Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136322e302f32342d3234203d3e20323136303437.roa
File: 34352e3134362e3136322e302f32342d3234203d3e20323136303437.roa (raw, json)
Hash identifier: WP9SD9FfmGYqx/s2fXY0A6DBDEB8xI9OzxEvxiyoPmw=
Subject key identifier: 3E:1A:EA:FA:4E:F7:DB:14:41:50:11:1B:4F:90:37:9E:1D:CA:38:9F
Certificate issuer: /CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3
Certificate serial: 23A889B0983963B9B7DD90AB406BB5DBDDBC05D6
Authority key identifier: 5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136322e302f32342d3234203d3e20323136303437.roa
Signing time: Wed 16 Oct 2024 13:43:25 +0000
ROA not before: Wed 16 Oct 2024 13:38:25 +0000
ROA not after: Wed 15 Oct 2025 13:43:25 +0000
asID: 216047
IP address blocks: 45.146.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl
rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:a8:89:b0:98:39:63:b9:b7:dd:90:ab:40:6b:b5:db:dd:bc:05:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3
Validity
Not Before: Oct 16 13:38:25 2024 GMT
Not After : Oct 15 13:43:25 2025 GMT
Subject: CN=3E1AEAFA4EF7DB144150111B4F90379E1DCA389F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:4a:63:8d:88:f2:71:a9:99:20:0c:f3:2b:95:
57:ee:99:00:1c:43:59:cb:45:89:b7:44:73:8b:28:
4f:2d:22:9a:f7:a2:6f:66:13:4c:14:a7:dd:98:7d:
17:22:41:ea:74:d7:3d:85:8f:cd:49:23:37:1c:77:
1d:bf:84:fe:38:a7:25:0a:c9:d3:f1:2c:32:7a:2c:
af:cc:b2:4f:87:74:d3:34:b6:0e:69:71:49:55:75:
18:b7:73:28:44:a6:f8:97:ed:48:81:6d:60:3f:d0:
c1:72:27:18:83:a0:b0:18:9d:09:75:93:cc:d8:1d:
3a:ca:5f:aa:0d:5e:0f:9a:c4:06:c6:e3:98:a4:bd:
78:a2:6e:eb:2e:8c:cf:dc:25:0c:ab:2f:2b:55:6d:
80:9a:07:69:61:81:37:ea:91:ac:fc:f2:96:c6:4d:
75:46:d4:45:f4:49:4b:3b:09:83:b4:7e:de:ee:c5:
72:a7:e4:81:9b:9e:28:8d:75:31:5f:41:59:4f:61:
2e:82:52:49:74:97:7c:9e:61:11:d0:4d:9e:fe:c5:
15:5b:34:f0:fb:a3:68:46:ae:5b:99:08:14:31:02:
43:bf:d5:e6:62:8e:f2:39:0d:d0:ff:db:50:12:25:
b0:3d:c6:5d:f9:2f:50:76:17:fd:88:43:8e:fd:19:
73:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:1A:EA:FA:4E:F7:DB:14:41:50:11:1B:4F:90:37:9E:1D:CA:38:9F
X509v3 Authority Key Identifier:
keyid:5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136322e302f32342d3234203d3e20323136303437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.162.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:b5:a2:8a:c4:15:2b:97:d6:8b:77:02:58:a8:11:7d:be:97:
79:3d:3f:64:1f:72:5a:6e:60:a3:ec:62:26:32:62:94:6f:aa:
a4:5d:72:80:a9:15:b7:05:40:e3:2c:bc:d8:39:c6:d3:66:e0:
