Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136312e302f32342d3234203d3e20323036353035.roa
File: 34352e3134362e3136312e302f32342d3234203d3e20323036353035.roa (raw, json)
Hash identifier: Nc7tsx7vU+1DkdoYVDlfKHk02O+XCYA4rPoZnZvkrYc=
Subject key identifier: CB:50:46:A1:A7:51:13:86:4C:1A:F9:0D:14:40:DD:FD:CA:82:DA:5C
Certificate issuer: /CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3
Certificate serial: 6A8DFF06E243EECEA6E015C5B252C7F992E14EC5
Authority key identifier: 5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136312e302f32342d3234203d3e20323036353035.roa
Signing time: Fri 29 Sep 2023 14:00:12 +0000
ROA not before: Fri 29 Sep 2023 13:55:12 +0000
ROA not after: Fri 27 Sep 2024 14:00:12 +0000
asID: 206505
IP address blocks: 45.146.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl
rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 15 May 2024 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:8d:ff:06:e2:43:ee:ce:a6:e0:15:c5:b2:52:c7:f9:92:e1:4e:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3
Validity
Not Before: Sep 29 13:55:12 2023 GMT
Not After : Sep 27 14:00:12 2024 GMT
Subject: CN=CB5046A1A75113864C1AF90D1440DDFDCA82DA5C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:65:6d:87:71:11:b4:03:a8:2d:36:e6:16:b5:
7b:d5:15:50:e7:fb:af:d9:68:f7:e0:fe:d8:c4:36:
ca:0d:f6:f4:17:a9:04:1e:d5:71:c4:bb:b5:91:4b:
73:63:7e:de:30:71:ac:50:36:c8:bd:df:81:96:63:
ae:39:da:6b:6e:c4:e0:50:b0:1c:27:0a:c7:1f:ee:
09:41:05:22:31:ef:c2:3d:8a:a7:97:ba:96:72:38:
00:5a:1f:b5:60:9d:99:cc:9b:7f:92:cf:bd:55:3b:
ae:c6:04:8f:16:1d:2e:ae:71:df:4f:6f:cd:00:6f:
73:50:af:15:73:01:d5:56:9e:4b:9c:df:6f:31:0a:
b6:2d:46:9b:59:46:e4:25:a3:63:2b:e8:f7:22:80:
f5:4f:18:ad:77:37:12:ab:e3:b5:ae:16:02:88:2d:
ce:ec:80:09:d0:54:ef:de:26:a1:61:00:a7:ab:1a:
23:0c:97:48:87:a0:e2:12:ee:d3:02:aa:dd:c8:c6:
c1:af:88:c3:ac:d9:68:c0:29:05:1f:84:c6:5a:2d:
35:18:fc:39:09:ca:87:2d:8a:49:6b:d2:05:0e:5f:
df:58:75:17:2a:fd:7e:0a:90:0e:4c:5a:a4:02:ee:
17:30:f2:84:81:c1:e1:8d:1a:e1:ea:5c:26:17:ed:
ba:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:50:46:A1:A7:51:13:86:4C:1A:F9:0D:14:40:DD:FD:CA:82:DA:5C
X509v3 Authority Key Identifier:
keyid:5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136312e302f32342d3234203d3e20323036353035.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.161.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:8c:e5:44:3c:8e:ed:92:b4:f6:cc:cd:b2:6c:f2:bb:87:dd:
55:30:b5:6f:18:a1:f8:e3:03:a2:d2:c5:0c:e6:53:ac:16:a9:
