Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3132382e31342e302f32332d3234203d3e2039303837.roa
File: 34352e3132382e31342e302f32332d3234203d3e2039303837.roa (raw, json)
Hash identifier: napcmXNG+OmFWDA/C/9K/1hf43XzuQu44uFNddstbJM=
Subject key identifier: 03:CC:13:99:14:4F:F1:B8:83:6A:62:24:96:B8:CE:D2:9B:FB:01:47
Certificate issuer: /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial: 42B20D3A476F664D5F95C8DAD8793BF0F80314AA
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3132382e31342e302f32332d3234203d3e2039303837.roa
Signing time: Wed 27 Sep 2023 12:05:34 +0000
ROA not before: Wed 27 Sep 2023 12:00:34 +0000
ROA not after: Wed 25 Sep 2024 12:05:34 +0000
asID: 9087
IP address blocks: 45.128.14.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:b2:0d:3a:47:6f:66:4d:5f:95:c8:da:d8:79:3b:f0:f8:03:14:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Validity
Not Before: Sep 27 12:00:34 2023 GMT
Not After : Sep 25 12:05:34 2024 GMT
Subject: CN=03CC1399144FF1B8836A622496B8CED29BFB0147
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:74:5d:3b:68:79:76:1d:db:57:8b:c6:c2:c8:
de:bb:bf:d8:dd:46:4b:9d:21:ab:be:91:1b:17:a6:
ab:ea:d6:74:fd:4d:17:25:93:bd:6f:d3:96:5b:5f:
46:47:2c:b1:fc:7c:68:02:12:8c:bd:31:f7:05:91:
55:1e:7d:31:98:ef:19:88:06:77:d3:68:50:61:db:
b2:a4:23:c8:09:d9:48:02:af:ca:4f:d3:5b:40:3b:
23:ed:6e:70:72:09:31:0d:d5:b4:72:d5:a9:af:f2:
fd:3d:98:50:80:29:c3:2b:cc:18:ed:e8:19:40:9c:
a0:5d:ed:27:b0:25:a4:eb:b7:b5:e4:ce:6d:96:fd:
3a:b3:72:59:c9:e2:e6:11:46:35:2c:81:8d:64:54:
11:87:e1:2b:ca:55:72:7b:71:e8:45:fa:d4:1f:f5:
06:cb:8f:ad:ef:bf:6c:0e:8d:12:b9:ba:7a:1a:43:
50:bd:4d:d3:d1:bb:99:3a:2a:22:83:eb:7e:34:ea:
26:86:91:eb:94:ba:cd:0e:ab:0e:d1:99:f4:80:38:
ac:eb:7c:a0:1e:41:c7:34:03:53:72:1b:41:48:7f:
87:b0:3f:82:8a:aa:8b:23:1b:b3:63:48:e2:52:5c:
a3:31:74:b4:0f:d3:71:3f:6a:20:a6:11:ea:da:86:
4b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:CC:13:99:14:4F:F1:B8:83:6A:62:24:96:B8:CE:D2:9B:FB:01:47
X509v3 Authority Key Identifier:
keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3132382e31342e302f32332d3234203d3e2039303837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.14.0/23
Signature Algorithm: sha256WithRSAEncryption
19:df:22:b1:c0:60:e3:ca:d1:a1:a6:6d:9d:b8:cf:02:50:81:
bd:02:f1:f9:83:47:20:84:8d:b7:4a:83:51:d1:cc:5b:ba:b5:
05:da:84:49:68:c2:7c:2f:33:ba:29:76:9b:be:70:5b:cb:6c:
6f:2d:e9:9a:1e:1c:89:0e:77:50:42:0c:e4:70:51:f3:6e:40:
53:16:95:43:00:3d:2a:72:a1:bb:c7:d7:d0:9a:7e:31:a1:1b:
f1:43:3e:96:36:8f:22:fc:38:d5:60:be:68:0f:d2:73:5a:0a:
b6:95:56:2f:9b:a7:bf:39:15:c9:76:c8:f4:5c:bf:f1:e5:64:
d2:28:3d:1c:24:d8:65:3a:e6:07:4d:34:aa:a4:ae:c0:5a:49:
42:60:ac:17:23:b3:4a:ab:66:b4:5a:fd:db:83:60:b1:e8:6d:
c4:9e:00:53:d9:f8:18:99:06:1e:6f:fa:0b:b5:0b:6b:e2:43:
f1:de:92:c3:6f:5b:f0:c1:7c:7d:fd:62:a3:1f:b9:8f:b2:36:
e9:da:da:df:51:4b:3a:1d:9f:ec:03:77:e0:50:e6:7e:35:a3:
00:0f:f5:ad:44:cf:6a:e5:ab:7d:2b:6c:09:dd:a0:a9:09:f5:
83:ba:73:11:35:27:8d:0f:57:7c:a1:73:3e:5b:ba:2f:59:13:
03:38:0b:df
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUQrINOkdvZk1flcja2Hk78PgDFKowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yMzA5MjcxMjAwMzRaFw0yNDA5MjUxMjA1MzRaMDMxMTAvBgNV
BAMTKDAzQ0MxMzk5MTQ0RkYxQjg4MzZBNjIyNDk2QjhDRUQyOUJGQjAxNDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKdF07aHl2HdtXi8bCyN67v9jd
RkudIau+kRsXpqvq1nT9TRclk71v05ZbX0ZHLLH8fGgCEoy9MfcFkVUefTGY7xmI
BnfTaFBh27KkI8gJ2UgCr8pP01tAOyPtbnByCTEN1bRy1amv8v09mFCAKcMrzBjt
6BlAnKBd7SewJaTrt7Xkzm2W/TqzclnJ4uYRRjUsgY1kVBGH4SvKVXJ7cehF+tQf
9QbLj63vv2wOjRK5unoaQ1C9TdPRu5k6KiKD63406iaGkeuUus0Oqw7RmfSAOKzr
fKAeQcc0A1NyG0FIf4ewP4KKqosjG7NjSOJSXKMxdLQP03E/aiCmEerahkuZAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUA8wTmRRP8biDamIklrjO0pv7AUcwHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzQzNTJlMzEzMjM4MmUzMTM0
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzkzMDM4Mzcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEtgA4w
DQYJKoZIhvcNAQELBQADggEBABnfIrHAYOPK0aGmbZ24zwJQgb0C8fmDRyCEjbdK
g1HRzFu6tQXahElownwvM7opdpu+cFvLbG8t6ZoeHIkOd1BCDORwUfNuQFMWlUMA
PSpyobvH19CafjGhG/FDPpY2jyL8ONVgvmgP0nNaCraVVi+bp785Fcl2yPRcv/Hl
ZNIoPRwk2GU65gdNNKqkrsBaSUJgrBcjs0qrZrRa/duDYLHobcSeAFPZ+BiZBh5v
+gu1C2viQ/HeksNvW/DBfH39YqMfuY+yNuna2t9RSzodn+wDd+BQ5n41owAP9a1E
z2rlq30rbAndoKkJ9YO6cxE1J40PV3yhcz5bui9ZEwM4C98=
-----END CERTIFICATE-----
Generated at Sun May 19 12:05:30 2024 by rpki-client on console-fra.rpki-client.org