Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/34352e3135362e3131362e302f32342d3234203d3e203539343332.roa
File: 34352e3135362e3131362e302f32342d3234203d3e203539343332.roa (raw, json)
Hash identifier: flG5Gi4HAtlY0tuyfV000d8OV0ZMBunvQsMJ5ma+UM4=
Subject key identifier: 99:3A:D4:C0:A1:21:D6:F4:9E:14:23:50:32:40:C0:0F:B9:BD:D9:E0
Certificate issuer: /CN=06da19f4285eb04d0310733f4ac00107b73337ad
Certificate serial: 61FC74E3E3A82864C8ECD1052806DF51BE43659D
Authority key identifier: 06:DA:19:F4:28:5E:B0:4D:03:10:73:3F:4A:C0:01:07:B7:33:37:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BtoZ9ChesE0DEHM_SsABB7czN60.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/34352e3135362e3131362e302f32342d3234203d3e203539343332.roa
Signing time: Mon 05 Feb 2024 07:05:12 +0000
ROA not before: Mon 05 Feb 2024 07:00:12 +0000
ROA not after: Mon 03 Feb 2025 07:05:12 +0000
asID: 59432
IP address blocks: 45.156.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/06DA19F4285EB04D0310733F4AC00107B73337AD.crl
rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/06DA19F4285EB04D0310733F4AC00107B73337AD.mft
rsync://rpki.ripe.net/repository/DEFAULT/BtoZ9ChesE0DEHM_SsABB7czN60.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:fc:74:e3:e3:a8:28:64:c8:ec:d1:05:28:06:df:51:be:43:65:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06da19f4285eb04d0310733f4ac00107b73337ad
Validity
Not Before: Feb 5 07:00:12 2024 GMT
Not After : Feb 3 07:05:12 2025 GMT
Subject: CN=993AD4C0A121D6F49E1423503240C00FB9BDD9E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6b:ff:51:13:47:29:64:95:c1:b4:78:8c:30:
e3:93:90:1c:ad:9f:f4:f1:01:90:d6:02:fc:73:3e:
f4:40:c4:45:db:6f:9d:8c:78:8b:07:d4:b1:49:e7:
c1:59:29:52:c3:55:cd:51:1e:5b:82:73:6e:82:40:
54:39:8f:88:f1:83:60:ee:b9:12:91:18:97:27:40:
be:3b:47:70:da:5e:df:63:9d:51:38:9c:98:f6:0c:
a8:b2:9c:fd:3b:5a:92:c9:c3:9e:13:97:40:fc:1a:
8d:21:4c:19:c9:83:3c:26:63:9e:4b:f2:de:4d:82:
30:ab:22:c5:21:9a:f1:76:42:30:70:33:9b:f1:48:
b7:99:35:e1:d8:89:2f:83:7c:36:0e:24:e9:c0:db:
c2:1c:4d:df:59:84:9f:ff:17:de:3d:16:75:96:4d:
aa:1f:18:33:b0:39:f9:a6:cb:07:cc:af:6d:74:1e:
06:db:1b:bd:da:25:c0:50:09:0d:96:6a:20:17:da:
8b:bc:85:55:05:74:58:a8:f4:54:e8:0e:52:5b:4c:
a1:df:d8:37:00:47:2d:35:31:f7:4b:df:1d:b1:df:
1d:3f:29:d2:3e:5e:46:37:7e:da:93:a2:c0:b3:75:
8e:d9:47:3a:f4:d3:eb:9a:a6:4b:ee:d3:a7:ae:02:
a3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:3A:D4:C0:A1:21:D6:F4:9E:14:23:50:32:40:C0:0F:B9:BD:D9:E0
X509v3 Authority Key Identifier:
keyid:06:DA:19:F4:28:5E:B0:4D:03:10:73:3F:4A:C0:01:07:B7:33:37:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/06DA19F4285EB04D0310733F4AC00107B73337AD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BtoZ9ChesE0DEHM_SsABB7czN60.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/34352e3135362e3131362e302f32342d3234203d3e203539343332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.116.0/24
