Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e3135352e3135392e302f32342d3234203d3e203438363738.roa
File: 34352e3135352e3135392e302f32342d3234203d3e203438363738.roa (raw, json)
Hash identifier: i7Hy6khbQiJOt+teUyedIr+g5psWuyCVHnwmiVI5xJU=
Subject key identifier: 97:D7:DD:95:1F:76:F0:4B:CA:AC:5F:D5:DE:57:90:E9:06:E2:EB:9B
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 4B03D8C60424814558E22661FE65AAD43BF90124
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e3135352e3135392e302f32342d3234203d3e203438363738.roa
Signing time: Fri 05 Jan 2024 14:05:08 +0000
ROA not before: Fri 05 Jan 2024 14:00:08 +0000
ROA not after: Fri 03 Jan 2025 14:05:08 +0000
asID: 48678
IP address blocks: 45.155.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:03:d8:c6:04:24:81:45:58:e2:26:61:fe:65:aa:d4:3b:f9:01:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Jan 5 14:00:08 2024 GMT
Not After : Jan 3 14:05:08 2025 GMT
Subject: CN=97D7DD951F76F04BCAAC5FD5DE5790E906E2EB9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:47:e4:d7:0e:69:ba:d5:f9:8e:0a:f3:90:6a:
eb:cc:0b:53:69:2d:94:7b:b2:c7:19:02:5f:7a:e1:
b2:46:80:8b:8f:de:81:24:31:b3:e2:18:f1:62:2c:
66:2f:20:0f:cf:cb:82:97:cb:10:e2:ac:ca:41:9c:
2e:7d:cc:29:99:f8:c8:bb:5a:0f:91:e4:48:82:d4:
8c:f7:c1:3b:55:c4:32:69:2c:c5:59:8a:03:48:bb:
38:46:35:be:4d:c6:50:69:df:60:30:76:08:5e:b1:
b0:55:14:b3:33:fd:11:bb:4f:77:d6:a7:07:df:dd:
b5:0c:20:4d:a9:b8:be:b3:27:a4:ea:28:a4:d0:34:
35:80:58:d6:a2:c4:d1:44:5c:65:3b:98:71:0a:fb:
1b:22:93:89:0b:11:5f:e8:7a:8d:b6:af:86:fc:7f:
6c:fb:af:2e:b5:b6:6f:23:7e:d9:d9:0a:3c:b9:f4:
b4:69:49:1c:13:23:91:d5:a2:f1:b3:5a:85:59:e8:
f9:d2:74:7d:fc:38:d1:d1:55:f3:6d:47:22:69:97:
68:d5:68:9b:a5:b5:05:fc:d0:7d:64:10:aa:69:9a:
85:fb:e7:58:6d:56:d6:e6:af:1b:f1:a4:75:f6:ae:
fa:c9:ea:b3:15:62:5b:aa:0b:e2:13:ac:7f:90:63:
22:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:D7:DD:95:1F:76:F0:4B:CA:AC:5F:D5:DE:57:90:E9:06:E2:EB:9B
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e3135352e3135392e302f32342d3234203d3e203438363738.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.159.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:f5:01:91:cf:67:14:76:47:2a:45:37:ff:b4:e1:d3:50:07:
9f:42:a6:0e:67:38:60:0a:66:bd:a1:ca:40:30:30:37:0a:a1:
5f:dc:28:f9:57:52:fa:4b:51:f9:cb:65:91:d1:f8:e1:02:17:
12:d3:2e:8d:1d:ac:bc:28:09:35:27:4b:8f:dc:22:7d:64:6d:
ba:6c:52:b3:33:71:f4:b2:fc:d1:d0:d2:26:95:29:89:ec:85:
3b:e6:67:b8:35:f2:a7:46:aa:dd:c1:b0:df:15:3c:aa:fc:8d:
fd:42:80:2b:d9:9c:31:e3:24:03:e9:a3:7d:aa:bc:ef:6e:69:
52:23:94:99:2c:51:58:ea:da:47:7e:e9:0b:b5:62:22:1e:cf:
f5:c2:1b:97:99:6f:e2:ca:f5:87:97:c5:90:a4:ab:d0:75:70:
08:55:36:29:f0:95:c1:be:77:30:a7:ea:3c:9a:69:59:6a:8d:
e2:81:7a:0c:31:02:13:72:cf:fa:7c:7b:dc:33:30:9e:38:48:
3b:3a:1f:22:f6:8d:76:bd:81:c0:27:78:72:83:7c:42:9b:e2:
41:0c:a8:63:43:a1:f8:d1:e3:af:5c:f1:66:bf:42:e2:c9:de:
83:29:9f:ba:15:83:d7:02:5a:41:d1:04:dc:34:cc:4e:a2:f2:
b9:1f:6b:91
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSwPYxgQkgUVY4iZh/mWq1Dv5ASQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNDAxMDUxNDAwMDhaFw0yNTAxMDMxNDA1MDhaMDMxMTAvBgNV
BAMTKDk3RDdERDk1MUY3NkYwNEJDQUFDNUZENURFNTc5MEU5MDZFMkVCOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSR+TXDmm61fmOCvOQauvMC1Np
LZR7sscZAl964bJGgIuP3oEkMbPiGPFiLGYvIA/Py4KXyxDirMpBnC59zCmZ+Mi7
Wg+R5EiC1Iz3wTtVxDJpLMVZigNIuzhGNb5NxlBp32AwdghesbBVFLMz/RG7T3fW
pwff3bUMIE2puL6zJ6TqKKTQNDWAWNaixNFEXGU7mHEK+xsik4kLEV/oeo22r4b8
f2z7ry61tm8jftnZCjy59LRpSRwTI5HVovGzWoVZ6PnSdH38ONHRVfNtRyJpl2jV
aJultQX80H1kEKppmoX751htVtbmrxvxpHX2rvrJ6rMVYluqC+ITrH+QYyJ7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUl9fdlR928EvKrF/V3leQ6Qbi65swHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzEzNTM1MmUzMTM1
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM4MzYzNzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZufMA0GCSqGSIb3DQEBCwUAA4IBAQC19QGRz2cUdkcqRTf/tOHTUAefQqYOZzhg
Cma9ocpAMDA3CqFf3Cj5V1L6S1H5y2WR0fjhAhcS0y6NHay8KAk1J0uP3CJ9ZG26
bFKzM3H0svzR0NImlSmJ7IU75me4NfKnRqrdwbDfFTyq/I39QoAr2Zwx4yQD6aN9
qrzvbmlSI5SZLFFY6tpHfukLtWIiHs/1whuXmW/iyvWHl8WQpKvQdXAIVTYp8JXB
vncwp+o8mmlZao3igXoMMQITcs/6fHvcMzCeOEg7Oh8i9o12vYHAJ3hyg3xCm+JB
DKhjQ6H40eOvXPFmv0Liyd6DKZ+6FYPXAlpB0QTcNMxOovK5H2uR
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org