Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/34352e38362e39352e302f32342d3234203d3e2031323939.roa
File: 34352e38362e39352e302f32342d3234203d3e2031323939.roa (raw, json)
Hash identifier: sHNUjx1C5zDVVNYZO6LMRJJnO0yFg6+u79okyr4JNqE=
Subject key identifier: 62:C1:16:38:A1:1D:4B:BC:1A:B6:92:DC:BF:86:52:5D:A1:CA:EC:7B
Certificate issuer: /CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Certificate serial: 70BB01D689DFBC947F814A6489CE75431384990B
Authority key identifier: D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/34352e38362e39352e302f32342d3234203d3e2031323939.roa
Signing time: Sun 06 Aug 2023 14:21:46 +0000
ROA not before: Sun 06 Aug 2023 14:16:46 +0000
ROA not after: Sun 04 Aug 2024 14:21:46 +0000
asID: 1299
IP address blocks: 45.86.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl
rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.mft
rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 14:51:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:bb:01:d6:89:df:bc:94:7f:81:4a:64:89:ce:75:43:13:84:99:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Validity
Not Before: Aug 6 14:16:46 2023 GMT
Not After : Aug 4 14:21:46 2024 GMT
Subject: CN=62C11638A11D4BBC1AB692DCBF86525DA1CAEC7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:9e:be:a7:21:4b:8b:f1:14:d7:a5:38:0e:04:
16:3b:6f:bf:e8:29:58:67:41:c8:50:4a:73:b4:6d:
68:d5:0e:5a:77:64:01:e9:bb:3b:3e:f5:87:96:65:
75:ba:ac:6e:85:68:06:d8:cf:4a:51:34:79:a5:91:
73:21:5a:98:3e:94:d1:b1:3f:c1:18:ef:82:4b:0b:
b7:c0:ac:d0:42:40:20:e2:1c:22:69:c4:dd:f1:d7:
e6:81:10:6a:b5:b0:34:cc:0c:f8:8e:fb:b8:b4:9e:
d4:02:63:89:9b:e7:fc:b7:e9:f0:7a:43:5a:b6:5b:
fc:2a:ee:71:04:3c:1d:69:48:ab:79:12:f4:a2:7d:
c6:39:37:31:92:10:25:2f:96:29:d6:e2:a3:fd:70:
a3:7a:60:77:67:4a:fe:d0:9c:47:09:7d:f3:e3:de:
c2:52:67:a0:e4:21:ac:7c:65:72:e7:88:9e:1e:23:
71:31:4b:a4:d8:33:a6:21:18:42:88:6d:bf:f4:5a:
12:bc:f5:a1:78:99:c6:86:0e:99:c2:47:28:5f:66:
ac:51:c0:cf:36:6b:6c:ae:0a:51:c3:01:6b:ea:54:
bd:1e:35:78:a6:4a:02:1d:4c:0b:1f:a7:3d:db:aa:
e0:3a:5c:d5:ce:ba:d7:8b:36:1f:8a:ad:81:4d:a0:
42:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:C1:16:38:A1:1D:4B:BC:1A:B6:92:DC:BF:86:52:5D:A1:CA:EC:7B
X509v3 Authority Key Identifier:
keyid:D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/34352e38362e39352e302f32342d3234203d3e2031323939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.95.0/24
Signature Algorithm: sha256WithRSAEncryption
25:52:51:d7:9c:7f:79:00:89:b4:11:5f:00:d5:15:2e:49:70:
4b:cb:3b:ab:ce:1f:15:dc:8c:eb:0f:06:de:b0:3d:b7:cd:c7:
