Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136332e302f32342d3234203d3e20323136313833.roa
File: 34352e3134362e3136332e302f32342d3234203d3e20323136313833.roa (raw, json)
Hash identifier: VqRU0PsdkYcQlfLEqZmAkEPw8yvo7sqFgCP45AzG5Gs=
Subject key identifier: C3:E1:E6:04:08:55:C7:0B:C6:16:82:3F:7F:FA:66:83:23:1A:8A:7D
Certificate issuer: /CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3
Certificate serial: 328CB7D863C0DA2D23F77FEEE3AB53726FC0841E
Authority key identifier: 5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136332e302f32342d3234203d3e20323136313833.roa
Signing time: Mon 14 Oct 2024 08:43:25 +0000
ROA not before: Mon 14 Oct 2024 08:38:25 +0000
ROA not after: Mon 13 Oct 2025 08:43:25 +0000
asID: 216183
IP address blocks: 45.146.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl
rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:8c:b7:d8:63:c0:da:2d:23:f7:7f:ee:e3:ab:53:72:6f:c0:84:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3
Validity
Not Before: Oct 14 08:38:25 2024 GMT
Not After : Oct 13 08:43:25 2025 GMT
Subject: CN=C3E1E6040855C70BC616823F7FFA6683231A8A7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e4:02:76:a2:9b:c2:fc:45:da:09:93:14:25:
3a:0d:ec:ab:c7:0b:7f:67:f4:55:d5:2d:a5:a7:7b:
ad:2b:67:4a:33:21:e0:8c:68:a7:6e:65:6f:ae:9c:
97:2a:f7:e3:b2:02:3e:7e:f2:54:11:29:00:fd:be:
99:7a:07:69:15:99:3a:53:01:ae:b4:a9:51:71:07:
6f:40:f6:9e:fb:4e:b4:6b:b6:70:5c:f5:ef:fb:7c:
96:de:b5:d9:5c:ef:20:d7:5e:ad:17:7b:35:4e:ec:
ec:f6:d8:3c:39:8b:37:52:7a:97:95:aa:57:9c:03:
88:a6:da:ef:6e:ff:1e:e0:e5:2a:d6:71:d6:07:96:
3a:c8:f8:26:27:5e:86:1a:40:4b:e8:ac:a0:4d:cd:
26:2f:0b:83:9b:65:48:59:7c:55:aa:36:bc:ae:d5:
27:3d:ea:88:14:4b:4f:c3:fd:0f:99:68:5b:60:df:
60:69:f0:2b:b4:42:dd:4e:82:83:9f:15:42:08:c7:
bd:fa:bc:f7:a0:41:a2:b6:de:f4:c0:5a:f0:b9:4d:
cf:9a:df:99:69:2f:60:26:3c:79:bd:a1:2a:15:3c:
d4:ae:6b:19:53:5d:27:18:e0:d6:8b:ed:0d:e3:23:
c2:81:8e:ac:bd:c7:41:fd:5e:6e:18:3d:0e:0f:6e:
0b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:E1:E6:04:08:55:C7:0B:C6:16:82:3F:7F:FA:66:83:23:1A:8A:7D
X509v3 Authority Key Identifier:
keyid:5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136332e302f32342d3234203d3e20323136313833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.163.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:54:98:91:49:c7:1f:ca:9a:24:fa:49:fe:41:18:13:40:9d:
9f:6c:b5:c4:ca:d5:f1:20:88:e1:89:80:2a:b8:57:c1:5a:3b:
bf:b8:64:cc:18:31:a1:9d:91:28:1b:1a:28:58:96:f4:ad:64:
