Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39362e302f32342d3234203d3e203239383032.roa
File: 34352e3133372e39362e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: 1frwZ3yS5GW2LGBlJO+uRnUw+To0Yg26BQ8Uux+7WSw=
Subject key identifier: A1:D6:95:EC:53:5B:0F:C7:9F:EC:9D:D8:A4:2C:FF:73:AF:92:AB:5D
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 1C49C792F0C0A1CB1949D3243A1ADFC005E7733D
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39362e302f32342d3234203d3e203239383032.roa
Signing time: Wed 03 Jul 2024 21:09:04 +0000
ROA not before: Wed 03 Jul 2024 21:04:04 +0000
ROA not after: Wed 02 Jul 2025 21:09:04 +0000
asID: 29802
IP address blocks: 45.137.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:49:c7:92:f0:c0:a1:cb:19:49:d3:24:3a:1a:df:c0:05:e7:73:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jul 3 21:04:04 2024 GMT
Not After : Jul 2 21:09:04 2025 GMT
Subject: CN=A1D695EC535B0FC79FEC9DD8A42CFF73AF92AB5D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:95:77:72:13:af:30:96:82:96:c8:7b:0c:be:
cc:1a:df:09:9e:f7:fe:55:ba:20:3f:91:0b:64:8f:
2f:b9:6c:6e:e4:e9:34:bf:a5:cf:28:23:1b:b1:c5:
09:92:fa:b0:84:a3:c6:93:4c:08:bc:48:d9:e4:2f:
9f:c8:4c:07:6b:54:2e:4a:7c:a7:23:44:e0:0a:85:
c6:a5:ea:e6:ba:29:b4:da:1e:58:7a:11:61:fc:f5:
ba:a2:76:a2:b8:00:f3:11:a8:c3:c3:60:83:7b:96:
1f:08:31:ea:9e:28:ae:d6:7e:a7:05:b7:a0:4a:5c:
43:ae:0b:d4:b0:a5:57:c1:b5:c2:d9:77:94:e1:cb:
5c:61:98:a0:5e:43:8e:a3:1b:f6:e1:b5:ea:2d:86:
02:c8:a9:2d:37:1d:b0:00:c7:f1:e9:90:11:a3:73:
76:ee:f6:93:93:79:66:ab:38:1d:8c:a4:b3:b1:2f:
eb:d3:6d:d7:da:06:42:3c:3f:4f:cc:e8:68:e8:2c:
a6:92:db:21:a5:91:e6:9b:4c:3c:97:84:5e:22:56:
e4:41:7b:06:ba:6e:3a:93:0b:14:d1:a7:a9:9d:06:
f3:cc:57:18:22:03:c3:a3:27:09:4f:e7:c7:54:ba:
a0:5e:4a:d0:5c:f0:d8:38:44:38:6a:cb:56:eb:9c:
3a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:D6:95:EC:53:5B:0F:C7:9F:EC:9D:D8:A4:2C:FF:73:AF:92:AB:5D
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39362e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.96.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:b3:0d:bc:3f:40:ac:11:ce:9f:bb:f6:2f:15:dc:97:7e:be:
e4:85:1e:e0:1a:2d:d7:7e:72:ca:a5:08:6e:2c:3d:88:0c:40:
f0:ea:f3:61:c1:71:dd:52:dd:a4:7d:b7:e2:92:f1:f5:be:cc:
b7:d2:54:21:7b:88:00:73:20:ca:68:ac:91:78:a0:98:33:c2:
f8:d4:61:a7:f8:a3:37:30:8f:5b:fe:e3:71:70:a8:e5:1b:d4:
a6:4b:d6:3a:cf:fb:7a:53:3d:e1:e7:1e:29:2c:ae:af:6a:3d:
dd:1b:af:f6:dd:5c:5e:72:38:8b:59:0a:c3:9a:f8:b7:e2:68:
8b:a7:2e:02:46:d9:36:0f:38:e0:ee:ad:03:73:f6:b3:7b:c6:
92:5c:48:be:86:b9:c3:c7:b3:d9:51:a1:22:e8:8b:3f:52:27:
21:e4:6a:79:8d:19:89:f0:db:b1:46:34:5e:7e:a3:1c:18:63:
61:d9:fc:20:3c:95:d0:53:ce:cc:97:45:8c:83:59:97:10:59:
bb:e6:95:b7:7d:05:c1:e3:6a:82:3c:8c:d5:d8:96:a2:71:61:
18:77:5f:41:a4:c4:56:23:47:ba:46:0e:18:77:27:ea:ce:e3:
57:55:c9:9e:f2:aa:ad:91:6d:6d:6e:95:59:cf:fa:a7:94:01:
2e:20:69:5b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUHEnHkvDAocsZSdMkOhrfwAXncz0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA3MDMyMTA0MDRaFw0yNTA3MDIyMTA5MDRaMDMxMTAvBgNV
BAMTKEExRDY5NUVDNTM1QjBGQzc5RkVDOUREOEE0MkNGRjczQUY5MkFCNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCslXdyE68wloKWyHsMvswa3wme
9/5VuiA/kQtkjy+5bG7k6TS/pc8oIxuxxQmS+rCEo8aTTAi8SNnkL5/ITAdrVC5K
fKcjROAKhcal6ua6KbTaHlh6EWH89bqidqK4APMRqMPDYIN7lh8IMeqeKK7WfqcF
t6BKXEOuC9SwpVfBtcLZd5Thy1xhmKBeQ46jG/bhteothgLIqS03HbAAx/HpkBGj
c3bu9pOTeWarOB2MpLOxL+vTbdfaBkI8P0/M6GjoLKaS2yGlkeabTDyXhF4iVuRB
ewa6bjqTCxTRp6mdBvPMVxgiA8OjJwlP58dUuqBeStBc8Ng4RDhqy1brnDpxAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUodaV7FNbD8ef7J3YpCz/c6+Sq10wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2J
YDANBgkqhkiG9w0BAQsFAAOCAQEAw7MNvD9ArBHOn7v2LxXcl36+5IUe4Bot135y
yqUIbiw9iAxA8OrzYcFx3VLdpH234pLx9b7Mt9JUIXuIAHMgymiskXigmDPC+NRh
p/ijNzCPW/7jcXCo5RvUpkvWOs/7elM94eceKSyur2o93Ruv9t1cXnI4i1kKw5r4
t+Joi6cuAkbZNg844O6tA3P2s3vGklxIvoa5w8ez2VGhIuiLP1InIeRqeY0ZifDb
sUY0Xn6jHBhjYdn8IDyV0FPOzJdFjINZlxBZu+aVt30FweNqgjyM1diWonFhGHdf
QaTEViNHukYOGHcn6s7jV1XJnvKqrZFtbW6VWc/6p5QBLiBpWw==
-----END CERTIFICATE-----
Generated at Sun Nov 24 17:29:07 2024 by rpki-client on console-fra.rpki-client.org