Signature Algorithm: sha256WithRSAEncryption
11:34:9e:1d:f3:30:74:ae:ae:bc:22:1f:59:56:40:8b:60:bd:
a7:e7:f8:5b:fd:b3:c5:df:ee:4a:03:f1:b4:28:1b:01:37:60:
f6:d0:45:4c:73:e5:b3:82:52:c2:3f:65:f8:39:89:18:83:9e:
8a:37:75:d0:a0:75:49:ab:0a:3d:ee:83:22:54:5f:19:a7:53:
94:0a:96:b9:28:29:57:2a:e3:4b:6c:27:0b:1f:c5:20:41:24:
b4:1c:9e:5e:15:8a:3c:ba:80:c1:6e:19:f2:d7:71:5e:d0:08:
e7:1a:77:82:b8:cc:84:a8:78:d5:5a:dd:78:c4:a3:1a:cd:c0:
67:cf:b4:1b:6d:52:76:88:19:a7:20:a5:c2:fb:2f:59:fb:e3:
51:5d:82:27:0c:5b:43:69:de:22:4f:34:04:2d:27:4b:cd:34:
5e:9d:e7:3e:15:8e:71:88:84:0e:36:6d:45:10:97:51:5b:08:
7a:35:b4:ba:21:6f:5c:1c:19:3d:5f:df:c9:9e:d9:b3:a9:97:
18:8f:bb:ee:8e:eb:06:f3:b5:42:ce:74:d6:6b:42:ab:39:7f:
bb:c2:28:d2:21:86:9c:21:94:8d:b3:e4:c0:75:4b:9d:a8:2e:
23:c4:6b:30:84:f3:8d:03:ac:53:d7:0d:d6:92:98:6d:df:23:
9c:e3:22:36
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYfx04+OoKGTI7NEFKAbfUb5DZZ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDZkYTE5ZjQyODVlYjA0ZDAzMTA3MzNmNGFjMDAxMDdi
NzMzMzdhZDAeFw0yNDAyMDUwNzAwMTJaFw0yNTAyMDMwNzA1MTJaMDMxMTAvBgNV
BAMTKDk5M0FENEMwQTEyMUQ2RjQ5RTE0MjM1MDMyNDBDMDBGQjlCREQ5RTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDca/9RE0cpZJXBtHiMMOOTkByt
n/TxAZDWAvxzPvRAxEXbb52MeIsH1LFJ58FZKVLDVc1RHluCc26CQFQ5j4jxg2Du
uRKRGJcnQL47R3DaXt9jnVE4nJj2DKiynP07WpLJw54Tl0D8Go0hTBnJgzwmY55L
8t5NgjCrIsUhmvF2QjBwM5vxSLeZNeHYiS+DfDYOJOnA28IcTd9ZhJ//F949FnWW
TaofGDOwOfmmywfMr210HgbbG73aJcBQCQ2WaiAX2ou8hVUFdFio9FToDlJbTKHf
2DcARy01MfdL3x2x3x0/KdI+XkY3ftqTosCzdY7ZRzr00+uapkvu06euAqNbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUmTrUwKEh1vSeFCNQMkDAD7m92eAwHwYDVR0j
BBgwFoAUBtoZ9ChesE0DEHM/SsABB7czN60wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzcwYmU2Y2QtMjVkMi00ZjhiLTg4YTQtYjUxMDlmNDk0
NjJkLzEvMDZEQTE5RjQyODVFQjA0RDAzMTA3MzNGNEFDMDAxMDdCNzMzMzdBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0J0b1o5Q2hlc0UwREVITV9Tc0FCQjdj
ek42MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzcwYmU2Y2Qt
MjVkMi00ZjhiLTg4YTQtYjUxMDlmNDk0NjJkLzEvMzQzNTJlMzEzNTM2MmUzMTMx
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM5MzQzMzMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZx0MA0GCSqGSIb3DQEBCwUAA4IBAQARNJ4d8zB0rq68Ih9ZVkCLYL2n5/hb/bPF
3+5KA/G0KBsBN2D20EVMc+WzglLCP2X4OYkYg56KN3XQoHVJqwo97oMiVF8Zp1OU
Cpa5KClXKuNLbCcLH8UgQSS0HJ5eFYo8uoDBbhny13Fe0AjnGneCuMyEqHjVWt14
xKMazcBnz7QbbVJ2iBmnIKXC+y9Z++NRXYInDFtDad4iTzQELSdLzTRenec+FY5x
iIQONm1FEJdRWwh6NbS6IW9cHBk9X9/JntmzqZcYj7vujusG87VCznTWa0KrOX+7
wijSIYacIZSNs+TAdUudqC4jxGswhPONA6xT1w3Wkpht3yOc4yI2
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:14:19 2024 by rpki-client on console-ams.rpki-client.org