Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/34352e3135312e3139322e302f32322d3232203d3e203630343538.roa
File: 34352e3135312e3139322e302f32322d3232203d3e203630343538.roa (raw, json)
Hash identifier: CEZxSxxvxgHXiygJrJrmo/X3ZqGVn22GyG4HL64UAdQ=
Subject key identifier: AF:36:78:CC:86:E5:C0:3D:D8:0A:CE:1A:4C:A8:56:35:56:65:09:B5
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 06E91996AE6C8CBD1B63F004F55781214BB57674
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/34352e3135312e3139322e302f32322d3232203d3e203630343538.roa
Signing time: Mon 03 Jun 2024 06:05:17 +0000
ROA not before: Mon 03 Jun 2024 06:00:17 +0000
ROA not after: Mon 02 Jun 2025 06:05:17 +0000
asID: 60458
IP address blocks: 45.151.192.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:e9:19:96:ae:6c:8c:bd:1b:63:f0:04:f5:57:81:21:4b:b5:76:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 3 06:00:17 2024 GMT
Not After : Jun 2 06:05:17 2025 GMT
Subject: CN=AF3678CC86E5C03DD80ACE1A4CA85635566509B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:aa:b9:c6:e8:8d:82:59:9c:a4:c3:9b:c9:f8:
b2:32:f1:3d:c8:4a:9f:43:ac:3d:db:78:fc:07:32:
5c:a6:dc:67:f7:06:cb:dc:47:e7:d1:01:0d:17:74:
b3:10:ec:10:f4:48:1f:b7:d7:b3:c0:18:45:1a:f5:
fe:b2:b8:51:45:c5:8e:f2:52:de:da:6c:f0:0f:e2:
6a:38:59:9d:da:78:67:3d:8d:d2:b4:39:c8:3e:c2:
59:f4:f0:0d:51:19:c1:4a:07:df:d3:b6:11:a0:ff:
33:a1:be:38:fa:06:80:f4:34:78:c9:00:9d:72:5c:
e8:b1:8a:b9:76:51:70:af:4c:97:2c:65:2f:aa:af:
a3:a0:5a:a2:63:a8:53:c9:b1:31:4c:af:5c:54:a1:
fc:28:a4:af:58:7d:d5:d5:ed:67:cd:91:d8:0b:bb:
d6:0a:55:aa:8f:32:dd:49:e4:67:0c:85:1c:a0:4b:
2f:df:58:37:c6:0b:7a:94:6e:3a:b6:ea:55:3b:ea:
71:58:ab:b4:29:95:3a:99:ec:e7:fc:59:b1:d7:74:
a3:4f:64:fb:cf:67:b3:1d:1b:86:b0:ea:81:c2:de:
25:34:bd:b4:dc:f7:b0:9c:7f:c3:85:9f:dc:8c:3f:
ae:5a:bc:fa:66:3d:9c:c8:d6:f2:68:c1:ae:e2:26:
45:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:36:78:CC:86:E5:C0:3D:D8:0A:CE:1A:4C:A8:56:35:56:65:09:B5
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/34352e3135312e3139322e302f32322d3232203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.192.0/22
Signature Algorithm: sha256WithRSAEncryption
65:4d:d2:10:79:63:d7:59:3d:38:40:ee:a8:7f:3d:2d:47:ec:
ec:93:51:3d:50:38:fc:b1:b1:8b:1d:9e:0e:c4:02:02:f5:df:
70:08:c2:d2:9b:e7:33:77:2a:de:b2:fc:0b:27:10:be:a1:df:
ad:c4:16:ea:f6:52:8e:15:39:f1:a4:27:6c:b3:3f:8b:b9:90:
2f:ce:4a:dc:fc:29:90:e4:43:50:ca:ad:0a:9f:13:8f:bb:ec:
7a:71:78:ea:3d:dc:fe:31:ba:d5:3f:0a:69:89:37:35:3c:9c:
af:74:fa:31:46:c0:ba:dc:af:52:e7:fc:98:df:ce:fa:bc:2b:
71:5a:ba:5f:50:ea:80:44:8e:88:9b:8c:94:e1:7b:02:52:00:
2d:ee:81:fa:99:d5:12:1f:01:60:a6:72:3c:72:4c:6c:c1:e2:
c2:ef:99:aa:43:ca:0e:a1:9f:be:ec:59:0b:87:41:c1:60:40:
eb:9b:a4:f1:73:02:85:08:31:fc:74:de:08:fd:fb:92:77:de:
de:13:83:05:da:c2:14:71:75:bd:c4:56:f3:12:fc:a7:87:ab:
08:05:43:46:ca:d2:77:5c:11:6d:4b:37:c5:00:60:3c:5f:46:
e7:b3:d4:ed:23:cc:e4:78:26:bc:f9:27:a4:12:a2:29:a7:7f:
98:ce:7c:14
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBukZlq5sjL0bY/AE9VeBIUu1dnQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA2MDMwNjAwMTdaFw0yNTA2MDIwNjA1MTdaMDMxMTAvBgNV
BAMTKEFGMzY3OENDODZFNUMwM0REODBBQ0UxQTRDQTg1NjM1NTY2NTA5QjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmqrnG6I2CWZykw5vJ+LIy8T3I
Sp9DrD3bePwHMlym3Gf3BsvcR+fRAQ0XdLMQ7BD0SB+317PAGEUa9f6yuFFFxY7y
Ut7abPAP4mo4WZ3aeGc9jdK0Ocg+wln08A1RGcFKB9/TthGg/zOhvjj6BoD0NHjJ
AJ1yXOixirl2UXCvTJcsZS+qr6OgWqJjqFPJsTFMr1xUofwopK9YfdXV7WfNkdgL
u9YKVaqPMt1J5GcMhRygSy/fWDfGC3qUbjq26lU76nFYq7QplTqZ7Of8WbHXdKNP
ZPvPZ7MdG4aw6oHC3iU0vbTc97Ccf8OFn9yMP65avPpmPZzI1vJowa7iJkUPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUrzZ4zIblwD3YCs4aTKhWNVZlCbUwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzQzNTJlMzEzNTMxMmUzMTM5
MzIyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
LZfAMA0GCSqGSIb3DQEBCwUAA4IBAQBlTdIQeWPXWT04QO6ofz0tR+zsk1E9UDj8
sbGLHZ4OxAIC9d9wCMLSm+czdyresvwLJxC+od+txBbq9lKOFTnxpCdssz+LuZAv
zkrc/CmQ5ENQyq0KnxOPu+x6cXjqPdz+MbrVPwppiTc1PJyvdPoxRsC63K9S5/yY
3876vCtxWrpfUOqARI6Im4yU4XsCUgAt7oH6mdUSHwFgpnI8ckxsweLC75mqQ8oO
oZ++7FkLh0HBYEDrm6TxcwKFCDH8dN4I/fuSd97eE4MF2sIUcXW9xFbzEvynh6sI
BUNGytJ3XBFtSzfFAGA8X0bns9TtI8zkeCa8+SekEqIpp3+YznwU
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org