Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e3135352e3135362e302f32342d3234203d3e20343030303331.roa
File: 34352e3135352e3135362e302f32342d3234203d3e20343030303331.roa (raw, json)
Hash identifier: yjPrnDuhRFFpzTOlSgoDZqDRp7FUgKCPM9ZYg1y86B0=
Subject key identifier: 08:5C:0C:73:F5:A5:06:F1:2A:F8:45:18:72:B1:A0:3F:97:B2:04:95
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 4ACEF08C7B503ED7547F48F2BAAA4AD1174FB3DA
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e3135352e3135362e302f32342d3234203d3e20343030303331.roa
Signing time: Wed 20 Nov 2024 07:43:28 +0000
ROA not before: Wed 20 Nov 2024 07:38:28 +0000
ROA not after: Wed 19 Nov 2025 07:43:28 +0000
asID: 400031
IP address blocks: 45.155.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:ce:f0:8c:7b:50:3e:d7:54:7f:48:f2:ba:aa:4a:d1:17:4f:b3:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Nov 20 07:38:28 2024 GMT
Not After : Nov 19 07:43:28 2025 GMT
Subject: CN=085C0C73F5A506F12AF8451872B1A03F97B20495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:94:b9:b5:f5:27:09:98:39:75:e8:7a:d8:0f:
0c:0f:55:3e:0d:23:71:a0:1f:b6:7e:99:45:eb:b5:
83:4b:5f:0b:ff:2b:60:7c:44:25:e7:df:39:ea:ea:
85:53:72:32:f9:9f:2f:7c:9b:f3:e3:10:a0:c3:44:
1b:f0:52:a6:d8:43:91:66:0b:29:65:d9:77:c0:7b:
ad:5c:99:f0:8f:e1:84:12:45:bb:ce:94:6b:28:26:
f7:f9:9c:fd:3c:b7:7e:60:2e:1e:44:d8:be:b2:5a:
6c:f0:42:5f:48:9f:d9:9f:32:7b:c2:43:71:05:09:
52:82:66:d2:b1:3f:a5:0f:fe:05:d1:8a:fa:02:2a:
5e:36:20:a7:c4:2d:31:99:71:1f:14:65:19:49:f9:
ca:f4:8d:c8:d7:17:5b:9b:75:cf:a1:65:7d:92:14:
48:1e:ff:78:63:2b:de:72:fc:12:a1:eb:cc:3e:52:
45:28:73:d9:a7:20:c5:ff:ac:a3:fe:b6:6e:66:f3:
4b:7a:38:b5:e8:01:95:cf:e9:e3:37:75:fd:40:1a:
de:93:6c:21:6a:e1:ad:9e:19:fa:0b:dc:75:4a:fe:
9d:78:4a:e9:27:30:b3:ee:90:29:af:e3:69:60:28:
6e:e7:8a:74:8d:2e:fc:46:4b:5c:6d:2a:98:0b:8b:
4c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:5C:0C:73:F5:A5:06:F1:2A:F8:45:18:72:B1:A0:3F:97:B2:04:95
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e3135352e3135362e302f32342d3234203d3e20343030303331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.156.0/24
Signature Algorithm: sha256WithRSAEncryption
96:7c:48:b3:2f:8c:84:b1:4c:ab:b6:d8:35:2d:fd:18:53:d6:
01:7f:09:a7:62:70:5f:8c:8e:c3:58:e0:ed:09:41:34:4d:fa:
db:82:b2:6f:fe:e3:ca:54:96:10:36:0d:e1:da:cb:1f:01:44:
38:4a:3c:9c:ac:5f:7e:1e:5b:63:1e:71:ff:c3:56:2e:75:1e:
e1:be:61:cd:3f:67:98:3e:bc:52:a2:f0:89:88:d6:26:bb:7e:
43:9d:0c:9b:b9:55:e9:36:54:08:e1:0f:39:bf:7e:e9:b9:1b:
6a:8b:43:c4:33:07:81:a6:98:c4:04:cc:99:20:57:9f:b6:fa:
b1:f6:c1:42:e3:1a:0f:11:46:76:75:9d:b5:ac:89:11:13:1e:
f2:a1:40:13:89:f3:3e:b1:b5:1b:9a:8c:41:49:63:65:3a:92:
11:83:32:06:f9:3d:e4:6e:fa:0d:f3:6d:7a:71:0c:f0:62:24:
f3:4f:1f:5a:f6:39:a6:06:07:62:60:59:56:98:cc:f7:a7:29:
f9:57:00:ce:91:97:b0:cc:89:b7:13:af:08:ff:0f:24:dc:9f:
dc:69:94:45:8a:cb:63:10:da:e5:ce:b8:45:a1:98:24:8c:cf:
aa:8a:e3:20:f9:25:42:f2:a8:6a:5d:2f:ce:c6:23:e4:8f:48:
b6:91:a0:dc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSs7wjHtQPtdUf0jyuqpK0RdPs9owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNDExMjAwNzM4MjhaFw0yNTExMTkwNzQzMjhaMDMxMTAvBgNV
BAMTKDA4NUMwQzczRjVBNTA2RjEyQUY4NDUxODcyQjFBMDNGOTdCMjA0OTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6lLm19ScJmDl16HrYDwwPVT4N
I3GgH7Z+mUXrtYNLXwv/K2B8RCXn3znq6oVTcjL5ny98m/PjEKDDRBvwUqbYQ5Fm
Cyll2XfAe61cmfCP4YQSRbvOlGsoJvf5nP08t35gLh5E2L6yWmzwQl9In9mfMnvC
Q3EFCVKCZtKxP6UP/gXRivoCKl42IKfELTGZcR8UZRlJ+cr0jcjXF1ubdc+hZX2S
FEge/3hjK95y/BKh68w+UkUoc9mnIMX/rKP+tm5m80t6OLXoAZXP6eM3df1AGt6T
bCFq4a2eGfoL3HVK/p14SuknMLPukCmv42lgKG7ninSNLvxGS1xtKpgLi0y3AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUCFwMc/WlBvEq+EUYcrGgP5eyBJUwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzEzNTM1MmUzMTM1
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzAzMDMzMzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtm5wwDQYJKoZIhvcNAQELBQADggEBAJZ8SLMvjISxTKu22DUt/RhT1gF/Cadi
cF+MjsNY4O0JQTRN+tuCsm/+48pUlhA2DeHayx8BRDhKPJysX34eW2Mecf/DVi51
HuG+Yc0/Z5g+vFKi8ImI1ia7fkOdDJu5Vek2VAjhDzm/fum5G2qLQ8QzB4GmmMQE
zJkgV5+2+rH2wULjGg8RRnZ1nbWsiRETHvKhQBOJ8z6xtRuajEFJY2U6khGDMgb5
PeRu+g3zbXpxDPBiJPNPH1r2OaYGB2JgWVaYzPenKflXAM6Rl7DMibcTrwj/DyTc
n9xplEWKy2MQ2uXOuEWhmCSMz6qK4yD5JULyqGpdL87GI+SPSLaRoNw=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org