68:f1:07:c3:08:0e:ab:ab:4d:9d:24:f2:26:02:7f:b3:08:a2:
bc:19:bd:a5:b1:ef:57:13:35:a6:b0:f5:15:12:2c:86:40:d3:
ff:b1:d6:eb:ef:28:f4:87:07:5b:26:00:ea:bf:a0:5d:54:09:
0e:20:f8:60:79:6f:32:e1:e7:86:79:36:0e:1b:d1:4f:f9:22:
3b:ed:3a:97:2d:dc:9a:4d:e4:7d:14:1b:9f:db:76:31:0a:c3:
0f:d6:14:46:20:0e:c6:b5:ea:7e:91:71:5b:a6:44:ad:07:7d:
36:97:c1:4d:8e:68:74:e5:7d:a5:3f:c2:1f:7a:9c:a4:a5:b2:
27:7a:01:6a:65:96:f9:0c:68:63:97:6b:11:09:cd:56:bb:c6:
01:28:97:6a:d8:c5:ce:d2:70:0e:14:44:62:fd:09:83:08:0f:
91:82:15:c5:5c:1c:ef:2d:38:0d:11:55:78:e8:c1:4b:a9:1e:
87:d3:8f:f4:13:92:a4:39:8e:04:58:12:fa:38:b9:25:07:67:
21:9a:e4:0b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMoy32GPA2i0j93/u46tTcm/AhB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWRlZmUwOTIyZjRmNTUyNzBkY2Q1YzA4ZjA0ZjFjN2Jm
MjYwNzNjMzAeFw0yNDEwMTQwODM4MjVaFw0yNTEwMTMwODQzMjVaMDMxMTAvBgNV
BAMTKEMzRTFFNjA0MDg1NUM3MEJDNjE2ODIzRjdGRkE2NjgzMjMxQThBN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+5AJ2opvC/EXaCZMUJToN7KvH
C39n9FXVLaWne60rZ0ozIeCMaKduZW+unJcq9+OyAj5+8lQRKQD9vpl6B2kVmTpT
Aa60qVFxB29A9p77TrRrtnBc9e/7fJbetdlc7yDXXq0XezVO7Oz22Dw5izdSepeV
qlecA4im2u9u/x7g5SrWcdYHljrI+CYnXoYaQEvorKBNzSYvC4ObZUhZfFWqNryu
1Sc96ogUS0/D/Q+ZaFtg32Bp8Cu0Qt1OgoOfFUIIx736vPegQaK23vTAWvC5Tc+a
35lpL2AmPHm9oSoVPNSuaxlTXScY4NaL7Q3jI8KBjqy9x0H9Xm4YPQ4PbgsnAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUw+HmBAhVxwvGFoI/f/pmgyMain0wHwYDVR0j
BBgwFoAUXe/gki9PVScNzVwI8E8ce/Jgc8MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmZlMmIyN2EtMWVjNS00YWI3LTk3OGUtNmRhOWNmOWYz
NzkwLzAvNURFRkUwOTIyRjRGNTUyNzBEQ0Q1QzA4RjA0RjFDN0JGMjYwNzNDMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hlX2draTlQVlNjTnpWd0k4RThjZV9K
Z2M4TS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmZlMmIyN2Et
MWVjNS00YWI3LTk3OGUtNmRhOWNmOWYzNzkwLzAvMzQzNTJlMzEzNDM2MmUzMTM2
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzYzMTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtkqMwDQYJKoZIhvcNAQELBQADggEBAE5UmJFJxx/KmiT6Sf5BGBNAnZ9stcTK
1fEgiOGJgCq4V8FaO7+4ZMwYMaGdkSgbGihYlvStZGjxB8MIDqurTZ0k8iYCf7MI
orwZvaWx71cTNaaw9RUSLIZA0/+x1uvvKPSHB1smAOq/oF1UCQ4g+GB5bzLh54Z5
Ng4b0U/5IjvtOpct3JpN5H0UG5/bdjEKww/WFEYgDsa16n6RcVumRK0HfTaXwU2O
aHTlfaU/wh96nKSlsid6AWpllvkMaGOXaxEJzVa7xgEol2rYxc7ScA4URGL9CYMI
D5GCFcVcHO8tOA0RVXjowUupHofTj/QTkqQ5jgRYEvo4uSUHZyGa5As=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:15 2024 by rpki-client on console-ams.rpki-client.org