Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/34352e382e3137332e302f32342d3234203d3e20323131393735.roa
File: 34352e382e3137332e302f32342d3234203d3e20323131393735.roa (raw, json)
Hash identifier: RR6KgWmi1lDMkLpEBu4aHafRx617I8UcHbYj9UXIZ2g=
Subject key identifier: 45:6D:BD:C6:86:00:6F:CA:63:05:F1:5E:42:33:9A:B9:70:81:6C:61
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 2A29BE12DF912F07EE5B54382EB48E89064C3CAD
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/34352e382e3137332e302f32342d3234203d3e20323131393735.roa
Signing time: Wed 09 Aug 2023 12:05:33 +0000
ROA not before: Wed 09 Aug 2023 12:00:33 +0000
ROA not after: Wed 07 Aug 2024 12:05:33 +0000
asID: 211975
IP address blocks: 45.8.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.mft
rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:29:be:12:df:91:2f:07:ee:5b:54:38:2e:b4:8e:89:06:4c:3c:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Aug 9 12:00:33 2023 GMT
Not After : Aug 7 12:05:33 2024 GMT
Subject: CN=456DBDC686006FCA6305F15E42339AB970816C61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:cc:2d:d3:7f:de:f1:79:67:ce:72:0c:86:70:
cd:13:01:a7:3e:ec:b7:d5:77:a1:e8:ca:f8:4e:bb:
ad:df:b1:da:a6:ab:c6:26:df:04:29:ef:dd:69:b3:
4e:24:88:01:dc:2d:0d:0d:fa:46:2b:4b:8c:63:7f:
66:d1:89:75:5e:31:25:77:6b:8e:9c:83:c4:fa:77:
3c:c9:de:42:5d:f5:f4:e8:d9:e7:62:1b:b1:8f:d2:
70:53:7d:a0:cb:7f:5d:5f:64:0a:ad:fc:5b:6a:40:
88:5d:d0:3b:ad:95:7d:5b:d0:ef:c9:e2:41:e8:d3:
d1:67:91:f0:ea:a9:84:a6:d2:ea:5a:1f:d0:5d:f3:
22:1c:c3:44:a8:46:fb:40:36:df:c8:be:8d:d1:4a:
b3:8a:e4:b3:a0:24:94:e0:c9:bc:3c:77:a5:50:8b:
12:3a:59:2d:06:84:38:13:86:3d:db:c5:04:a3:ca:
36:6f:ea:65:2f:ed:17:a0:f7:63:59:c5:db:aa:04:
c5:72:bd:27:9b:6c:ef:64:0c:2b:6d:fb:f7:18:bb:
45:03:49:70:f3:9a:02:00:2c:1f:ac:1c:4a:d3:88:
56:42:9b:a5:21:cc:bd:8a:c5:1e:59:f4:ef:1b:d3:
3f:5a:a2:7e:70:b8:7b:4d:e3:d9:11:e8:77:ab:aa:
d4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:6D:BD:C6:86:00:6F:CA:63:05:F1:5E:42:33:9A:B9:70:81:6C:61
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/34352e382e3137332e302f32342d3234203d3e20323131393735.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.173.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:bc:d3:85:98:fd:a7:23:3d:76:37:f5:7c:c3:01:f5:ef:fe:
52:c0:58:d4:16:c0:19:8a:1f:a3:5c:03:10:db:25:c5:5a:4b:
59:0f:0d:2f:98:a5:ed:de:a9:fb:6d:3c:9e:e5:01:43:35:0b:
5f:12:9a:1f:4b:3a:76:88:54:cc:f0:79:f5:bb:3b:e3:c9:ea:
fb:de:cd:a8:90:ac:a1:4b:69:02:a6:b9:a4:8a:9f:93:68:06:
89:9e:3c:14:20:a0:24:b2:85:0d:30:98:77:ea:03:a2:9f:b6:
e1:82:e0:11:ab:5d:59:2c:bc:4d:d3:6b:f2:b8:3a:26:ed:17:
ef:72:00:2a:d8:97:55:56:f5:21:6a:85:07:44:c9:36:bb:35:
74:42:b0:5e:4d:dc:86:11:b1:98:93:25:e9:67:a4:c1:d2:c6:
f6:5c:e9:42:37:af:61:4d:2c:93:5a:49:82:f9:ca:4f:4c:e7:
cb:33:9b:58:85:7d:0e:76:60:f6:39:d2:1e:8c:c9:7e:8f:b0:
81:2f:f9:0b:a7:4f:a5:61:38:a1:f9:7e:f3:54:91:42:25:e7:
85:6f:90:17:df:fa:28:c2:52:6d:dc:41:6a:49:29:a6:70:b2:
5c:12:5c:23:a1:68:a2:e1:c8:81:c6:09:3a:4b:68:04:83:91:
7a:ef:2f:d0
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUKim+Et+RLwfuW1Q4LrSOiQZMPK0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yMzA4MDkxMjAwMzNaFw0yNDA4MDcxMjA1MzNaMDMxMTAvBgNV
BAMTKDQ1NkRCREM2ODYwMDZGQ0E2MzA1RjE1RTQyMzM5QUI5NzA4MTZDNjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXzC3Tf97xeWfOcgyGcM0TAac+
7LfVd6HoyvhOu63fsdqmq8Ym3wQp791ps04kiAHcLQ0N+kYrS4xjf2bRiXVeMSV3
a46cg8T6dzzJ3kJd9fTo2ediG7GP0nBTfaDLf11fZAqt/FtqQIhd0DutlX1b0O/J
4kHo09FnkfDqqYSm0upaH9Bd8yIcw0SoRvtANt/Ivo3RSrOK5LOgJJTgybw8d6VQ
ixI6WS0GhDgThj3bxQSjyjZv6mUv7Reg92NZxduqBMVyvSebbO9kDCtt+/cYu0UD
SXDzmgIALB+sHErTiFZCm6UhzL2KxR5Z9O8b0z9aon5wuHtN49kR6HerqtQ3AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQURW29xoYAb8pjBfFeQjOauXCBbGEwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzQzNTJlMzgyZTMxMzczMzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMTM5MzczNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0I
rTANBgkqhkiG9w0BAQsFAAOCAQEAirzThZj9pyM9djf1fMMB9e/+UsBY1BbAGYof
o1wDENslxVpLWQ8NL5il7d6p+208nuUBQzULXxKaH0s6dohUzPB59bs748nq+97N
qJCsoUtpAqa5pIqfk2gGiZ48FCCgJLKFDTCYd+oDop+24YLgEatdWSy8TdNr8rg6
Ju0X73IAKtiXVVb1IWqFB0TJNrs1dEKwXk3chhGxmJMl6WekwdLG9lzpQjevYU0s
k1pJgvnKT0znyzObWIV9DnZg9jnSHozJfo+wgS/5C6dPpWE4ofl+81SRQiXnhW+Q
F9/6KMJSbdxBakkppnCyXBJcI6FoouHIgcYJOktoBIOReu8v0A==
-----END CERTIFICATE-----
Generated at Fri May 10 19:24:23 2024 by rpki-client on console-fra.rpki-client.org