Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136322e302f32332d3234203d3e20383334.roa
File: 34352e3134362e3136322e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: jFkuvj+QhwiH0BMCs6Y/dlV+JGVxCpM6e5therYvnow=
Subject key identifier: A1:2B:3E:BC:A6:5A:9A:F0:E8:D4:DA:49:24:71:90:AE:70:9D:ED:9D
Certificate issuer: /CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3
Certificate serial: 50F02EBB98DBFC64FB4AD3124F52287938E1BABF
Authority key identifier: 5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136322e302f32332d3234203d3e20383334.roa
Signing time: Sat 11 Nov 2023 00:00:08 +0000
ROA not before: Fri 10 Nov 2023 23:55:08 +0000
ROA not after: Sat 09 Nov 2024 00:00:08 +0000
asID: 834
IP address blocks: 45.146.162.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl
rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:f0:2e:bb:98:db:fc:64:fb:4a:d3:12:4f:52:28:79:38:e1:ba:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3
Validity
Not Before: Nov 10 23:55:08 2023 GMT
Not After : Nov 9 00:00:08 2024 GMT
Subject: CN=A12B3EBCA65A9AF0E8D4DA49247190AE709DED9D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:48:45:c9:f0:e7:f8:13:5e:78:1f:88:09:7d:
ba:65:69:3f:30:68:8d:86:9d:91:12:a2:1f:db:08:
ed:21:3f:00:98:d9:ea:04:62:13:a2:e3:0a:19:97:
61:24:87:39:12:57:4d:f5:f9:73:d5:c1:38:26:be:
30:69:81:cd:d7:dd:f2:ca:23:1a:e7:fb:a4:bd:77:
12:fd:74:eb:64:4d:33:6c:1c:5e:b9:5e:a1:1e:5c:
dc:ba:49:13:44:d8:dd:c4:ca:dc:0b:2a:2e:46:e4:
50:d1:8a:31:71:db:0e:29:6d:1b:a0:bd:08:cd:27:
69:f0:3f:7d:d4:52:7a:99:3a:f7:4f:c1:4a:ab:f3:
ea:c7:8c:09:6e:33:40:09:b9:b1:60:38:1c:be:e9:
08:06:75:0d:88:c3:f7:aa:b0:b8:b7:8b:ee:3a:18:
5a:d5:18:eb:4f:b9:1c:36:56:36:8b:7e:66:ea:5e:
85:15:06:89:71:b5:83:62:d3:97:c5:36:af:36:02:
f1:94:a4:05:fa:99:4b:e4:43:f8:0f:87:a2:54:72:
8b:ef:6d:60:71:83:e3:74:15:db:06:f5:10:bc:b4:
f9:e6:42:6a:c1:09:a2:a1:d8:48:a5:30:53:92:4b:
54:c5:29:06:ed:75:ea:06:4e:90:6f:2f:88:89:b8:
ac:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:2B:3E:BC:A6:5A:9A:F0:E8:D4:DA:49:24:71:90:AE:70:9D:ED:9D
X509v3 Authority Key Identifier:
keyid:5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136322e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.162.0/23
Signature Algorithm: sha256WithRSAEncryption
97:ac:9b:19:46:58:6a:89:ec:78:97:69:46:64:74:7c:ac:5d:
da:5c:a4:1e:19:af:6f:d6:0b:01:49:e4:51:e9:a5:88:80:75:
d6:6d:3e:d8:48:21:19:bf:4f:bd:08:f6:7b:8a:76:46:73:5c:
