Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e38382e31312e302f32342d3234203d3e20323131343135.roa
File: 34352e38382e31312e302f32342d3234203d3e20323131343135.roa (raw, json)
Hash identifier: DOvYOnnvq4yzgs0NBwdA4OK+SeKQZ9kwwZaFdk3W6zI=
Subject key identifier: 11:D7:05:67:84:4C:0E:B0:99:0A:4C:91:28:EE:1E:05:B2:9B:8D:05
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 1C21532D4008F44C5D6182598FA6C55CF1BDCCE3
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e38382e31312e302f32342d3234203d3e20323131343135.roa
Signing time: Mon 23 Sep 2024 09:43:19 +0000
ROA not before: Mon 23 Sep 2024 09:38:19 +0000
ROA not after: Mon 22 Sep 2025 09:43:19 +0000
asID: 211415
IP address blocks: 45.88.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:21:53:2d:40:08:f4:4c:5d:61:82:59:8f:a6:c5:5c:f1:bd:cc:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Sep 23 09:38:19 2024 GMT
Not After : Sep 22 09:43:19 2025 GMT
Subject: CN=11D70567844C0EB0990A4C9128EE1E05B29B8D05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:42:79:01:b6:2d:db:72:fc:73:b5:63:d9:6a:
e7:e0:c5:bb:a0:f3:b0:2f:8e:f2:0a:4c:ba:4b:0a:
e8:7b:8b:4d:2d:62:1c:85:10:d7:c9:0d:f7:a8:45:
c0:23:1e:5e:d8:d7:a5:74:c1:c4:91:81:06:6d:8b:
c7:74:66:98:04:20:7c:66:1a:05:ef:d5:d5:00:e2:
31:72:b9:1f:54:e0:4d:4d:77:14:e8:2e:7a:57:86:
16:f8:00:5a:c4:13:c5:fd:e8:80:41:bc:04:48:75:
c5:c0:38:a2:44:95:10:e6:8a:7d:9d:30:26:88:70:
fd:1c:c3:b5:d6:af:ed:d1:18:fb:dd:bd:9a:1f:98:
2e:60:83:78:9d:7f:da:66:fe:a6:3a:06:ed:6f:23:
46:37:17:3c:a8:52:b7:96:81:a8:7c:cd:43:30:99:
5f:26:9c:07:80:3c:ee:d9:21:ff:05:e3:0f:b4:0b:
aa:b2:7b:26:2c:2c:57:a2:e5:88:76:e9:eb:a7:31:
17:b5:29:a5:17:92:8b:31:80:e4:85:80:df:c9:96:
49:87:52:f2:66:c7:82:7a:01:d6:24:c7:fa:02:ba:
35:c2:0b:eb:8c:8c:8c:4b:a6:7f:43:76:0d:29:36:
97:d7:11:78:a9:8c:72:9f:30:56:6c:0f:c8:d6:26:
76:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:D7:05:67:84:4C:0E:B0:99:0A:4C:91:28:EE:1E:05:B2:9B:8D:05
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e38382e31312e302f32342d3234203d3e20323131343135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.11.0/24
Signature Algorithm: sha256WithRSAEncryption
88:20:81:ac:66:58:fe:37:13:09:4b:ba:95:dc:1b:82:3d:4f:
eb:24:dd:a4:85:dc:eb:0a:60:ea:b8:31:be:91:80:0a:b2:ee:
8f:94:44:20:47:56:85:c3:e4:35:00:bf:d5:25:ec:2d:fa:c4:
20:2e:c7:ab:42:b8:3a:30:05:13:b0:c8:77:60:51:91:e1:37:
e5:0b:90:c0:37:42:8d:32:ff:ec:f0:8e:64:0f:04:c0:b5:08:
ea:ca:8b:90:cd:6a:76:45:b7:1f:2b:e3:14:24:fe:db:4f:57:
91:90:4f:83:4a:f4:6d:7a:c2:eb:19:41:33:71:d4:ef:93:e3:
9d:91:0a:9f:4f:9b:13:b1:d5:10:2b:a0:e1:96:16:11:80:32:
f7:85:52:81:b8:e4:e0:dc:69:db:15:56:44:22:8a:52:0d:53:
f5:b3:78:cc:ef:b8:f3:ab:a5:40:12:34:89:cb:e2:ab:6b:2d:
18:94:59:07:d3:cd:eb:b6:08:b1:e9:ba:40:9e:b4:0a:8c:b4:
21:1e:4b:25:ee:33:9e:c6:4b:3e:82:9f:25:b9:98:a7:08:7c:
70:fb:d3:54:18:ed:9d:71:a5:67:33:63:3e:bb:9e:de:53:07:
78:86:90:90:24:93:69:48:11:f0:1f:bd:96:3c:f2:c7:24:94:
67:99:c7:60
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUHCFTLUAI9ExdYYJZj6bFXPG9zOMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNDA5MjMwOTM4MTlaFw0yNTA5MjIwOTQzMTlaMDMxMTAvBgNV
BAMTKDExRDcwNTY3ODQ0QzBFQjA5OTBBNEM5MTI4RUUxRTA1QjI5QjhEMDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKQnkBti3bcvxztWPZaufgxbug
87AvjvIKTLpLCuh7i00tYhyFENfJDfeoRcAjHl7Y16V0wcSRgQZti8d0ZpgEIHxm
GgXv1dUA4jFyuR9U4E1NdxToLnpXhhb4AFrEE8X96IBBvARIdcXAOKJElRDmin2d
MCaIcP0cw7XWr+3RGPvdvZofmC5gg3idf9pm/qY6Bu1vI0Y3FzyoUreWgah8zUMw
mV8mnAeAPO7ZIf8F4w+0C6qyeyYsLFei5Yh26eunMRe1KaUXkosxgOSFgN/JlkmH
UvJmx4J6AdYkx/oCujXCC+uMjIxLpn9Ddg0pNpfXEXipjHKfMFZsD8jWJnZVAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUEdcFZ4RMDrCZCkyRKO4eBbKbjQUwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzgzODJlMzEzMTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMTM0MzEzNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1Y
CzANBgkqhkiG9w0BAQsFAAOCAQEAiCCBrGZY/jcTCUu6ldwbgj1P6yTdpIXc6wpg
6rgxvpGACrLuj5REIEdWhcPkNQC/1SXsLfrEIC7Hq0K4OjAFE7DId2BRkeE35QuQ
wDdCjTL/7PCOZA8EwLUI6sqLkM1qdkW3HyvjFCT+209XkZBPg0r0bXrC6xlBM3HU
75PjnZEKn0+bE7HVECug4ZYWEYAy94VSgbjk4Nxp2xVWRCKKUg1T9bN4zO+486ul
QBI0icviq2stGJRZB9PN67YIsem6QJ60Coy0IR5LJe4znsZLPoKfJbmYpwh8cPvT
VBjtnXGlZzNjPrue3lMHeIaQkCSTaUgR8B+9ljzyxySUZ5nHYA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org