de:57:64:03:11:59:84:05:f8:ab:7e:d0:f1:33:
fe:9e:09:ab:20:25:5e:17:5c:fc:1b:3a:2b:2d:21:
db:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:06:35:8E:D6:C1:41:EE:16:A5:74:E7:57:8D:A1:10:7C:B1:E6:5B
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231342e302f32342d3234203d3e203434353437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.214.0/24
Signature Algorithm: sha256WithRSAEncryption
02:6d:7e:ea:a9:54:01:1e:f6:ab:27:9d:15:7f:19:b8:4f:77:
fc:5b:26:d7:22:22:d5:70:b7:01:c7:ae:25:69:49:01:21:d5:
85:60:0c:82:ed:c3:ac:34:af:01:05:6a:be:a8:27:73:38:47:
29:a1:b1:05:b6:0b:00:ca:2f:67:1c:41:ac:5c:2a:47:ea:c8:
19:8b:ec:bd:23:34:0b:49:d2:71:b8:16:5d:8a:9e:77:d6:e8:
80:a8:83:c5:4a:58:5e:c1:68:88:a5:48:19:e2:c2:65:a0:5f:
4a:c7:7b:1b:22:dc:fe:b6:c7:a0:7b:18:7c:ab:ad:58:cf:99:
fd:25:ac:5a:6c:ce:c6:30:b3:29:22:07:2e:a3:0d:cf:b6:9d:
44:98:62:e6:4d:d3:c1:e0:98:fc:0b:c1:c4:ac:c6:49:23:b4:
13:86:4f:c2:1f:28:2e:e4:ec:2f:fb:13:9a:40:41:7f:a4:a2:
b8:3c:2c:ae:b5:9a:7d:1c:cb:a9:30:82:5c:d3:8f:f5:c6:aa:
50:0d:8f:74:3f:5f:83:a6:02:e6:39:10:81:26:30:dc:18:ce:
72:60:36:4a:2b:4f:54:cf:af:8c:54:cc:85:1d:44:88:ce:ab:
a6:89:24:9f:32:14:12:b8:41:0e:2b:9b:bd:c3:99:11:ef:09:
b6:4e:24:51
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUVKw+UCbIV96oIJXeiyqHKp+kuB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzA4MDExMjE0MzRaFw0yNDA3MzAxMjE5MzRaMDMxMTAvBgNV
BAMTKDY5MDYzNThFRDZDMTQxRUUxNkE1NzRFNzU3OERBMTEwN0NCMUU2NUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfFCQ31DRJyqZIzSVoZwVkn3vP
b9YnHxFzPJGNTC1HzlhlAcgdEEvDsmoOoFRgeq0ESsXrc57uDVQ9D331G7Ncs2iN
hS0UBX2QgzjBm9JEtLX/W1ykKFX3GyWr2exkB8i6a0YZ3fCMdGKWzzjSQkFRsq2C
UZ+gULChCUEfPYGhzXcyZQvtqYwM81CP3OV+8NkGbaaGax/3koYwKBHFBvUE5w8S
XnnoS72GPE/gWFSJYQfwjLTL2eSSK2eNfkbEywe1upJRDScbaEhSzvvqveIXLcJF
QgHWHv6qqTJPEuTMkDfeV2QDEVmEBfirftDxM/6eCasgJV4XXPwbOistIdvhAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUaQY1jtbBQe4WpXTnV42hEHyx5lswHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzkzNTJlMzIzMTM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzNDM1MzQzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1f
1jANBgkqhkiG9w0BAQsFAAOCAQEAAm1+6qlUAR72qyedFX8ZuE93/Fsm1yIi1XC3
AceuJWlJASHVhWAMgu3DrDSvAQVqvqgnczhHKaGxBbYLAMovZxxBrFwqR+rIGYvs
vSM0C0nScbgWXYqed9bogKiDxUpYXsFoiKVIGeLCZaBfSsd7GyLc/rbHoHsYfKut
WM+Z/SWsWmzOxjCzKSIHLqMNz7adRJhi5k3TweCY/AvBxKzGSSO0E4ZPwh8oLuTs
L/sTmkBBf6SiuDwsrrWafRzLqTCCXNOP9caqUA2PdD9fg6YC5jkQgSYw3BjOcmA2
SitPVM+vjFTMhR1EiM6rpokknzIUErhBDiubvcOZEe8Jtk4kUQ==
-----END CERTIFICATE-----
Generated at Wed May 15 03:59:44 2024 by rpki-client on console-fra.rpki-client.org