Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/34352e3135362e3131372e302f32342d3234203d3e203230343733.roa
File: 34352e3135362e3131372e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: 6uiO9BhPXW1btCyfrLWy6dvgNYYI8VhuUyOd4FVCfv0=
Subject key identifier: 71:92:FD:51:EA:03:F6:35:D4:8E:CF:65:17:DE:46:AC:ED:47:AA:09
Certificate issuer: /CN=06da19f4285eb04d0310733f4ac00107b73337ad
Certificate serial: 7864A0D4446FD68311945A061A2F1493F949962E
Authority key identifier: 06:DA:19:F4:28:5E:B0:4D:03:10:73:3F:4A:C0:01:07:B7:33:37:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BtoZ9ChesE0DEHM_SsABB7czN60.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/34352e3135362e3131372e302f32342d3234203d3e203230343733.roa
Signing time: Wed 09 Oct 2024 11:20:29 +0000
ROA not before: Wed 09 Oct 2024 11:15:29 +0000
ROA not after: Wed 08 Oct 2025 11:20:29 +0000
asID: 20473
IP address blocks: 45.156.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/06DA19F4285EB04D0310733F4AC00107B73337AD.crl
rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/06DA19F4285EB04D0310733F4AC00107B73337AD.mft
rsync://rpki.ripe.net/repository/DEFAULT/BtoZ9ChesE0DEHM_SsABB7czN60.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:64:a0:d4:44:6f:d6:83:11:94:5a:06:1a:2f:14:93:f9:49:96:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06da19f4285eb04d0310733f4ac00107b73337ad
Validity
Not Before: Oct 9 11:15:29 2024 GMT
Not After : Oct 8 11:20:29 2025 GMT
Subject: CN=7192FD51EA03F635D48ECF6517DE46ACED47AA09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fa:8d:41:8e:3d:1c:83:00:a7:91:20:83:ba:
78:85:8b:55:5a:7c:33:a7:08:5d:02:5d:fa:9a:0e:
5d:e2:c9:00:1a:d6:be:58:5e:0a:78:45:aa:89:e8:
93:af:d3:00:9a:5d:9a:e0:2b:53:14:f4:4c:f7:b7:
8f:01:f7:ca:5c:f1:81:63:b8:7c:b0:6c:cd:9b:30:
46:fd:e2:09:cf:a1:a9:e5:57:bc:fd:ea:41:15:3a:
80:f6:f4:ae:8c:a8:ba:69:66:6c:6b:2d:6a:ca:03:
31:95:7f:67:7d:37:b3:b7:e7:5d:85:f3:26:e7:9f:
5b:01:21:04:f3:25:7b:0c:e8:fc:d2:6a:9d:4e:bc:
0a:7e:41:9a:fd:c2:07:61:5f:5d:46:b3:c7:3c:e2:
a4:66:3c:29:6b:3e:fb:c7:42:fd:18:42:67:18:67:
cf:cc:43:db:d4:3d:df:db:65:df:65:0c:9c:f6:13:
34:18:8f:e1:06:57:5e:db:3b:cc:3a:c1:4e:96:a7:
61:45:ad:9d:f8:34:8e:fa:7e:98:5a:ac:e1:95:31:
4d:5a:62:c0:97:82:d1:b3:93:e7:50:4a:ce:71:7a:
06:02:b3:ee:d9:26:b4:cb:b7:21:38:fc:67:af:96:
c4:d8:de:fb:f5:e6:68:b7:4e:4f:2b:aa:be:07:54:
b8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:92:FD:51:EA:03:F6:35:D4:8E:CF:65:17:DE:46:AC:ED:47:AA:09
X509v3 Authority Key Identifier:
keyid:06:DA:19:F4:28:5E:B0:4D:03:10:73:3F:4A:C0:01:07:B7:33:37:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/06DA19F4285EB04D0310733F4AC00107B73337AD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BtoZ9ChesE0DEHM_SsABB7czN60.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/34352e3135362e3131372e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.117.0/24
