Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/34352e38362e39332e302f32342d3234203d3e203631333137.roa
File: 34352e38362e39332e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: 1x2zpcTAYyd8XetSB0JjPvLUa4clQe7hwjPf8ExgQOI=
Subject key identifier: 43:83:01:D9:5C:46:69:37:0D:92:99:34:D4:6A:D1:55:E0:05:8A:80
Certificate issuer: /CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Certificate serial: 4045039B42F3E75356EAFB6A41BF8B5855547733
Authority key identifier: D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/34352e38362e39332e302f32342d3234203d3e203631333137.roa
Signing time: Thu 04 Jul 2024 20:05:18 +0000
ROA not before: Thu 04 Jul 2024 20:00:18 +0000
ROA not after: Thu 03 Jul 2025 20:05:18 +0000
asID: 61317
IP address blocks: 45.86.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl
rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.mft
rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 01:57:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:45:03:9b:42:f3:e7:53:56:ea:fb:6a:41:bf:8b:58:55:54:77:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Validity
Not Before: Jul 4 20:00:18 2024 GMT
Not After : Jul 3 20:05:18 2025 GMT
Subject: CN=438301D95C4669370D929934D46AD155E0058A80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:19:4c:84:9a:38:82:9a:54:8a:f2:f6:36:e4:
67:3e:c5:6a:4c:72:08:1c:23:d8:0b:4a:3f:fa:7c:
a7:84:8b:f4:96:54:d5:04:3f:5c:29:bb:9a:f7:bf:
96:b3:bd:3c:e0:a6:d7:30:10:9f:ca:e8:91:f3:5f:
88:1b:89:1d:d7:c2:e6:71:41:2c:83:2f:85:2d:74:
b3:d0:a3:eb:36:bb:e4:ef:8d:86:71:6f:c4:1b:dd:
a9:82:29:f3:90:db:40:a1:91:f3:19:93:6c:df:fb:
e7:7b:85:8a:70:c0:64:3d:3a:95:af:63:78:69:1c:
bd:fa:62:64:cd:7a:7d:8e:a4:2d:f8:af:1a:b4:6e:
32:b9:6e:db:6e:b4:0f:00:9a:24:d5:06:40:68:b2:
bd:9b:dd:1b:76:3a:74:b6:9c:73:7d:ce:d3:11:5f:
58:26:6a:d9:6e:13:71:03:0a:9c:17:ae:5f:79:c4:
75:4f:f8:80:9b:1a:91:9f:ac:6d:6a:58:93:e4:33:
4c:b4:72:6c:bb:c5:c4:4c:a2:b8:ca:e8:2d:29:95:
72:21:cf:75:44:da:fd:a9:09:33:30:64:c3:57:91:
db:6f:a6:35:02:3f:5c:b1:25:3e:c0:d3:0b:84:64:
86:ae:a5:7e:ca:12:24:d9:e7:57:39:3f:77:d8:b4:
17:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:83:01:D9:5C:46:69:37:0D:92:99:34:D4:6A:D1:55:E0:05:8A:80
X509v3 Authority Key Identifier:
keyid:D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/34352e38362e39332e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.93.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:f9:d1:47:c1:86:be:20:cb:46:03:54:04:7f:1c:bf:49:aa:
d3:f6:22:a9:1f:d7:ed:9f:93:27:47:1c:28:94:7f:27:17:aa:
ef:59:b0:8e:d7:12:49:4e:76:d9:ad:fc:8f:de:e8:80:5f:c4:
66:68:ab:14:b3:93:00:89:c0:a7:44:3b:46:ba:07:aa:e3:ea:
bd:31:f1:e1:30:cb:7f:f5:65:f9:f1:3c:ea:dd:13:24:9d:85:
13:f5:28:8f:b0:97:03:f7:7c:4a:eb:2a:59:6a:43:0e:da:2a:
d5:7d:b1:5d:ae:e5:84:3d:d5:00:b1:88:4e:e7:53:dd:45:40:
d2:9d:94:be:97:13:95:8d:08:af:d4:d1:32:07:8c:3f:1d:cc:
7e:52:42:2a:c5:16:aa:0e:15:dc:24:2c:98:91:a5:1f:ea:41:
1d:e6:6f:c3:20:24:d9:90:6b:e7:45:15:45:62:28:88:d1:eb:
15:e3:6f:4b:73:2f:7d:5f:21:a9:40:9a:ec:78:94:53:f2:b0:
db:2c:40:62:59:1a:7e:eb:04:05:ca:80:29:57:5f:70:09:e8:
d1:af:28:5b:eb:6f:ca:0a:8c:a1:18:8d:2d:21:c4:1f:e1:db:
60:7a:76:20:47:59:12:a4:55:d7:15:88:6a:46:99:20:e4:ed:
ff:c3:77:e1
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUQEUDm0Lz51NW6vtqQb+LWFVUdzMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDAxYmEwMTNiYzFlNmQ4NmYwZDZkNThlYWZhNTRlMjdm
YWRhMzQ0NDAeFw0yNDA3MDQyMDAwMThaFw0yNTA3MDMyMDA1MThaMDMxMTAvBgNV
BAMTKDQzODMwMUQ5NUM0NjY5MzcwRDkyOTkzNEQ0NkFEMTU1RTAwNThBODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHGUyEmjiCmlSK8vY25Gc+xWpM
cggcI9gLSj/6fKeEi/SWVNUEP1wpu5r3v5azvTzgptcwEJ/K6JHzX4gbiR3XwuZx
QSyDL4UtdLPQo+s2u+TvjYZxb8Qb3amCKfOQ20ChkfMZk2zf++d7hYpwwGQ9OpWv
Y3hpHL36YmTNen2OpC34rxq0bjK5bttutA8AmiTVBkBosr2b3Rt2OnS2nHN9ztMR
X1gmatluE3EDCpwXrl95xHVP+ICbGpGfrG1qWJPkM0y0cmy7xcRMorjK6C0plXIh
z3VE2v2pCTMwZMNXkdtvpjUCP1yxJT7A0wuEZIaupX7KEiTZ51c5P3fYtBd3AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUQ4MB2VxGaTcNkpk01GrRVeAFioAwHwYDVR0j
BBgwFoAU0BugE7webYbw1tWOr6VOJ/raNEQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYtNjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5
NDMxLzEvRDAxQkEwMTNCQzFFNkQ4NkYwRDZENThFQUZBNTRFMjdGQURBMzQ0NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBCdWdFN3dlYllidzF0V09yNlZPSl9y
YU5FUS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYt
NjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5NDMxLzEvMzQzNTJlMzgzNjJlMzkzMzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtVl0w
DQYJKoZIhvcNAQELBQADggEBAF/50UfBhr4gy0YDVAR/HL9JqtP2Iqkf1+2fkydH
HCiUfycXqu9ZsI7XEklOdtmt/I/e6IBfxGZoqxSzkwCJwKdEO0a6B6rj6r0x8eEw
y3/1ZfnxPOrdEySdhRP1KI+wlwP3fErrKllqQw7aKtV9sV2u5YQ91QCxiE7nU91F
QNKdlL6XE5WNCK/U0TIHjD8dzH5SQirFFqoOFdwkLJiRpR/qQR3mb8MgJNmQa+dF
FUViKIjR6xXjb0tzL31fIalAmux4lFPysNssQGJZGn7rBAXKgClXX3AJ6NGvKFvr
b8oKjKEYjS0hxB/h22B6diBHWRKkVdcViGpGmSDk7f/Dd+E=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:38:51 2025 by rpki-client