Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/34362e33332e32382e302f32322d3232203d3e203432363839.roa
File: 34362e33332e32382e302f32322d3232203d3e203432363839.roa (raw, json)
Hash identifier: u8BdHZ2Yu7aU17Jkplx6QYm5Q4OD8K6UlNx09wKoHsM=
Subject key identifier: C5:B5:55:4D:D9:FD:F5:CA:4D:78:B5:93:F7:A5:11:10:37:10:68:D1
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 6723E2A225FD256F6B8999082FC0792A4921E5FB
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/34362e33332e32382e302f32322d3232203d3e203432363839.roa
Signing time: Thu 07 Nov 2024 10:52:00 +0000
ROA not before: Thu 07 Nov 2024 10:47:00 +0000
ROA not after: Thu 06 Nov 2025 10:52:00 +0000
asID: 42689
IP address blocks: 46.33.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:23:e2:a2:25:fd:25:6f:6b:89:99:08:2f:c0:79:2a:49:21:e5:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Nov 7 10:47:00 2024 GMT
Not After : Nov 6 10:52:00 2025 GMT
Subject: CN=C5B5554DD9FDF5CA4D78B593F7A51110371068D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:05:3c:30:fa:df:04:ca:de:d1:c7:eb:bc:80:
b5:9e:a4:5d:ee:34:78:2c:fc:6c:c2:40:df:4c:fa:
bd:bf:40:da:03:ce:da:e0:9f:53:bd:8d:d6:66:07:
d5:5e:48:63:6d:48:ca:6c:a9:21:98:b4:01:db:91:
ab:e5:71:bd:0b:f0:0d:e7:77:c9:4a:7d:dd:5b:da:
e1:a9:e7:c4:c4:4b:85:c3:ee:69:a4:aa:37:e4:04:
d3:ee:01:a1:35:20:de:b6:3a:55:d0:1a:3f:76:99:
1c:6e:5c:d4:b5:9d:44:78:63:1b:fc:14:d4:fb:0d:
1b:e3:e7:96:8e:56:00:9b:37:c7:8d:7d:c5:99:5a:
f4:79:7f:9f:c1:00:e9:b3:5d:d2:2d:64:42:ff:2c:
1b:89:30:60:77:a3:9b:97:63:52:8b:b5:30:66:5c:
35:0e:27:1e:b1:9f:ec:82:82:2f:eb:d4:8d:2c:52:
41:9c:1a:d0:7e:31:1c:09:50:10:2b:10:4f:2c:41:
a9:11:4c:75:88:8e:1e:75:8d:d7:ef:70:b6:ef:d7:
76:07:b9:46:c8:09:15:7b:aa:15:92:ab:45:f5:dd:
00:0d:17:06:47:d6:2c:83:65:16:18:9c:16:0d:13:
79:e8:91:88:90:bc:a2:6d:a3:dd:39:e3:3b:cb:41:
68:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B5:55:4D:D9:FD:F5:CA:4D:78:B5:93:F7:A5:11:10:37:10:68:D1
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/34362e33332e32382e302f32322d3232203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.33.28.0/22
Signature Algorithm: sha256WithRSAEncryption
22:c8:e9:aa:41:68:e9:40:a9:68:59:b0:e9:f9:46:d4:64:88:
e8:ae:0a:98:7a:8b:f4:e6:b2:c7:5c:7e:ab:a4:d2:86:7e:3c:
20:35:ee:6a:a6:8e:29:75:e5:b8:6e:aa:1b:56:a6:19:94:f4:
80:6c:70:5a:31:b6:4f:43:ac:b7:a0:91:01:f3:08:c3:08:19:
4f:af:a7:3c:d8:ff:b4:0a:e1:eb:d3:e8:be:9b:18:b5:e9:8a:
4e:ad:4a:e6:1b:d1:41:a1:ec:91:e9:3a:ac:87:73:95:0f:6d:
c5:5a:e4:4f:42:95:d6:d2:49:23:f4:cd:fb:1c:85:d2:9f:c0:
21:c3:bd:54:74:51:5c:44:5b:fa:a8:3e:79:0b:b9:a6:22:cd:
0b:88:19:32:fe:1b:19:24:22:e0:b7:53:0c:68:d6:e1:3e:e2:
6b:36:1f:a4:35:fd:27:25:3d:44:6e:6d:6e:31:0c:90:8d:9b:
e0:13:12:31:fb:ef:b9:f2:0a:1f:cd:d4:8f:1c:f4:93:de:ad:
7e:ee:db:00:04:b0:b9:ce:4d:3a:f0:6b:53:2a:86:ee:0a:b6:
16:1b:b8:c3:19:bb:da:d7:be:be:f7:41:76:1f:7b:ba:ca:52:
97:e9:b1:34:c6:f6:ed:ce:ee:be:33:3e:dc:94:d2:25:dd:ea:
21:ba:9a:8c
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUZyPioiX9JW9riZkIL8B5Kkkh5fswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDExMDcxMDQ3MDBaFw0yNTExMDYxMDUyMDBaMDMxMTAvBgNV
BAMTKEM1QjU1NTRERDlGREY1Q0E0RDc4QjU5M0Y3QTUxMTEwMzcxMDY4RDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5BTww+t8Eyt7Rx+u8gLWepF3u
NHgs/GzCQN9M+r2/QNoDztrgn1O9jdZmB9VeSGNtSMpsqSGYtAHbkavlcb0L8A3n
d8lKfd1b2uGp58TES4XD7mmkqjfkBNPuAaE1IN62OlXQGj92mRxuXNS1nUR4Yxv8
FNT7DRvj55aOVgCbN8eNfcWZWvR5f5/BAOmzXdItZEL/LBuJMGB3o5uXY1KLtTBm
XDUOJx6xn+yCgi/r1I0sUkGcGtB+MRwJUBArEE8sQakRTHWIjh51jdfvcLbv13YH
uUbICRV7qhWSq0X13QANFwZH1iyDZRYYnBYNE3nokYiQvKJto9054zvLQWhHAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUxbVVTdn99cpNeLWT96UREDcQaNEwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzQzNjJlMzMzMzJlMzIzODJl
MzAyZjMyMzIyZDMyMzIyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIuIRww
DQYJKoZIhvcNAQELBQADggEBACLI6apBaOlAqWhZsOn5RtRkiOiuCph6i/Tmssdc
fquk0oZ+PCA17mqmjil15bhuqhtWphmU9IBscFoxtk9DrLegkQHzCMMIGU+vpzzY
/7QK4evT6L6bGLXpik6tSuYb0UGh7JHpOqyHc5UPbcVa5E9CldbSSSP0zfschdKf
wCHDvVR0UVxEW/qoPnkLuaYizQuIGTL+GxkkIuC3Uwxo1uE+4ms2H6Q1/SclPURu
bW4xDJCNm+ATEjH777nyCh/N1I8c9JPerX7u2wAEsLnOTTrwa1Mqhu4KthYbuMMZ
u9rXvr73QXYfe7rKUpfpsTTG9u3O7r4zPtyU0iXd6iG6mow=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org