63:5b:2a:0f:f8:02:c0:de:04:3a:e5:4b:2c:ba:15:41:09:3c:
d7:3d:f2:bb:a8:23:15:07:90:d6:6f:07:92:4a:dc:be:7b:b7:
74:fd:e9:e4:f0:1e:50:ab:53:cc:27:5e:a6:81:f5:fd:c1:5f:
2c:0f:7b:01:cc:e0:67:5b:f9:07:51:90:10:5f:ae:54:95:1a:
61:5a:1f:fb:a7:50:a7:9f:7a:76:a9:3b:bb:47:af:18:d6:79:
63:65:2f:51:2f:7f:f3:25:f5:9e:4f:d2:0c:a1:6d:c9:97:d4:
4b:12:5b:f3:7c:6a:f8:7a:c6:b3:5e:e9:56:e4:47:ea:27:05:
ef:c5:70:6f:b6:05:e8:d9:bc:69:1b:8e:36:21:74:80:5c:70:
24:59:b0:fe:b6:7d:b9:94:b6:53:ec:28:4d:69:8f:2c:8b:5f:
c9:e8:45:73:f2:3a:eb:a8:54:cf:fc:5e:cd:3e:b4:fa:f2:36:
7f:b1:32:c6:18:d8:72:c7:63:55:91:b9:ce:83:ce:f0:2f:d7:
b3:9e:87:df:87:fc:4b:cf:ff:c3:38:9e:53:71:b4:d7:90:c0:
05:b9:f4:f8
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUcLsB1onfvJR/gUpkic51QxOEmQswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDAxYmEwMTNiYzFlNmQ4NmYwZDZkNThlYWZhNTRlMjdm
YWRhMzQ0NDAeFw0yMzA4MDYxNDE2NDZaFw0yNDA4MDQxNDIxNDZaMDMxMTAvBgNV
BAMTKDYyQzExNjM4QTExRDRCQkMxQUI2OTJEQ0JGODY1MjVEQTFDQUVDN0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXnr6nIUuL8RTXpTgOBBY7b7/o
KVhnQchQSnO0bWjVDlp3ZAHpuzs+9YeWZXW6rG6FaAbYz0pRNHmlkXMhWpg+lNGx
P8EY74JLC7fArNBCQCDiHCJpxN3x1+aBEGq1sDTMDPiO+7i0ntQCY4mb5/y36fB6
Q1q2W/wq7nEEPB1pSKt5EvSifcY5NzGSECUvlinW4qP9cKN6YHdnSv7QnEcJffPj
3sJSZ6DkIax8ZXLniJ4eI3ExS6TYM6YhGEKIbb/0WhK89aF4mcaGDpnCRyhfZqxR
wM82a2yuClHDAWvqVL0eNXimSgIdTAsfpz3bquA6XNXOuteLNh+KrYFNoEKdAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUYsEWOKEdS7watpLcv4ZSXaHK7HswHwYDVR0j
BBgwFoAU0BugE7webYbw1tWOr6VOJ/raNEQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYtNjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5
NDMxLzEvRDAxQkEwMTNCQzFFNkQ4NkYwRDZENThFQUZBNTRFMjdGQURBMzQ0NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBCdWdFN3dlYllidzF0V09yNlZPSl9y
YU5FUS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYt
NjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5NDMxLzEvMzQzNTJlMzgzNjJlMzkzNTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzIzOTM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVZfMA0G
CSqGSIb3DQEBCwUAA4IBAQAlUlHXnH95AIm0EV8A1RUuSXBLyzurzh8V3IzrDwbe
sD23zcdjWyoP+ALA3gQ65UssuhVBCTzXPfK7qCMVB5DWbweSSty+e7d0/enk8B5Q
q1PMJ16mgfX9wV8sD3sBzOBnW/kHUZAQX65UlRphWh/7p1Cnn3p2qTu7R68Y1nlj
ZS9RL3/zJfWeT9IMoW3Jl9RLElvzfGr4esazXulW5EfqJwXvxXBvtgXo2bxpG442
IXSAXHAkWbD+tn25lLZT7ChNaY8si1/J6EVz8jrrqFTP/F7NPrT68jZ/sTLGGNhy
x2NVkbnOg87wL9eznoffh/xLz//DOJ5TcbTXkMAFufT4
-----END CERTIFICATE-----
Generated at Wed May 15 19:48:08 2024 by rpki-client on console-fra.rpki-client.org