Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3134352e3234322e302f32342d3234203d3e203631333137.roa
File: 34352e3134352e3234322e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: ikgi1ZDn+JlqvEXD23SCdDljFp0ZwM53qtOl2sujyPg=
Subject key identifier: 6F:44:AF:A9:5D:E9:AE:F3:D8:E9:FB:FA:F5:8D:9E:DD:36:CB:C3:3B
Certificate issuer: /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial: 056CB2D47FBC7C25329C3EE1F29D96F1858DC9F6
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3134352e3234322e302f32342d3234203d3e203631333137.roa
Signing time: Wed 28 Aug 2024 13:05:19 +0000
ROA not before: Wed 28 Aug 2024 13:00:19 +0000
ROA not after: Wed 27 Aug 2025 13:05:19 +0000
asID: 61317
IP address blocks: 45.145.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:6c:b2:d4:7f:bc:7c:25:32:9c:3e:e1:f2:9d:96:f1:85:8d:c9:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Validity
Not Before: Aug 28 13:00:19 2024 GMT
Not After : Aug 27 13:05:19 2025 GMT
Subject: CN=6F44AFA95DE9AEF3D8E9FBFAF58D9EDD36CBC33B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2e:3c:e7:aa:66:dd:a4:86:24:34:d1:13:77:
6c:58:4f:23:db:90:d3:c6:a3:ef:af:0a:df:4e:5f:
5d:20:23:33:8e:6b:78:9d:d8:67:10:8b:ac:c0:94:
9d:d7:04:20:ef:d7:8c:c9:9f:94:b2:d1:a3:8b:45:
40:48:da:b9:6e:5b:74:0f:66:ff:f6:0e:d5:22:73:
4c:e7:b4:b4:d8:83:de:ef:1b:00:e6:83:cf:a0:70:
17:c0:17:b0:80:40:1d:38:ec:38:bd:97:87:7a:6f:
b3:fc:b2:3f:3f:a1:66:ce:83:f2:62:08:e3:a9:dc:
ea:50:cc:ef:a2:32:94:4a:80:e3:49:e8:4e:da:52:
e6:38:ba:db:6e:6a:42:af:bc:c2:cf:90:14:92:10:
b5:b0:07:76:9d:d4:c8:4c:73:6b:ab:9a:78:9c:52:
f7:ca:c6:86:c2:8f:37:6f:fe:d1:e9:b8:3e:e1:70:
cd:67:1e:1c:8d:a3:a0:46:aa:3d:52:ed:a9:1a:9f:
75:f4:20:3a:92:72:98:3a:a7:fe:83:ba:fc:72:e6:
89:7d:5b:e2:09:9d:c2:d9:0c:a9:8b:60:a4:d8:62:
26:4b:49:de:a9:59:6b:fc:30:c7:19:23:eb:39:a4:
be:0d:fb:0d:8c:f5:df:68:d9:3c:63:35:d4:f2:b2:
6f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:44:AF:A9:5D:E9:AE:F3:D8:E9:FB:FA:F5:8D:9E:DD:36:CB:C3:3B
X509v3 Authority Key Identifier:
keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3134352e3234322e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.242.0/24
Signature Algorithm: sha256WithRSAEncryption
34:8f:ff:fb:ba:ac:54:ce:7a:4b:d3:6c:10:11:54:a4:5e:68:
dc:7e:40:5d:db:7d:46:b2:ba:c7:0a:7b:14:05:b3:72:e4:af:
e4:6b:54:e3:b1:59:6e:28:5a:48:56:43:c7:9c:ee:df:a4:72:
b3:45:9b:d0:2e:f1:ca:f2:f1:a1:a3:a8:e4:a7:83:b1:ff:4e:
7f:35:b6:e8:3a:4c:78:56:b8:d8:3d:07:8c:8b:e2:59:e1:92:
03:1f:44:6a:68:f7:2c:c4:29:47:77:e0:8d:21:b6:6a:0b:9b:
dc:91:2d:6b:a9:58:8c:16:a9:03:25:b6:d0:7e:36:e1:d0:b2:
28:f6:42:e4:ed:f6:0b:88:3a:c1:56:60:ba:6e:a2:6f:17:ab:
8f:e1:9f:02:05:e8:5e:ae:72:36:c3:36:c3:48:8e:8b:d4:d5:
b7:e8:47:b4:bf:f9:be:5b:41:81:79:18:7e:40:4c:e7:27:d9:
1c:63:49:d5:db:f8:f8:3d:e4:ec:f4:00:6e:65:8f:11:bd:ba:
3a:43:d1:d5:54:9b:80:4f:4e:05:64:2f:e4:62:5c:02:a0:c3:
60:22:dd:88:2e:e8:61:db:f4:6e:9b:50:01:19:c5:b1:79:ce:
82:96:5a:25:45:28:7d:64:94:16:47:0c:12:6c:58:87:66:81:
bd:a9:74:63
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBWyy1H+8fCUynD7h8p2W8YWNyfYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yNDA4MjgxMzAwMTlaFw0yNTA4MjcxMzA1MTlaMDMxMTAvBgNV
BAMTKDZGNDRBRkE5NURFOUFFRjNEOEU5RkJGQUY1OEQ5RUREMzZDQkMzM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8LjznqmbdpIYkNNETd2xYTyPb
kNPGo++vCt9OX10gIzOOa3id2GcQi6zAlJ3XBCDv14zJn5Sy0aOLRUBI2rluW3QP
Zv/2DtUic0zntLTYg97vGwDmg8+gcBfAF7CAQB047Di9l4d6b7P8sj8/oWbOg/Ji
COOp3OpQzO+iMpRKgONJ6E7aUuY4uttuakKvvMLPkBSSELWwB3ad1MhMc2urmnic
UvfKxobCjzdv/tHpuD7hcM1nHhyNo6BGqj1S7akan3X0IDqScpg6p/6Duvxy5ol9
W+IJncLZDKmLYKTYYiZLSd6pWWv8MMcZI+s5pL4N+w2M9d9o2TxjNdTysm9hAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUb0SvqV3prvPY6fv69Y2e3TbLwzswHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzQzNTJlMzEzNDM1MmUzMjM0
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZHyMA0GCSqGSIb3DQEBCwUAA4IBAQA0j//7uqxUznpL02wQEVSkXmjcfkBd231G
srrHCnsUBbNy5K/ka1TjsVluKFpIVkPHnO7fpHKzRZvQLvHK8vGho6jkp4Ox/05/
NbboOkx4VrjYPQeMi+JZ4ZIDH0RqaPcsxClHd+CNIbZqC5vckS1rqViMFqkDJbbQ
fjbh0LIo9kLk7fYLiDrBVmC6bqJvF6uP4Z8CBehernI2wzbDSI6L1NW36Ee0v/m+
W0GBeRh+QEznJ9kcY0nV2/j4PeTs9ABuZY8Rvbo6Q9HVVJuAT04FZC/kYlwCoMNg
It2ILuhh2/Rum1ABGcWxec6CllolRSh9ZJQWRwwSbFiHZoG9qXRj
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:08:36 2024 by rpki-client on console-fra.rpki-client.org