03:92:07:2f:ff:5b:8f:53:a0:43:53:6c:80:7e:3a:70:90:d4:
4a:c5:32:b8:3a:31:1c:97:7a:4a:3b:b0:fc:3b:7f:a1:ea:79:
a7:3a:b0:1f:7e:a4:61:16:67:5c:22:8a:c3:ef:f2:95:e9:06:
53:64:a9:fd:9b:63:50:6b:44:0f:ab:95:82:12:0d:9b:b9:23:
be:55:8d:07:a0:ef:34:7d:f5:42:63:00:a2:36:88:bd:d3:c5:
54:32:89:f3:1c:3b:59:f8:f1:b9:07:af:57:cb:18:9f:3b:bd:
94:86:3e:10:03:aa:ff:1e:84:87:ba:de:51:da:db:e4:9e:ed:
0b:39:e8:2b:a9:97:61:f1:65:bd:78:ea:ab:d4:85:be:71:85:
ed:9d:59:5d:24:b3:ac:ef:08:8c:0b:2d:08:f2:0d:3f:ac:bb:
14:d1:03:1f:13:f9:1a:23:19:ea:55:b6:6e:19:76:0d:35:e0:
14:34:a6:7f:91:1d:63:1e:56:b0:9d:77:4d:37:dd:8b:e9:27:
69:35:18:bf
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUUPAuu5jb/GT7StMST1IoeTjhur8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWRlZmUwOTIyZjRmNTUyNzBkY2Q1YzA4ZjA0ZjFjN2Jm
MjYwNzNjMzAeFw0yMzExMTAyMzU1MDhaFw0yNDExMDkwMDAwMDhaMDMxMTAvBgNV
BAMTKEExMkIzRUJDQTY1QTlBRjBFOEQ0REE0OTI0NzE5MEFFNzA5REVEOUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDSEXJ8Of4E154H4gJfbplaT8w
aI2GnZESoh/bCO0hPwCY2eoEYhOi4woZl2EkhzkSV031+XPVwTgmvjBpgc3X3fLK
Ixrn+6S9dxL9dOtkTTNsHF65XqEeXNy6SRNE2N3EytwLKi5G5FDRijFx2w4pbRug
vQjNJ2nwP33UUnqZOvdPwUqr8+rHjAluM0AJubFgOBy+6QgGdQ2Iw/eqsLi3i+46
GFrVGOtPuRw2VjaLfmbqXoUVBolxtYNi05fFNq82AvGUpAX6mUvkQ/gPh6JUcovv
bWBxg+N0FdsG9RC8tPnmQmrBCaKh2EilMFOSS1TFKQbtdeoGTpBvL4iJuKxfAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUoSs+vKZamvDo1NpJJHGQrnCd7Z0wHwYDVR0j
BBgwFoAUXe/gki9PVScNzVwI8E8ce/Jgc8MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmZlMmIyN2EtMWVjNS00YWI3LTk3OGUtNmRhOWNmOWYz
NzkwLzAvNURFRkUwOTIyRjRGNTUyNzBEQ0Q1QzA4RjA0RjFDN0JGMjYwNzNDMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hlX2draTlQVlNjTnpWd0k4RThjZV9K
Z2M4TS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmZlMmIyN2Et
MWVjNS00YWI3LTk3OGUtNmRhOWNmOWYzNzkwLzAvMzQzNTJlMzEzNDM2MmUzMTM2
MzIyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEtkqIw
DQYJKoZIhvcNAQELBQADggEBAJesmxlGWGqJ7HiXaUZkdHysXdpcpB4Zr2/WCwFJ
5FHppYiAddZtPthIIRm/T70I9nuKdkZzXAOSBy//W49ToENTbIB+OnCQ1ErFMrg6
MRyXeko7sPw7f6Hqeac6sB9+pGEWZ1wiisPv8pXpBlNkqf2bY1BrRA+rlYISDZu5
I75VjQeg7zR99UJjAKI2iL3TxVQyifMcO1n48bkHr1fLGJ87vZSGPhADqv8ehIe6
3lHa2+Se7Qs56Cupl2HxZb146qvUhb5xhe2dWV0ks6zvCIwLLQjyDT+suxTRAx8T
+RojGepVtm4Zdg014BQ0pn+RHWMeVrCdd0033YvpJ2k1GL8=
-----END CERTIFICATE-----
Generated at Wed May 1 22:10:30 2024 by rpki-client on console-ams.rpki-client.org