Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/34362e33332e32312e302f32342d3234203d3e203432363839.roa
File: 34362e33332e32312e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: E8oPAEg2DLqIe/34UI7JQA6z0XvG4l243BNCsIEakNE=
Subject key identifier: 1B:57:21:B5:6E:79:AB:0C:2D:57:9C:E3:C0:CE:31:6C:A3:07:3F:CC
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 4D099F9806D86D8EF91ECE8239870F3B920D421A
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/34362e33332e32312e302f32342d3234203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 10:51:25 +0000
ROA not before: Thu 07 Nov 2024 10:46:25 +0000
ROA not after: Thu 06 Nov 2025 10:51:25 +0000
asID: 42689
IP address blocks: 46.33.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:09:9f:98:06:d8:6d:8e:f9:1e:ce:82:39:87:0f:3b:92:0d:42:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 10:46:25 2024 GMT
Not After : Nov 6 10:51:25 2025 GMT
Subject: CN=1B5721B56E79AB0C2D579CE3C0CE316CA3073FCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:d2:90:a4:b2:90:fa:e1:c2:e4:fe:05:0a:7e:
8c:ff:01:de:7c:61:b2:97:93:19:5e:7e:10:73:42:
df:fb:b0:08:b0:80:c2:bb:36:f4:97:87:88:82:95:
6e:ea:40:da:b6:f3:86:bf:d2:df:77:b4:c2:51:20:
3e:2d:0d:d1:f7:39:94:ad:44:fe:8a:10:12:5d:53:
24:e0:b2:23:6e:ac:af:d6:e3:86:6c:8f:f9:1e:25:
06:c2:01:83:1d:be:af:72:ef:d8:04:76:ae:e1:9c:
3d:46:a5:a9:4b:d0:81:8b:58:5a:96:30:3e:41:d1:
29:8e:8b:3a:56:7b:c0:db:79:6a:3a:cd:80:5f:d7:
2d:17:ce:bd:5d:f9:8e:93:aa:88:42:f5:01:9f:22:
3a:5f:ed:6d:4d:d7:58:91:9d:37:7a:f9:d9:49:e0:
4d:20:37:a0:71:61:e3:eb:12:01:d4:be:82:01:a0:
03:ab:1d:38:89:89:e5:c5:64:b2:4b:47:90:3b:3d:
f9:bb:2d:02:38:86:33:65:97:74:71:ba:bf:75:c2:
82:4f:34:e6:02:de:87:ca:56:d1:a2:e7:6b:cb:78:
2f:1b:d7:3c:cb:cf:b4:46:d4:ac:b6:5f:26:16:3b:
04:74:10:b6:cc:af:67:a8:1f:e4:23:37:93:97:5c:
3f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:57:21:B5:6E:79:AB:0C:2D:57:9C:E3:C0:CE:31:6C:A3:07:3F:CC
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/34362e33332e32312e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.33.21.0/24
Signature Algorithm: sha256WithRSAEncryption
76:e0:86:7b:dc:62:e4:d8:cd:33:a4:5c:d3:08:e5:f7:d6:eb:
85:21:b5:b9:43:17:3d:36:ed:e7:3b:38:fe:54:81:c0:eb:1e:
45:c8:84:79:ac:04:9b:c6:eb:0d:60:78:4c:d8:c6:f9:14:d7:
9b:31:12:8c:36:18:35:29:a4:fa:d5:1e:e3:5e:91:b0:33:94:
b7:f3:08:d2:12:c3:69:25:a5:2a:bc:b3:b3:6d:dd:d9:82:ba:
04:ba:31:40:52:f6:88:4e:ef:8b:88:61:17:36:8f:97:1b:fe:
2e:7b:a7:4b:72:2f:7b:6e:fe:ba:11:3c:52:57:96:6c:04:aa:
9a:68:e4:5f:9b:7d:41:22:a2:99:e6:b9:78:2e:b2:bb:84:ba:
c6:4c:ee:b6:a9:91:92:23:a4:43:82:67:ec:52:4c:35:74:e9:
cc:30:c8:66:c6:d8:b7:54:dc:6f:60:78:dc:0d:82:12:c9:b4:
80:22:e1:7e:65:41:b0:22:99:00:5e:f1:c0:b7:a8:9b:ae:68:
eb:b6:42:ec:a1:0b:cd:d6:89:25:5f:35:bc:04:39:88:cf:b9:
3e:a4:26:15:f9:78:a8:5a:d2:a5:f7:31:53:ea:60:66:cd:48:
d7:e5:39:89:17:bb:59:8a:fa:9b:c3:91:d4:b6:e1:02:06:ce:
fd:27:ae:0b
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUTQmfmAbYbY75Hs6COYcPO5INQhowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMDQ2MjVaFw0yNTExMDYxMDUxMjVaMDMxMTAvBgNV
BAMTKDFCNTcyMUI1NkU3OUFCMEMyRDU3OUNFM0MwQ0UzMTZDQTMwNzNGQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDg0pCkspD64cLk/gUKfoz/Ad58
YbKXkxlefhBzQt/7sAiwgMK7NvSXh4iClW7qQNq284a/0t93tMJRID4tDdH3OZSt
RP6KEBJdUyTgsiNurK/W44Zsj/keJQbCAYMdvq9y79gEdq7hnD1GpalL0IGLWFqW
MD5B0SmOizpWe8DbeWo6zYBf1y0Xzr1d+Y6TqohC9QGfIjpf7W1N11iRnTd6+dlJ
4E0gN6BxYePrEgHUvoIBoAOrHTiJieXFZLJLR5A7Pfm7LQI4hjNll3Rxur91woJP
NOYC3ofKVtGi52vLeC8b1zzLz7RG1Ky2XyYWOwR0ELbMr2eoH+QjN5OXXD9XAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUG1chtW55qwwtV5zjwM4xbKMHP8wwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzQzNjJlMzMzMzJlMzIzMTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAuIRUw
DQYJKoZIhvcNAQELBQADggEBAHbghnvcYuTYzTOkXNMI5ffW64UhtblDFz027ec7
OP5UgcDrHkXIhHmsBJvG6w1geEzYxvkU15sxEow2GDUppPrVHuNekbAzlLfzCNIS
w2klpSq8s7Nt3dmCugS6MUBS9ohO74uIYRc2j5cb/i57p0tyL3tu/roRPFJXlmwE
qppo5F+bfUEiopnmuXgusruEusZM7rapkZIjpEOCZ+xSTDV06cwwyGbG2LdU3G9g
eNwNghLJtIAi4X5lQbAimQBe8cC3qJuuaOu2QuyhC83WiSVfNbwEOYjPuT6kJhX5
eKha0qX3MVPqYGbNSNflOYkXu1mK+pvDkdS24QIGzv0nrgs=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org