Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38332e302f32342d3234203d3e2036393339.roa
File: 34352e31322e38332e302f32342d3234203d3e2036393339.roa (raw, json)
Hash identifier: TI1cDTj/09412uDkKF80XwQHfBeC6dnlupHNK39NOiA=
Subject key identifier: 68:56:9D:60:EE:F1:53:68:7A:B8:31:43:34:09:5D:71:C1:D7:91:E8
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 18F67DC48F90EB5E98346A03C121193486427F4E
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38332e302f32342d3234203d3e2036393339.roa
Signing time: Wed 21 Feb 2024 19:05:13 +0000
ROA not before: Wed 21 Feb 2024 19:00:13 +0000
ROA not after: Wed 19 Feb 2025 19:05:13 +0000
asID: 6939
IP address blocks: 45.12.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 23:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:f6:7d:c4:8f:90:eb:5e:98:34:6a:03:c1:21:19:34:86:42:7f:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 21 19:00:13 2024 GMT
Not After : Feb 19 19:05:13 2025 GMT
Subject: CN=68569D60EEF153687AB8314334095D71C1D791E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:b3:5f:4c:5c:e2:fa:f7:0c:b9:84:9f:f2:48:
d1:19:57:f1:bc:36:74:cd:d9:08:5b:e9:3f:23:bd:
95:eb:1b:23:09:4d:bc:85:39:c7:5c:eb:44:24:fe:
d5:22:ab:d2:dc:b9:3f:3d:bd:42:02:08:52:34:91:
9e:ef:7a:a3:96:e3:bc:b5:f5:81:d0:7e:aa:f1:90:
bb:53:ee:00:bc:72:64:a1:b7:cf:42:3b:23:ce:f5:
43:56:a4:78:03:27:c5:d8:b0:ec:a5:b1:b5:cf:64:
ba:0f:ed:42:b2:79:ff:94:b0:22:9e:27:01:26:24:
b2:7f:50:ce:f3:24:20:4b:8b:3d:3e:04:d9:41:25:
ac:c2:90:08:e0:02:b5:9d:33:31:0e:b9:4f:1e:43:
c2:35:01:b1:d8:8e:1b:88:5a:1c:b7:71:20:c1:f3:
4a:28:bd:9a:08:bd:5b:ec:20:9c:de:7f:74:bf:c6:
5f:e3:91:ce:0e:9b:6c:53:91:b5:9c:da:51:c2:35:
8b:eb:06:c4:d4:35:ae:58:a7:f4:ac:af:a2:c6:ed:
b2:c7:d8:11:31:1b:72:83:53:c9:aa:19:d4:8c:45:
e2:90:23:e6:9f:74:52:e9:15:15:34:1c:11:b6:75:
57:e3:8a:1e:79:ba:ac:88:53:df:b8:1e:7f:35:87:
a4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:56:9D:60:EE:F1:53:68:7A:B8:31:43:34:09:5D:71:C1:D7:91:E8
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38332e302f32342d3234203d3e2036393339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.83.0/24
Signature Algorithm: sha256WithRSAEncryption
12:b2:82:14:ae:06:5e:93:42:7e:ee:b8:ff:7d:ae:58:14:a2:
cd:db:0b:0f:b3:1c:d6:9f:10:8b:ad:86:20:95:10:10:41:f6:
1c:bf:f2:ba:89:57:13:32:8f:e2:92:83:38:0a:b5:53:89:7e:
fb:ca:02:26:d7:d3:7a:f9:62:81:b9:3c:4a:16:21:74:9a:ea:
6c:25:4d:a0:70:bb:b7:ea:ba:bc:74:3e:d8:e7:7b:f9:56:f6:
b6:64:17:88:fe:1c:b8:26:9b:69:a6:60:2d:6e:d1:b5:f5:ac:
cc:51:00:2b:08:d2:a1:ad:0f:1e:fc:0b:f8:6f:90:07:2b:cf:
a4:b6:aa:b9:df:f1:0f:3b:28:e6:f5:28:52:57:91:e9:ff:ae:
1a:ad:16:67:ac:03:f1:6b:35:24:ca:83:2c:25:ef:cd:5e:45:
9a:4b:07:c8:16:ec:5f:9a:e1:86:0a:49:c4:e3:18:9e:a4:47:
30:70:5b:76:7f:19:d2:6b:53:a8:d1:08:e0:6f:69:93:10:00:
fe:88:5c:7a:5b:69:8b:03:19:a6:6c:d2:bc:f7:d2:ac:18:37:
05:2c:ff:1e:5b:c7:71:87:44:7b:cf:7e:4c:50:c1:4f:9a:d8:
dc:0a:74:60:af:2f:9a:33:e9:1d:d5:c8:89:1c:d4:3b:0a:65:
66:fb:63:4f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUGPZ9xI+Q616YNGoDwSEZNIZCf04wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDAyMjExOTAwMTNaFw0yNTAyMTkxOTA1MTNaMDMxMTAvBgNV
BAMTKDY4NTY5RDYwRUVGMTUzNjg3QUI4MzE0MzM0MDk1RDcxQzFENzkxRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDus19MXOL69wy5hJ/ySNEZV/G8
NnTN2Qhb6T8jvZXrGyMJTbyFOcdc60Qk/tUiq9LcuT89vUICCFI0kZ7veqOW47y1
9YHQfqrxkLtT7gC8cmSht89COyPO9UNWpHgDJ8XYsOylsbXPZLoP7UKyef+UsCKe
JwEmJLJ/UM7zJCBLiz0+BNlBJazCkAjgArWdMzEOuU8eQ8I1AbHYjhuIWhy3cSDB
80oovZoIvVvsIJzef3S/xl/jkc4Om2xTkbWc2lHCNYvrBsTUNa5Yp/Ssr6LG7bLH
2BExG3KDU8mqGdSMReKQI+afdFLpFRU0HBG2dVfjih55uqyIU9+4Hn81h6SNAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUaFadYO7xU2h6uDFDNAldccHXkegwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMjJlMzgzMzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzkzMzM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQxTMA0G
CSqGSIb3DQEBCwUAA4IBAQASsoIUrgZek0J+7rj/fa5YFKLN2wsPsxzWnxCLrYYg
lRAQQfYcv/K6iVcTMo/ikoM4CrVTiX77ygIm19N6+WKBuTxKFiF0mupsJU2gcLu3
6rq8dD7Y53v5Vva2ZBeI/hy4JptppmAtbtG19azMUQArCNKhrQ8e/Av4b5AHK8+k
tqq53/EPOyjm9ShSV5Hp/64arRZnrAPxazUkyoMsJe/NXkWaSwfIFuxfmuGGCknE
4xiepEcwcFt2fxnSa1Oo0Qjgb2mTEAD+iFx6W2mLAxmmbNK899KsGDcFLP8eW8dx
h0R7z35MUMFPmtjcCnRgry+aM+kd1ciJHNQ7CmVm+2NP
-----END CERTIFICATE-----
Generated at Thu Apr 25 06:03:47 2024 by rpki-client on console-fra.rpki-client.org