Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3134392e302f32342d3234203d3e20313337343039.roa
File: 34352e38392e3134392e302f32342d3234203d3e20313337343039.roa (raw, json)
Hash identifier: qWgGvwTzfqT1YLcE33rk4sGIYA/qYs3OV+nuSeBWXug=
Subject key identifier: 0B:35:91:FF:0B:61:83:97:1C:F4:CF:2B:2A:F4:D8:D2:47:0F:79:0A
Certificate issuer: /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial: 18DF16906CFD6894CE47652A8B1B49C3C5105EF2
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3134392e302f32342d3234203d3e20313337343039.roa
Signing time: Sun 21 Apr 2024 15:59:56 +0000
ROA not before: Sun 21 Apr 2024 15:54:56 +0000
ROA not after: Sun 20 Apr 2025 15:59:56 +0000
asID: 137409
IP address blocks: 45.89.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:df:16:90:6c:fd:68:94:ce:47:65:2a:8b:1b:49:c3:c5:10:5e:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Validity
Not Before: Apr 21 15:54:56 2024 GMT
Not After : Apr 20 15:59:56 2025 GMT
Subject: CN=0B3591FF0B6183971CF4CF2B2AF4D8D2470F790A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:66:36:d6:23:a8:df:b4:d2:8f:cb:c7:e6:2e:
15:1e:7d:f2:c4:6f:d6:c0:1a:d4:bf:60:3d:fa:bb:
28:29:ca:0d:4c:58:e2:4d:a3:4d:c5:7e:67:08:f5:
8b:2a:cd:f4:46:f0:e3:ef:ec:92:b4:ad:e4:3d:ab:
82:4a:2d:6e:77:01:3c:53:2a:69:ba:70:94:70:7a:
5f:30:a6:f0:19:bb:ff:65:39:5d:2f:34:26:13:d4:
3d:e1:65:7d:5f:f5:d4:0d:40:58:67:80:81:b8:a2:
9d:3b:56:09:3d:3f:5a:59:76:04:a9:5e:b1:2f:03:
13:de:25:93:89:46:b3:4d:76:10:cd:a3:e7:b9:a4:
dc:43:bb:be:34:9d:ce:b9:1a:99:b3:b0:2a:03:e6:
aa:9e:1a:ee:48:03:d9:75:1e:47:b1:56:4d:1b:14:
e7:d8:c3:78:0f:6a:90:c5:e4:e7:fa:9b:0f:65:a7:
e4:f6:ac:9e:2e:82:e7:97:99:3d:7f:06:e3:52:ca:
1d:15:fd:c3:56:7a:25:e1:1f:2b:0c:60:e5:86:f7:
0c:a4:d1:c5:36:72:25:12:b4:48:56:2a:92:55:4c:
2a:a4:6c:7f:e4:21:6c:aa:6e:6e:64:31:a0:19:b5:
fd:58:8a:15:f1:d4:ba:f0:d9:f8:ae:cc:90:e2:f4:
5d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:35:91:FF:0B:61:83:97:1C:F4:CF:2B:2A:F4:D8:D2:47:0F:79:0A
X509v3 Authority Key Identifier:
keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3134392e302f32342d3234203d3e20313337343039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.149.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:95:1d:31:c8:5e:df:ca:43:45:bc:43:ed:99:67:5a:55:2b:
91:44:ef:9d:b0:c9:e7:63:04:e3:f4:e2:67:96:1d:cb:84:7b:
59:e4:f9:61:fd:df:4d:7c:36:28:63:fc:7a:3b:4f:9a:b4:11:
28:a0:55:ce:26:bd:2f:9d:86:8f:f9:9a:97:37:86:81:73:e9:
05:38:ed:f0:51:04:fc:c4:4d:ce:a4:b3:be:38:ea:9b:ec:ad:
ca:29:24:f9:f5:8c:0a:c3:fa:83:49:9f:46:ce:4d:ff:e4:fd:
c5:82:da:41:fa:df:94:d3:1d:71:63:e6:54:30:cd:c3:4a:40:
e6:ac:20:9e:fd:9e:dc:38:8c:12:42:ac:4e:c3:49:db:15:e6:
53:69:16:a1:7d:eb:91:2c:1e:c8:6e:a7:44:3c:06:ee:6f:19:
2c:1f:b1:17:a3:73:65:92:23:a7:b9:56:10:76:8e:3d:89:6f:
25:16:9f:13:7a:16:87:5a:f2:89:c7:d8:06:e6:66:55:2b:cf:
5d:a2:d7:1b:5c:ea:4b:13:7a:28:93:48:cf:fa:a6:43:2b:1e:
03:5f:f2:ac:30:fd:c3:88:ad:60:2b:67:0f:df:36:5c:86:00:
20:0a:a7:dd:a8:43:e4:d5:ef:a6:1e:0e:0d:94:20:d7:c4:ee:
45:c6:84:09
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGN8WkGz9aJTOR2UqixtJw8UQXvIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yNDA0MjExNTU0NTZaFw0yNTA0MjAxNTU5NTZaMDMxMTAvBgNV
BAMTKDBCMzU5MUZGMEI2MTgzOTcxQ0Y0Q0YyQjJBRjREOEQyNDcwRjc5MEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3ZjbWI6jftNKPy8fmLhUeffLE
b9bAGtS/YD36uygpyg1MWOJNo03FfmcI9YsqzfRG8OPv7JK0reQ9q4JKLW53ATxT
Kmm6cJRwel8wpvAZu/9lOV0vNCYT1D3hZX1f9dQNQFhngIG4op07Vgk9P1pZdgSp
XrEvAxPeJZOJRrNNdhDNo+e5pNxDu740nc65GpmzsCoD5qqeGu5IA9l1HkexVk0b
FOfYw3gPapDF5Of6mw9lp+T2rJ4ugueXmT1/BuNSyh0V/cNWeiXhHysMYOWG9wyk
0cU2ciUStEhWKpJVTCqkbH/kIWyqbm5kMaAZtf1YihXx1Lrw2fiuzJDi9F05AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUCzWR/wthg5cc9M8rKvTY0kcPeQowHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzQzNTJlMzgzOTJlMzEzNDM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM3MzQzMDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVmVMA0GCSqGSIb3DQEBCwUAA4IBAQCOlR0xyF7fykNFvEPtmWdaVSuRRO+dsMnn
YwTj9OJnlh3LhHtZ5Plh/d9NfDYoY/x6O0+atBEooFXOJr0vnYaP+ZqXN4aBc+kF
OO3wUQT8xE3OpLO+OOqb7K3KKST59YwKw/qDSZ9Gzk3/5P3FgtpB+t+U0x1xY+ZU
MM3DSkDmrCCe/Z7cOIwSQqxOw0nbFeZTaRahfeuRLB7IbqdEPAbubxksH7EXo3Nl
kiOnuVYQdo49iW8lFp8TehaHWvKJx9gG5mZVK89dotcbXOpLE3ook0jP+qZDKx4D
X/KsMP3DiK1gK2cP3zZchgAgCqfdqEPk1e+mHg4NlCDXxO5FxoQJ
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:08:36 2024 by rpki-client on console-fra.rpki-client.org