22:09:94:d3:9c:bc:fd:d5:89:af:a4:4b:26:00:b5:b5:fa:99:
39:0b:19:ad:49:cc:78:7d:68:cf:10:c5:f4:ed:cd:af:89:07:
31:84:d0:f9:8f:26:d7:58:52:19:c8:01:60:6b:3c:36:44:60:
c6:7d:9d:7c:33:06:fd:c1:45:62:b9:fb:79:54:27:01:01:8d:
99:17:fc:b1:a0:08:e7:d4:3b:a4:d0:a6:f8:c4:b8:b0:0d:9c:
e2:d1:8d:ca:2b:1c:4b:bb:a9:8a:16:03:17:a9:b3:eb:61:2d:
b9:97:65:84:a9:c0:1c:06:47:19:97:c1:9b:6f:17:cc:37:10:
0e:c0:ad:79:37:3e:c4:35:55:ac:19:fe:c0:d1:b8:0d:fd:33:
9e:56:8f:30:e0:56:35:28:68:d2:ef:b9:4d:80:9e:d0:9d:a4:
b3:04:e7:f0:1c:53:51:76:b1:bd:a1:02:97:e3:64:8c:7f:fa:
0a:4b:16:92:36:60:68:0d:e5:53:6e:18:f4:b8:6a:a4:f4:4f:
40:3d:45:d0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUI6iJsJg5Y7m33ZCrQGu12928BdYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWRlZmUwOTIyZjRmNTUyNzBkY2Q1YzA4ZjA0ZjFjN2Jm
MjYwNzNjMzAeFw0yNDEwMTYxMzM4MjVaFw0yNTEwMTUxMzQzMjVaMDMxMTAvBgNV
BAMTKDNFMUFFQUZBNEVGN0RCMTQ0MTUwMTExQjRGOTAzNzlFMURDQTM4OUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfSmONiPJxqZkgDPMrlVfumQAc
Q1nLRYm3RHOLKE8tIpr3om9mE0wUp92YfRciQep01z2Fj81JIzccdx2/hP44pyUK
ydPxLDJ6LK/Msk+HdNM0tg5pcUlVdRi3cyhEpviX7UiBbWA/0MFyJxiDoLAYnQl1
k8zYHTrKX6oNXg+axAbG45ikvXiibusujM/cJQyrLytVbYCaB2lhgTfqkaz88pbG
TXVG1EX0SUs7CYO0ft7uxXKn5IGbniiNdTFfQVlPYS6CUkl0l3yeYRHQTZ7+xRVb
NPD7o2hGrluZCBQxAkO/1eZijvI5DdD/21ASJbA9xl35L1B2F/2IQ479GXNdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPhrq+k732xRBUBEbT5A3nh3KOJ8wHwYDVR0j
BBgwFoAUXe/gki9PVScNzVwI8E8ce/Jgc8MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmZlMmIyN2EtMWVjNS00YWI3LTk3OGUtNmRhOWNmOWYz
NzkwLzAvNURFRkUwOTIyRjRGNTUyNzBEQ0Q1QzA4RjA0RjFDN0JGMjYwNzNDMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hlX2draTlQVlNjTnpWd0k4RThjZV9K
Z2M4TS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmZlMmIyN2Et
MWVjNS00YWI3LTk3OGUtNmRhOWNmOWYzNzkwLzAvMzQzNTJlMzEzNDM2MmUzMTM2
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzYzMDM0Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtkqIwDQYJKoZIhvcNAQELBQADggEBAKK1oorEFSuX1ot3AlioEX2+l3k9P2Qf
clpuYKPsYiYyYpRvqqRdcoCpFbcFQOMsvNg5xtNm4CIJlNOcvP3Via+kSyYAtbX6
mTkLGa1JzHh9aM8QxfTtza+JBzGE0PmPJtdYUhnIAWBrPDZEYMZ9nXwzBv3BRWK5
+3lUJwEBjZkX/LGgCOfUO6TQpvjEuLANnOLRjcorHEu7qYoWAxeps+thLbmXZYSp
wBwGRxmXwZtvF8w3EA7ArXk3PsQ1VawZ/sDRuA39M55WjzDgVjUoaNLvuU2AntCd
pLME5/AcU1F2sb2hApfjZIx/+gpLFpI2YGgN5VNuGPS4aqT0T0A9RdA=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:08 2024 by rpki-client on console-fra.rpki-client.org