Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e20313432313131.roa
File: 34352e3133372e39372e302f32342d3234203d3e20313432313131.roa (raw, json)
Hash identifier: X0XXeiJcoMfLPygjWvEGZh3WWevOZ/+6+r7NtnMsQCA=
Subject key identifier: 87:1B:65:3C:73:9D:74:50:BD:8A:61:77:5E:B6:00:3E:54:4C:3C:90
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 057F522CAF243EDB0C2F675036E16D6E46C798E5
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e20313432313131.roa
Signing time: Sat 06 Jul 2024 16:05:18 +0000
ROA not before: Sat 06 Jul 2024 16:00:18 +0000
ROA not after: Sat 05 Jul 2025 16:05:18 +0000
asID: 142111
IP address blocks: 45.137.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:7f:52:2c:af:24:3e:db:0c:2f:67:50:36:e1:6d:6e:46:c7:98:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jul 6 16:00:18 2024 GMT
Not After : Jul 5 16:05:18 2025 GMT
Subject: CN=871B653C739D7450BD8A61775EB6003E544C3C90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:0a:a8:7f:ee:11:99:c5:ea:f7:b1:39:6e:11:
41:61:d8:13:69:44:4d:1e:9c:e8:da:8b:28:f9:53:
2e:17:1c:b5:4a:dc:c8:79:42:01:f2:23:26:52:c2:
c1:21:55:bb:2d:27:8a:1c:c5:58:51:72:cf:6d:30:
87:1b:21:d9:83:33:58:6d:5e:03:90:3a:09:96:ce:
13:d8:ba:46:26:11:9e:89:21:32:ec:2b:59:b1:48:
f4:01:60:95:aa:70:4d:8b:ce:2b:cd:9f:f8:ec:1f:
20:0e:1b:72:d5:bb:ff:c1:84:b6:4f:b1:ce:ac:66:
c2:9e:82:28:11:0b:57:44:39:20:aa:41:41:3a:f6:
b4:75:2a:70:76:79:e9:aa:26:6d:8c:fa:98:f7:de:
20:b6:ba:2b:33:a0:6b:da:5f:1c:40:e0:a8:ff:92:
f6:03:5a:c0:4c:d1:58:1e:6e:69:15:3a:aa:2b:1f:
e8:e4:9c:eb:96:4c:09:33:46:bd:0c:65:f2:cf:27:
eb:83:6f:27:a3:31:4f:be:f1:1d:ce:c0:75:77:e6:
d4:c5:2c:86:63:be:14:15:82:ab:fd:c8:42:0a:c6:
ea:49:02:8c:c0:d7:5d:6c:98:ba:40:3b:e9:e2:bc:
fc:2d:85:ff:82:60:a8:4e:90:c9:15:0e:cb:cd:fc:
29:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:1B:65:3C:73:9D:74:50:BD:8A:61:77:5E:B6:00:3E:54:4C:3C:90
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e20313432313131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.97.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:25:73:f3:3d:ae:6a:fd:31:b4:16:e8:40:f4:c0:54:f8:74:
0e:ed:f1:ae:fa:20:88:8f:96:c3:06:0d:09:7a:70:a7:1c:17:
48:d2:8e:3c:ad:7e:83:45:2b:3a:3e:54:08:61:b2:64:2e:50:
2f:9b:51:75:ae:1c:11:58:8a:f7:04:6e:77:64:17:57:e6:e2:
92:a4:33:e5:43:90:0d:a6:94:91:cb:63:1e:84:d6:00:ff:45:
c0:a5:39:db:74:80:e3:b2:c0:7d:79:fd:b5:a9:a2:6d:21:68:
32:a1:92:9e:e4:96:32:d5:4f:88:88:c7:9b:c9:d7:9a:48:a1:
49:c3:64:ac:99:7d:96:47:0d:02:26:0d:8d:54:f6:3b:50:db:
13:ef:61:b7:67:90:df:6d:ac:47:d8:aa:96:7d:a2:d4:27:b8:
d9:81:4b:5c:e4:90:91:35:e1:cc:d7:68:3f:fe:dd:ad:c5:4a:
5c:ed:37:7b:ff:9b:32:f8:1a:c0:6e:7b:20:97:d4:51:03:ec:
3a:d0:25:99:3d:42:30:14:c0:b9:5a:ad:43:0a:75:19:cf:86:
12:1c:5e:66:39:fa:0c:92:f1:cb:25:5e:2d:db:12:05:b1:32:
34:dd:f9:e1:06:6e:33:45:00:fc:f6:71:03:e1:19:4e:d2:8d:
9d:9c:d9:36
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBX9SLK8kPtsML2dQNuFtbkbHmOUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA3MDYxNjAwMThaFw0yNTA3MDUxNjA1MThaMDMxMTAvBgNV
BAMTKDg3MUI2NTNDNzM5RDc0NTBCRDhBNjE3NzVFQjYwMDNFNTQ0QzNDOTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcCqh/7hGZxer3sTluEUFh2BNp
RE0enOjaiyj5Uy4XHLVK3Mh5QgHyIyZSwsEhVbstJ4ocxVhRcs9tMIcbIdmDM1ht
XgOQOgmWzhPYukYmEZ6JITLsK1mxSPQBYJWqcE2LzivNn/jsHyAOG3LVu//BhLZP
sc6sZsKegigRC1dEOSCqQUE69rR1KnB2eemqJm2M+pj33iC2uiszoGvaXxxA4Kj/
kvYDWsBM0VgebmkVOqorH+jknOuWTAkzRr0MZfLPJ+uDbyejMU++8R3OwHV35tTF
LIZjvhQVgqv9yEIKxupJAozA111smLpAO+nivPwthf+CYKhOkMkVDsvN/Cm/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUhxtlPHOddFC9imF3XrYAPlRMPJAwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDMyMzEzMTMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYlhMA0GCSqGSIb3DQEBCwUAA4IBAQAPJXPzPa5q/TG0FuhA9MBU+HQO7fGu+iCI
j5bDBg0JenCnHBdI0o48rX6DRSs6PlQIYbJkLlAvm1F1rhwRWIr3BG53ZBdX5uKS
pDPlQ5ANppSRy2MehNYA/0XApTnbdIDjssB9ef21qaJtIWgyoZKe5JYy1U+IiMeb
ydeaSKFJw2SsmX2WRw0CJg2NVPY7UNsT72G3Z5DfbaxH2KqWfaLUJ7jZgUtc5JCR
NeHM12g//t2txUpc7Td7/5sy+BrAbnsgl9RRA+w60CWZPUIwFMC5Wq1DCnUZz4YS
HF5mOfoMkvHLJV4t2xIFsTI03fnhBm4zRQD89nED4RlO0o2dnNk2
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:01 2024 by rpki-client on console-fra.rpki-client.org