Signature Algorithm: sha256WithRSAEncryption
04:64:1f:df:ab:76:da:c2:4d:ff:62:2c:93:b9:dd:83:a9:f7:
ce:1d:02:30:02:32:dc:7e:25:81:fe:c3:cc:e2:cc:3a:be:3a:
85:63:3c:7d:6d:03:05:53:3e:dd:88:db:ef:29:33:18:6d:58:
d9:6a:31:4e:62:49:bb:13:e6:b8:56:1b:82:9a:4f:72:cf:20:
57:c5:ee:f2:23:59:c5:9a:f1:19:54:02:55:6a:85:07:7f:ac:
be:29:de:25:5b:3e:ef:3a:5b:e5:d4:0e:46:cd:87:d7:e5:3a:
6a:37:87:5a:b0:0d:62:59:d0:74:1a:a4:c6:ba:83:e7:20:29:
40:3d:3b:47:73:2f:f9:d7:6c:86:dc:9e:45:56:8d:ad:36:c6:
c3:35:fc:9a:e0:b1:c0:f7:fa:0a:9a:dd:27:6c:06:87:d3:d7:
c6:a1:00:81:7a:bb:4b:44:4a:33:fd:a6:d6:69:08:49:42:9f:
26:0c:7a:e2:d9:94:91:06:c1:29:2b:97:0b:f1:8d:32:6a:ca:
41:73:c5:8f:2a:77:66:71:5f:07:c0:3d:00:fd:df:97:c8:41:
10:11:2f:97:5a:ba:82:0a:83:2b:9c:98:24:aa:70:6f:62:f2:
b6:59:60:df:f4:d4:9e:ba:1e:f1:c5:52:8c:e8:e8:1f:a3:a2:
9c:19:d4:30
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUeGSg1ERv1oMRlFoGGi8Uk/lJli4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDZkYTE5ZjQyODVlYjA0ZDAzMTA3MzNmNGFjMDAxMDdi
NzMzMzdhZDAeFw0yNDEwMDkxMTE1MjlaFw0yNTEwMDgxMTIwMjlaMDMxMTAvBgNV
BAMTKDcxOTJGRDUxRUEwM0Y2MzVENDhFQ0Y2NTE3REU0NkFDRUQ0N0FBMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk+o1Bjj0cgwCnkSCDuniFi1Va
fDOnCF0CXfqaDl3iyQAa1r5YXgp4RaqJ6JOv0wCaXZrgK1MU9Ez3t48B98pc8YFj
uHywbM2bMEb94gnPoanlV7z96kEVOoD29K6MqLppZmxrLWrKAzGVf2d9N7O3512F
8ybnn1sBIQTzJXsM6PzSap1OvAp+QZr9wgdhX11Gs8c84qRmPClrPvvHQv0YQmcY
Z8/MQ9vUPd/bZd9lDJz2EzQYj+EGV17bO8w6wU6Wp2FFrZ34NI76fpharOGVMU1a
YsCXgtGzk+dQSs5xegYCs+7ZJrTLtyE4/GevlsTY3vv15mi3Tk8rqr4HVLjPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUcZL9UeoD9jXUjs9lF95GrO1HqgkwHwYDVR0j
BBgwFoAUBtoZ9ChesE0DEHM/SsABB7czN60wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzcwYmU2Y2QtMjVkMi00ZjhiLTg4YTQtYjUxMDlmNDk0
NjJkLzEvMDZEQTE5RjQyODVFQjA0RDAzMTA3MzNGNEFDMDAxMDdCNzMzMzdBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0J0b1o5Q2hlc0UwREVITV9Tc0FCQjdj
ek42MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzcwYmU2Y2Qt
MjVkMi00ZjhiLTg4YTQtYjUxMDlmNDk0NjJkLzEvMzQzNTJlMzEzNTM2MmUzMTMx
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZx1MA0GCSqGSIb3DQEBCwUAA4IBAQAEZB/fq3bawk3/YiyTud2DqffOHQIwAjLc
fiWB/sPM4sw6vjqFYzx9bQMFUz7diNvvKTMYbVjZajFOYkm7E+a4VhuCmk9yzyBX
xe7yI1nFmvEZVAJVaoUHf6y+Kd4lWz7vOlvl1A5GzYfX5TpqN4dasA1iWdB0GqTG
uoPnIClAPTtHcy/512yG3J5FVo2tNsbDNfya4LHA9/oKmt0nbAaH09fGoQCBertL
REoz/abWaQhJQp8mDHri2ZSRBsEpK5cL8Y0yaspBc8WPKndmcV8HwD0A/d+XyEEQ
ES+XWrqCCoMrnJgkqnBvYvK2WWDf9NSeuh7xxVKM6Ogfo6KcGdQw
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:50 2024 by rpki-client on console-fra.rpki-client.org