Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/34352e3134332e3134382e302f32322d3232203d3e203630343538.roa
File: 34352e3134332e3134382e302f32322d3232203d3e203630343538.roa (raw, json)
Hash identifier: bpYF5qZdYO0DbZt3Xk0T28CUCnoM69JvudASJUo7nz4=
Subject key identifier: A4:E6:85:22:3B:60:75:7B:71:ED:DC:AB:72:74:67:C1:58:BE:89:F2
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 2D3EA0544F77CA12D9694754269FC273724F8E43
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/34352e3134332e3134382e302f32322d3232203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:17 +0000
ROA not before: Mon 03 Jun 2024 06:00:17 +0000
ROA not after: Mon 02 Jun 2025 06:05:17 +0000
asID: 60458
IP address blocks: 45.143.148.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:3e:a0:54:4f:77:ca:12:d9:69:47:54:26:9f:c2:73:72:4f:8e:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:17 2024 GMT
Not After : Jun 2 06:05:17 2025 GMT
Subject: CN=A4E685223B60757B71EDDCAB727467C158BE89F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c0:ad:0b:78:08:90:b4:5a:b6:e3:3d:d9:47:
1c:29:3e:65:e9:cb:1a:10:81:a3:74:ea:85:ed:05:
ee:87:e3:b8:02:f9:d2:2c:43:3f:bd:6e:39:3a:0b:
de:89:88:37:56:9c:5a:1a:b1:65:85:e9:9c:38:e1:
ff:b4:ae:a4:44:ac:6b:a8:8e:11:ec:18:fc:ae:7c:
ca:9d:d4:b1:c0:90:22:09:8e:10:23:14:69:1f:d2:
19:9d:72:e2:43:a5:7a:46:fd:2e:72:71:12:64:1f:
38:5a:53:5e:a1:f4:ae:69:ea:bf:77:38:93:0f:5f:
bc:c7:c2:54:e0:47:b9:00:bf:86:03:be:54:f1:49:
68:e3:f4:c3:bf:fa:d8:b1:41:6d:bf:b9:36:b1:40:
42:14:74:56:18:62:bd:49:8e:ab:23:6a:40:09:8c:
d1:b4:10:3a:0b:cf:92:37:12:fa:fb:43:c0:12:c2:
3f:55:81:93:8d:58:f5:01:d1:09:73:45:52:1e:f4:
4e:f3:bb:31:43:0c:57:63:4f:95:d0:d3:66:42:2b:
b8:17:c1:3e:c9:72:57:43:a9:6c:6b:4d:c2:97:6a:
dc:08:2f:e8:9a:61:5f:ad:98:fb:dc:95:5e:6f:0b:
97:37:a7:d7:6e:49:d0:13:32:42:e9:9c:1d:43:1c:
0e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:E6:85:22:3B:60:75:7B:71:ED:DC:AB:72:74:67:C1:58:BE:89:F2
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/34352e3134332e3134382e302f32322d3232203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.148.0/22
Signature Algorithm: sha256WithRSAEncryption
53:4c:f5:98:bb:c5:ab:84:d4:9c:1c:cc:b4:aa:8c:b6:1d:e7:
db:eb:8c:a3:d9:1f:2d:db:78:ce:4f:bf:91:92:ec:ad:75:34:
30:21:b4:4a:a8:6c:6b:1d:07:3a:96:63:12:e7:d8:11:12:de:
f3:6a:f9:e8:c7:9e:3c:51:17:e7:45:46:21:67:a2:c4:a9:8c:
ae:d8:c4:59:a2:95:ca:42:63:1d:0f:79:61:80:8b:05:bf:4d:
0f:5a:5e:7c:40:76:a8:90:e7:f3:b6:78:1d:0b:7a:3a:e9:fc:
8d:10:ef:5f:b9:f0:fd:fc:81:81:a3:26:a9:62:e5:23:2f:da:
16:57:41:3f:10:d3:39:28:d6:c8:0f:8a:1b:2e:7a:4b:04:8b:
a5:9f:53:eb:70:0a:4c:45:02:8e:a1:5d:10:20:05:e9:88:49:
fd:72:26:ca:2f:aa:d0:19:f9:f5:65:d6:30:ec:f2:a0:c4:86:
13:28:5c:1b:fc:d6:c2:02:e9:58:ee:f6:12:ab:ba:a9:12:1a:
bc:64:30:e3:7f:6a:9a:14:57:ad:d1:f6:cd:4f:8c:d3:ef:0c:
87:72:57:20:20:28:4f:df:7d:e1:52:45:cd:49:44:6a:ce:ae:
99:b0:46:88:4a:e9:63:f7:e7:55:41:25:0b:fd:c2:1b:d4:83:
64:cd:eb:c6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULT6gVE93yhLZaUdUJp/Cc3JPjkMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTdaFw0yNTA2MDIwNjA1MTdaMDMxMTAvBgNV
BAMTKEE0RTY4NTIyM0I2MDc1N0I3MUVERENBQjcyNzQ2N0MxNThCRTg5RjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRwK0LeAiQtFq24z3ZRxwpPmXp
yxoQgaN06oXtBe6H47gC+dIsQz+9bjk6C96JiDdWnFoasWWF6Zw44f+0rqRErGuo
jhHsGPyufMqd1LHAkCIJjhAjFGkf0hmdcuJDpXpG/S5ycRJkHzhaU16h9K5p6r93
OJMPX7zHwlTgR7kAv4YDvlTxSWjj9MO/+tixQW2/uTaxQEIUdFYYYr1JjqsjakAJ
jNG0EDoLz5I3Evr7Q8ASwj9VgZONWPUB0QlzRVIe9E7zuzFDDFdjT5XQ02ZCK7gX
wT7JcldDqWxrTcKXatwIL+iaYV+tmPvclV5vC5c3p9duSdATMkLpnB1DHA6LAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUpOaFIjtgdXtx7dyrcnRnwVi+ifIwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzQzNTJlMzEzNDMzMmUzMTM0
MzgyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
LY+UMA0GCSqGSIb3DQEBCwUAA4IBAQBTTPWYu8WrhNScHMy0qoy2Hefb64yj2R8t
23jOT7+RkuytdTQwIbRKqGxrHQc6lmMS59gREt7zavnox548URfnRUYhZ6LEqYyu
2MRZopXKQmMdD3lhgIsFv00PWl58QHaokOfztngdC3o66fyNEO9fufD9/IGBoyap
YuUjL9oWV0E/ENM5KNbID4obLnpLBIuln1PrcApMRQKOoV0QIAXpiEn9cibKL6rQ
Gfn1ZdYw7PKgxIYTKFwb/NbCAulY7vYSq7qpEhq8ZDDjf2qaFFet0fbNT4zT7wyH
clcgIChP333hUkXNSURqzq6ZsEaISulj9+dVQSUL/cIb1INkzevG
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org