Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/34352e39352e38312e302f32342d3234203d3e203130373533.roa
File: 34352e39352e38312e302f32342d3234203d3e203130373533.roa (raw, json)
Hash identifier: FkBgrUApMvi3lgA70RwzXdmr+ue7YGI+0ZsQLz4AeeM=
Subject key identifier: 35:BB:89:0A:23:AA:FB:04:62:2C:89:F6:B7:8B:27:EC:67:96:0E:1D
Certificate issuer: /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial: 3AE6183B9E159E3A25F8476661C8AFD0D87365C1
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/34352e39352e38312e302f32342d3234203d3e203130373533.roa
Signing time: Thu 25 Jul 2024 23:56:14 +0000
ROA not before: Thu 25 Jul 2024 23:51:14 +0000
ROA not after: Thu 24 Jul 2025 23:56:14 +0000
asID: 10753
IP address blocks: 45.95.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.mft
rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:e6:18:3b:9e:15:9e:3a:25:f8:47:66:61:c8:af:d0:d8:73:65:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Validity
Not Before: Jul 25 23:51:14 2024 GMT
Not After : Jul 24 23:56:14 2025 GMT
Subject: CN=35BB890A23AAFB04622C89F6B78B27EC67960E1D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:94:2a:83:f6:00:c4:47:cc:f2:d3:56:2c:8c:
9d:c0:5f:7e:f1:49:28:7a:c5:10:d7:45:5f:ae:d2:
b8:e9:e0:d0:f9:b0:fd:20:0c:de:58:cf:fa:79:69:
60:42:11:6d:51:80:d4:34:63:99:b2:aa:0f:e6:93:
9f:cf:5d:1b:7d:0a:bc:db:5a:90:54:ee:e2:1b:9d:
c4:18:a9:65:05:0e:da:a0:90:02:ea:4c:87:12:d5:
7b:df:63:de:e8:ed:a5:8b:4e:4d:42:71:16:c8:ea:
3e:3a:30:20:60:7b:e0:e2:23:7e:6b:7d:54:13:fd:
69:2c:10:61:f9:79:57:17:08:b6:48:3d:66:e3:06:
c3:f7:5c:2c:f2:e2:f5:ba:29:1b:57:64:48:dc:01:
e9:ed:6c:53:52:cf:1e:7a:32:ab:8c:6e:62:d6:42:
82:a9:8d:68:31:2b:7d:07:23:b5:1c:ef:00:ec:59:
3c:14:ab:6d:ce:a5:c4:00:b8:69:02:5d:14:b3:fa:
85:6d:e6:ec:c6:da:fc:20:f9:34:cb:d9:f2:e2:4c:
97:ad:e4:cb:9b:4e:97:81:a0:b5:3a:5e:fc:b3:3c:
73:a2:20:ff:21:a8:86:27:9e:45:c8:83:39:4d:4c:
10:ae:39:a9:df:4b:98:64:04:6b:61:4d:df:a8:87:
ab:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:BB:89:0A:23:AA:FB:04:62:2C:89:F6:B7:8B:27:EC:67:96:0E:1D
X509v3 Authority Key Identifier:
keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/34352e39352e38312e302f32342d3234203d3e203130373533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.81.0/24
Signature Algorithm: sha256WithRSAEncryption
27:e6:62:8a:4c:b2:6c:62:e3:88:20:60:f2:1c:5e:c0:16:0f:
d8:f7:dd:69:ab:e2:47:67:ca:03:22:e9:fe:2b:01:69:39:e0:
b3:be:03:b2:5c:ab:8f:57:2c:f8:cb:2f:a9:ea:f9:e1:93:45:
7f:a4:49:e8:1c:85:ca:fe:51:68:d7:81:aa:68:ee:48:99:26:
c8:09:6e:cf:1c:7b:e8:b9:6d:7d:2d:c9:3c:08:88:49:03:e7:
7b:da:00:56:24:20:8a:e0:7b:fa:92:0c:6a:b8:5f:36:b7:7f:
2b:15:5f:64:59:1f:2e:16:c2:b5:b6:4e:9d:4c:d2:7a:c0:1f:
74:33:12:fb:87:c2:53:88:da:25:fb:e6:21:39:f6:8b:8e:74:
53:3d:d2:10:6f:03:d7:2e:d5:c0:1f:ef:85:13:9e:b9:82:f2:
16:36:c4:2d:e0:78:2a:d0:80:9e:73:58:3e:a7:3e:ac:b1:ca:
c5:08:2d:38:9a:62:44:bd:88:ff:06:4f:4c:79:1b:cc:b4:a4:
e1:47:1c:9e:0b:62:f6:72:5e:51:50:2c:60:9e:50:67:a0:41:
e7:c1:b0:34:e1:9b:fa:8b:3d:0f:6c:26:f4:80:f6:1c:47:19:
53:b2:e3:83:8b:86:98:5c:59:51:0c:ce:bf:64:f2:26:cb:41:
be:95:ef:08
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUOuYYO54Vnjol+EdmYciv0NhzZcEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNDA3MjUyMzUxMTRaFw0yNTA3MjQyMzU2MTRaMDMxMTAvBgNV
BAMTKDM1QkI4OTBBMjNBQUZCMDQ2MjJDODlGNkI3OEIyN0VDNjc5NjBFMUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKlCqD9gDER8zy01YsjJ3AX37x
SSh6xRDXRV+u0rjp4ND5sP0gDN5Yz/p5aWBCEW1RgNQ0Y5myqg/mk5/PXRt9Crzb
WpBU7uIbncQYqWUFDtqgkALqTIcS1XvfY97o7aWLTk1CcRbI6j46MCBge+DiI35r
fVQT/WksEGH5eVcXCLZIPWbjBsP3XCzy4vW6KRtXZEjcAentbFNSzx56MquMbmLW
QoKpjWgxK30HI7Uc7wDsWTwUq23OpcQAuGkCXRSz+oVt5uzG2vwg+TTL2fLiTJet
5MubTpeBoLU6XvyzPHOiIP8hqIYnnkXIgzlNTBCuOanfS5hkBGthTd+oh6sxAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUNbuJCiOq+wRiLIn2t4sn7GeWDh0wHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzQzNTJlMzkzNTJlMzgzMTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzAzNzM1MzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtX1Ew
DQYJKoZIhvcNAQELBQADggEBACfmYopMsmxi44ggYPIcXsAWD9j33Wmr4kdnygMi
6f4rAWk54LO+A7Jcq49XLPjLL6nq+eGTRX+kSegchcr+UWjXgapo7kiZJsgJbs8c
e+i5bX0tyTwIiEkD53vaAFYkIIrge/qSDGq4Xza3fysVX2RZHy4WwrW2Tp1M0nrA
H3QzEvuHwlOI2iX75iE59ouOdFM90hBvA9cu1cAf74UTnrmC8hY2xC3geCrQgJ5z
WD6nPqyxysUILTiaYkS9iP8GT0x5G8y0pOFHHJ4LYvZyXlFQLGCeUGegQefBsDTh
m/qLPQ9sJvSA9hxHGVOy44OLhphcWVEMzr9k8ibLQb6V7wg=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:13 2024 by rpki-client on console-fra.rpki-client.org