Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/34352e3134362e3138382e302f32322d3232203d3e203630343538.roa
File: 34352e3134362e3138382e302f32322d3232203d3e203630343538.roa (raw, json)
Hash identifier: UpdRjVxL0CaDRe6pjsA4a0Pm9cl+EKxsLppBEtm6yHY=
Subject key identifier: E0:87:94:56:09:0C:97:F3:3E:1A:33:04:66:7D:4C:D8:CE:B8:70:49
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 6AF68AF2C97D9AEC4D29110B61AC4ABCF38CA0EA
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/34352e3134362e3138382e302f32322d3232203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:17 +0000
ROA not before: Mon 03 Jun 2024 06:00:17 +0000
ROA not after: Mon 02 Jun 2025 06:05:17 +0000
asID: 60458
IP address blocks: 45.146.188.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:f6:8a:f2:c9:7d:9a:ec:4d:29:11:0b:61:ac:4a:bc:f3:8c:a0:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:17 2024 GMT
Not After : Jun 2 06:05:17 2025 GMT
Subject: CN=E0879456090C97F33E1A3304667D4CD8CEB87049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2c:a6:65:c4:0b:51:7c:a6:1a:33:e2:de:78:
7c:6f:13:4c:6e:cb:c4:cc:ee:fc:0a:19:1a:78:a5:
59:a1:fe:50:5a:52:9d:40:63:10:af:4b:7c:27:37:
89:1c:a1:05:ac:c2:c8:7c:3f:c4:e0:87:d3:07:62:
9a:d2:80:c8:61:d2:8e:9a:da:63:07:c9:62:dc:24:
cc:65:aa:d9:f0:3e:79:c4:d0:4c:59:7d:b4:87:05:
6a:16:33:76:34:eb:eb:d7:2e:53:b5:22:21:f0:b6:
37:9e:0d:a7:c7:a6:94:67:56:c1:11:14:2d:d7:50:
8d:61:f8:fb:18:e4:5c:33:8e:39:a5:b0:97:7a:0c:
81:2d:95:04:90:61:34:79:0a:af:b9:ba:8b:43:58:
6e:d3:f7:36:b2:87:30:90:6d:34:60:2c:1e:2e:e7:
75:af:60:78:12:17:f9:c5:18:3f:8a:ae:3f:4a:52:
c7:7a:e7:ed:19:71:23:f3:14:f8:68:17:6b:10:b0:
a0:8b:6f:e8:d0:24:aa:d6:d3:c8:3c:12:5b:9e:11:
26:d2:f4:e0:42:77:d2:d6:51:df:25:74:36:47:de:
79:4c:dc:ae:5e:dd:39:ee:84:b9:23:d6:a0:ed:36:
f8:ad:8f:ee:4f:ee:1a:e9:02:6a:c5:ad:8f:98:2e:
7f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:87:94:56:09:0C:97:F3:3E:1A:33:04:66:7D:4C:D8:CE:B8:70:49
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/34352e3134362e3138382e302f32322d3232203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.188.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:c4:61:20:35:fb:1b:2c:7e:32:82:e1:22:42:97:c4:ec:95:
a2:de:c4:2d:73:36:f7:d4:aa:1a:9e:07:b6:60:aa:d8:f0:23:
8a:75:8c:37:0a:17:89:2d:96:98:72:11:f9:3e:eb:46:31:d3:
8d:a0:d4:a8:10:c4:6c:5c:fd:02:2f:85:4d:ea:fd:db:f3:bd:
a5:3f:f7:45:b0:09:c4:4f:28:da:b7:80:b5:b3:8a:d9:22:00:
4b:08:f6:d2:45:21:25:a5:7e:11:c0:94:87:2b:c2:e5:e3:a4:
70:76:a3:99:6e:7c:57:fb:64:11:48:35:16:be:cf:5e:07:a3:
4e:8e:2b:4c:1a:cd:ad:c2:f5:1e:67:02:1d:15:94:f5:e5:25:
dd:e9:b2:d5:ba:49:82:65:b6:d4:32:e7:7c:52:f4:f4:50:00:
c6:77:5f:06:83:13:f0:1f:d7:d6:a7:28:85:c1:4d:a2:63:3a:
1a:7d:3f:67:2c:7e:db:96:1a:ea:ee:5e:58:c8:9e:47:e8:57:
b7:95:33:1f:b7:97:9f:f4:6b:b6:09:44:64:db:35:87:36:66:
2f:63:52:cf:6b:48:02:36:ae:f7:cf:b2:3a:08:bd:e8:c5:7e:
48:6e:5e:b9:dc:af:7f:67:5d:8b:74:03:fc:ab:d2:bc:45:0e:
e1:c3:ee:b8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUavaK8sl9muxNKRELYaxKvPOMoOowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTdaFw0yNTA2MDIwNjA1MTdaMDMxMTAvBgNV
BAMTKEUwODc5NDU2MDkwQzk3RjMzRTFBMzMwNDY2N0Q0Q0Q4Q0VCODcwNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmLKZlxAtRfKYaM+LeeHxvE0xu
y8TM7vwKGRp4pVmh/lBaUp1AYxCvS3wnN4kcoQWswsh8P8Tgh9MHYprSgMhh0o6a
2mMHyWLcJMxlqtnwPnnE0ExZfbSHBWoWM3Y06+vXLlO1IiHwtjeeDafHppRnVsER
FC3XUI1h+PsY5FwzjjmlsJd6DIEtlQSQYTR5Cq+5uotDWG7T9zayhzCQbTRgLB4u
53WvYHgSF/nFGD+Krj9KUsd65+0ZcSPzFPhoF2sQsKCLb+jQJKrW08g8ElueESbS
9OBCd9LWUd8ldDZH3nlM3K5e3TnuhLkj1qDtNvitj+5P7hrpAmrFrY+YLn+ZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU4IeUVgkMl/M+GjMEZn1M2M64cEkwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzQzNTJlMzEzNDM2MmUzMTM4
MzgyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
LZK8MA0GCSqGSIb3DQEBCwUAA4IBAQAvxGEgNfsbLH4yguEiQpfE7JWi3sQtczb3
1Koange2YKrY8COKdYw3CheJLZaYchH5PutGMdONoNSoEMRsXP0CL4VN6v3b872l
P/dFsAnETyjat4C1s4rZIgBLCPbSRSElpX4RwJSHK8Ll46RwdqOZbnxX+2QRSDUW
vs9eB6NOjitMGs2twvUeZwIdFZT15SXd6bLVukmCZbbUMud8UvT0UADGd18GgxPw
H9fWpyiFwU2iYzoafT9nLH7blhrq7l5YyJ5H6Fe3lTMft5ef9Gu2CURk2zWHNmYv
Y1LPa0gCNq73z7I6CL3oxX5Ibl653K9/Z12LdAP8q9K8RQ7hw+64
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:50 2024 by rpki-client on console-fra.rpki-client.org