a3:4f:e1:62:e9:aa:1d:83:7a:b9:6d:2b:03:ec:5e:62:c5:0a:
a5:93:54:87:d5:fd:30:84:0a:c9:f6:77:73:41:3c:7e:65:b7:
71:dc:23:13:e4:47:15:d7:c8:21:9a:cf:3f:31:8b:e4:12:f0:
06:b9:ac:56:bb:74:03:f2:a0:bd:92:3b:7e:cb:ad:d9:de:1a:
21:ea:4d:67:07:e7:95:a7:2d:b6:9b:4a:c4:57:84:26:e5:f9:
25:8d:d0:25:f6:f4:6e:00:8e:da:e9:a5:4d:c6:ba:da:5f:df:
10:49:b3:0d:04:9f:b0:36:13:b3:e2:6b:e5:7e:63:89:17:c4:
8a:31:7a:2e:83:7e:fa:6c:c2:8a:e5:33:73:a4:b8:c4:22:97:
2e:54:5e:8a:2d:1f:e9:5d:32:f0:46:58:ff:f2:d7:9f:3c:7e:
82:39:16:6d:83:7a:65:91:38:06:1e:ce:61:29:00:41:34:fb:
62:0f:25:e5:25:f4:e2:fc:ab:6a:57:34:5a:86:89:85:5e:0b:
8f:9a:94:02:89:96:43:74:44:58:94:bf:65:d2:32:12:7e:df:
f1:10:b6:b3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUao3/BuJD7s6m4BXFslLH+ZLhTsUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWRlZmUwOTIyZjRmNTUyNzBkY2Q1YzA4ZjA0ZjFjN2Jm
MjYwNzNjMzAeFw0yMzA5MjkxMzU1MTJaFw0yNDA5MjcxNDAwMTJaMDMxMTAvBgNV
BAMTKENCNTA0NkExQTc1MTEzODY0QzFBRjkwRDE0NDBEREZEQ0E4MkRBNUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcZW2HcRG0A6gtNuYWtXvVFVDn
+6/ZaPfg/tjENsoN9vQXqQQe1XHEu7WRS3Njft4wcaxQNsi934GWY6452mtuxOBQ
sBwnCscf7glBBSIx78I9iqeXupZyOABaH7VgnZnMm3+Sz71VO67GBI8WHS6ucd9P
b80Ab3NQrxVzAdVWnkuc328xCrYtRptZRuQlo2Mr6PcigPVPGK13NxKr47WuFgKI
Lc7sgAnQVO/eJqFhAKerGiMMl0iHoOIS7tMCqt3IxsGviMOs2WjAKQUfhMZaLTUY
/DkJyoctiklr0gUOX99YdRcq/X4KkA5MWqQC7hcw8oSBweGNGuHqXCYX7brRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUy1BGoadRE4ZMGvkNFEDd/cqC2lwwHwYDVR0j
BBgwFoAUXe/gki9PVScNzVwI8E8ce/Jgc8MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmZlMmIyN2EtMWVjNS00YWI3LTk3OGUtNmRhOWNmOWYz
NzkwLzAvNURFRkUwOTIyRjRGNTUyNzBEQ0Q1QzA4RjA0RjFDN0JGMjYwNzNDMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hlX2draTlQVlNjTnpWd0k4RThjZV9K
Z2M4TS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmZlMmIyN2Et
MWVjNS00YWI3LTk3OGUtNmRhOWNmOWYzNzkwLzAvMzQzNTJlMzEzNDM2MmUzMTM2
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzNTMwMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtkqEwDQYJKoZIhvcNAQELBQADggEBAGqM5UQ8ju2StPbMzbJs8ruH3VUwtW8Y
ofjjA6LSxQzmU6wWqaNP4WLpqh2DerltKwPsXmLFCqWTVIfV/TCECsn2d3NBPH5l
t3HcIxPkRxXXyCGazz8xi+QS8Aa5rFa7dAPyoL2SO37LrdneGiHqTWcH55WnLbab
SsRXhCbl+SWN0CX29G4AjtrppU3Gutpf3xBJsw0En7A2E7Pia+V+Y4kXxIoxei6D
fvpsworlM3OkuMQily5UXootH+ldMvBGWP/y1588foI5Fm2DemWROAYezmEpAEE0
+2IPJeUl9OL8q2pXNFqGiYVeC4+alAKJlkN0RFiUv2XSMhJ+3/EQtrM=
-----END CERTIFICATE-----
Generated at Wed May 15 05:28:58 2024 by rpki-client on console-ams.rpki-client.org