Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131382e302f32342d3234203d3e20343030393039.roa
File: 34352e36352e3131382e302f32342d3234203d3e20343030393039.roa (raw, json)
Hash identifier: PXvzmbzKuoSvfK9anj/+MefBFABmwTEA5sZ/lOyjz58=
Subject key identifier: 1E:B8:03:A8:71:3F:DD:86:88:CB:3C:CD:6F:87:B3:81:CD:91:E7:60
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 22197CEE5B10ED145A625D2CE790C59EB5645D06
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131382e302f32342d3234203d3e20343030393039.roa
Signing time: Thu 28 Nov 2024 13:43:28 +0000
ROA not before: Thu 28 Nov 2024 13:38:28 +0000
ROA not after: Thu 27 Nov 2025 13:43:28 +0000
asID: 400909
IP address blocks: 45.65.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 04:46:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:19:7c:ee:5b:10:ed:14:5a:62:5d:2c:e7:90:c5:9e:b5:64:5d:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Nov 28 13:38:28 2024 GMT
Not After : Nov 27 13:43:28 2025 GMT
Subject: CN=1EB803A8713FDD8688CB3CCD6F87B381CD91E760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1e:e3:57:8e:08:17:c8:14:39:f8:07:6f:e7:
f5:db:4e:5e:25:38:a1:b7:44:58:14:36:af:f8:3b:
0a:8b:8b:14:5d:cd:6f:5e:8e:23:de:a5:81:b1:c6:
4a:7f:0b:d7:97:8a:9d:2f:b3:b6:0d:47:fb:7e:47:
e4:93:9b:f5:7e:54:54:78:3d:94:1b:5c:0c:ae:01:
73:65:78:9f:54:a3:e3:4a:20:76:ed:e2:3b:69:16:
ec:c0:df:9d:e5:a0:fa:25:72:8f:8d:46:c2:3b:94:
de:52:b0:cf:36:26:8e:36:f9:4e:2c:ed:30:9b:08:
2a:45:b7:fe:14:0d:ac:14:3b:35:87:52:fa:0b:98:
75:8b:07:63:d8:7d:7d:2e:bd:68:85:40:7a:30:c5:
40:e1:f3:37:15:84:1b:5f:07:44:e8:df:d2:02:6a:
40:3b:e6:f7:eb:b4:7e:d6:a2:9b:86:dd:ae:d8:8a:
16:4e:39:9b:c2:9f:05:a5:22:42:d5:c1:dc:c3:ab:
11:1c:52:04:6e:c9:d0:5e:6f:85:86:0c:12:7a:b8:
a6:2a:5a:6a:08:08:08:20:0f:3e:49:1d:3e:ee:f8:
e4:4f:9d:be:58:c3:ea:c0:ad:9f:d1:11:91:bb:ba:
69:5a:fe:e2:d0:fc:91:0d:ea:33:6b:36:59:bb:dd:
50:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B8:03:A8:71:3F:DD:86:88:CB:3C:CD:6F:87:B3:81:CD:91:E7:60
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131382e302f32342d3234203d3e20343030393039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.118.0/24
Signature Algorithm: sha256WithRSAEncryption
28:b0:0c:16:44:31:7e:7f:14:1e:46:d7:d0:1a:e5:f1:1d:7d:
81:ff:66:be:b3:7e:98:bc:8e:77:65:55:cf:5c:40:4c:2e:63:
3f:07:d3:d2:c5:ca:eb:e5:9e:1a:59:6d:db:e0:65:27:a2:10:
70:5f:ef:43:8e:35:63:39:87:d0:e1:f9:71:8a:85:06:6d:a5:
fe:6b:7c:26:88:29:8b:b5:70:f7:20:b7:23:37:d9:ac:b2:4f:
ac:70:9b:5e:9c:51:83:10:7f:11:27:5d:df:8c:a1:15:6d:ff:
a6:ca:ab:0b:9f:c3:e6:b2:26:52:39:e4:f9:4b:36:0e:38:fa:
60:2a:73:54:d1:f3:63:23:9e:af:e3:95:53:87:9e:89:3a:f9:
a0:37:45:0f:ff:9a:84:c8:7c:18:bb:79:c2:86:95:a2:d7:7f:
13:1e:78:6f:a3:dd:0f:db:d1:92:88:43:2f:b6:41:2a:08:1f:
b6:9a:2c:81:b5:2d:2e:ff:d4:65:28:1e:73:60:77:92:c1:5f:
76:a3:51:e8:97:dd:4f:b0:47:45:db:fe:f2:b8:96:23:35:b9:
67:a2:02:b4:c8:43:6e:66:11:11:ee:c5:36:a1:c9:b1:41:47:
7e:54:74:f8:6f:dc:69:99:8c:25:e8:ed:f4:ff:27:f4:36:24:
a9:ec:3a:42
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIhl87lsQ7RRaYl0s55DFnrVkXQYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNDExMjgxMzM4MjhaFw0yNTExMjcxMzQzMjhaMDMxMTAvBgNV
BAMTKDFFQjgwM0E4NzEzRkREODY4OENCM0NDRDZGODdCMzgxQ0Q5MUU3NjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkHuNXjggXyBQ5+Adv5/XbTl4l
OKG3RFgUNq/4OwqLixRdzW9ejiPepYGxxkp/C9eXip0vs7YNR/t+R+STm/V+VFR4
PZQbXAyuAXNleJ9Uo+NKIHbt4jtpFuzA353loPolco+NRsI7lN5SsM82Jo42+U4s
7TCbCCpFt/4UDawUOzWHUvoLmHWLB2PYfX0uvWiFQHowxUDh8zcVhBtfB0To39IC
akA75vfrtH7WopuG3a7YihZOOZvCnwWlIkLVwdzDqxEcUgRuydBeb4WGDBJ6uKYq
WmoICAggDz5JHT7u+ORPnb5Yw+rArZ/REZG7umla/uLQ/JEN6jNrNlm73VCDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUHrgDqHE/3YaIyzzNb4ezgc2R52AwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzYzNTJlMzEzMTM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMwMzkzMDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LUF2MA0GCSqGSIb3DQEBCwUAA4IBAQAosAwWRDF+fxQeRtfQGuXxHX2B/2a+s36Y
vI53ZVXPXEBMLmM/B9PSxcrr5Z4aWW3b4GUnohBwX+9DjjVjOYfQ4flxioUGbaX+
a3wmiCmLtXD3ILcjN9mssk+scJtenFGDEH8RJ13fjKEVbf+myqsLn8PmsiZSOeT5
SzYOOPpgKnNU0fNjI56v45VTh56JOvmgN0UP/5qEyHwYu3nChpWi138THnhvo90P
29GSiEMvtkEqCB+2miyBtS0u/9RlKB5zYHeSwV92o1Hol91PsEdF2/7yuJYjNbln
ogK0yENuZhER7sU2ocmxQUd+VHT4b9xpmYwl6O30/yf0NiSp7DpC
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:53:01 2025 by rpki-client