Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131362e302f32332d3233203d3e20343030393039.roa
File: 34352e36352e3131362e302f32332d3233203d3e20343030393039.roa (raw, json)
Hash identifier: UiQwO5clGVYltf6yGyP2kZBvKDqdKie04d8iuc9dlqE=
Subject key identifier: AC:54:9F:BC:70:C7:EE:9E:7F:63:EC:81:C5:F9:07:57:0A:1D:C8:92
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 1C5A2FEFF6A2EA761542C5986DCFA35FBFB49704
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131362e302f32332d3233203d3e20343030393039.roa
Signing time: Mon 02 Dec 2024 16:43:28 +0000
ROA not before: Mon 02 Dec 2024 16:38:28 +0000
ROA not after: Mon 01 Dec 2025 16:43:28 +0000
asID: 400909
IP address blocks: 45.65.116.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:5a:2f:ef:f6:a2:ea:76:15:42:c5:98:6d:cf:a3:5f:bf:b4:97:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Dec 2 16:38:28 2024 GMT
Not After : Dec 1 16:43:28 2025 GMT
Subject: CN=AC549FBC70C7EE9E7F63EC81C5F907570A1DC892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:33:7e:5d:5b:55:14:64:c0:25:3c:0a:b4:d6:
a2:67:7b:e1:ea:ee:36:97:2c:e1:0b:c9:39:37:55:
76:3e:6b:66:e6:07:d3:34:52:04:8b:94:6d:97:b5:
da:3c:22:85:56:a6:78:fc:2b:16:f4:54:4f:14:3b:
bf:db:21:88:e8:fb:d0:f0:56:61:12:82:19:16:5e:
21:9c:28:4a:05:97:80:92:38:2a:21:31:2b:01:be:
e5:03:b8:7c:e1:c2:e0:df:4a:43:8e:9a:20:80:bc:
53:ed:61:3c:bf:5c:2f:55:bf:e6:d2:11:e5:03:73:
9c:37:16:d1:7f:a9:03:a3:bc:ae:1b:f5:5a:0e:d8:
6f:b7:cd:ee:3c:7f:1e:80:21:dc:78:16:b5:6f:74:
49:60:a8:1c:00:63:ae:ec:42:c8:e3:6e:61:40:e8:
b2:7a:0c:06:94:66:32:84:0e:dd:8a:b2:88:45:80:
6b:1f:4f:f0:92:01:2b:d7:35:9a:de:4d:37:96:a8:
b6:f0:42:af:59:31:8f:91:cf:09:4c:77:e3:d8:3c:
94:a9:05:13:20:e5:a9:e6:2f:23:12:f6:e1:07:8c:
60:da:a1:51:ad:ea:a9:33:bb:41:94:f3:85:d3:92:
37:e2:3e:e4:20:03:c4:b5:13:fe:1b:ed:e3:4b:1e:
a7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:54:9F:BC:70:C7:EE:9E:7F:63:EC:81:C5:F9:07:57:0A:1D:C8:92
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131362e302f32332d3233203d3e20343030393039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.116.0/23
Signature Algorithm: sha256WithRSAEncryption
df:ee:19:19:26:39:a2:6e:38:6d:33:54:44:8f:a0:66:c0:8a:
cb:cb:8b:c0:92:f1:82:ca:8c:1c:e2:3c:d8:d6:a5:b5:ed:85:
33:f8:8e:91:80:58:9c:e2:ec:4c:21:50:61:99:56:ae:c2:a2:
03:1f:bd:02:4c:8b:5b:1a:51:95:b5:32:88:67:5e:ee:a3:cc:
bb:7f:8f:84:b2:97:50:9b:2a:64:32:a2:b2:80:f6:82:35:31:
c9:77:68:f8:ca:6b:e4:b0:c7:fe:9a:5b:c9:eb:f8:3e:8f:df:
14:7f:17:7c:d7:3d:4f:a1:81:6b:53:8f:de:d3:7e:b4:b4:96:
06:d6:e7:36:c9:be:77:68:8d:af:76:0d:08:3f:76:d2:07:ab:
e1:07:07:c2:d4:a6:25:e1:04:ac:d9:b3:7d:70:4e:31:b6:67:
da:63:9b:8e:a2:10:66:bd:27:19:0a:c9:95:5a:3a:fd:3a:58:
21:fe:4a:7e:a9:8c:b4:e2:0e:75:ff:1e:38:fd:c7:c0:2a:bc:
0b:93:b6:bb:55:6b:2d:65:b1:71:9f:da:94:a0:fc:bd:06:e6:
13:fa:35:06:c6:45:33:49:11:6e:4d:d2:9a:44:00:18:2f:e9:
ae:36:7b:b0:55:aa:8e:66:2b:4e:7d:d2:02:50:2c:01:67:cd:
96:14:46:d5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHFov7/ai6nYVQsWYbc+jX7+0lwQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNDEyMDIxNjM4MjhaFw0yNTEyMDExNjQzMjhaMDMxMTAvBgNV
BAMTKEFDNTQ5RkJDNzBDN0VFOUU3RjYzRUM4MUM1RjkwNzU3MEExREM4OTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrM35dW1UUZMAlPAq01qJne+Hq
7jaXLOELyTk3VXY+a2bmB9M0UgSLlG2Xtdo8IoVWpnj8Kxb0VE8UO7/bIYjo+9Dw
VmESghkWXiGcKEoFl4CSOCohMSsBvuUDuHzhwuDfSkOOmiCAvFPtYTy/XC9Vv+bS
EeUDc5w3FtF/qQOjvK4b9VoO2G+3ze48fx6AIdx4FrVvdElgqBwAY67sQsjjbmFA
6LJ6DAaUZjKEDt2KsohFgGsfT/CSASvXNZreTTeWqLbwQq9ZMY+RzwlMd+PYPJSp
BRMg5anmLyMS9uEHjGDaoVGt6qkzu0GU84XTkjfiPuQgA8S1E/4b7eNLHqcZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUrFSfvHDH7p5/Y+yBxfkHVwodyJIwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzYzNTJlMzEzMTM2
MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzQzMDMwMzkzMDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
LUF0MA0GCSqGSIb3DQEBCwUAA4IBAQDf7hkZJjmibjhtM1REj6BmwIrLy4vAkvGC
yowc4jzY1qW17YUz+I6RgFic4uxMIVBhmVauwqIDH70CTItbGlGVtTKIZ17uo8y7
f4+EspdQmypkMqKygPaCNTHJd2j4ymvksMf+mlvJ6/g+j98Ufxd81z1PoYFrU4/e
0360tJYG1uc2yb53aI2vdg0IP3bSB6vhBwfC1KYl4QSs2bN9cE4xtmfaY5uOohBm
vScZCsmVWjr9Olgh/kp+qYy04g51/x44/cfAKrwLk7a7VWstZbFxn9qUoPy9BuYT
+jUGxkUzSRFuTdKaRAAYL+muNnuwVaqOZitOfdICUCwBZ82WFEbV
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:13 2025 by rpki-client