Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e20313532363732.roa
File: 34352e3133372e39372e302f32342d3234203d3e20313532363732.roa (raw, json)
Hash identifier: nI8h900Zsl9/R1XBVXGnJddk6ZbrUtpyJx827RJP4Rw=
Subject key identifier: A9:06:FE:E0:BE:D4:8B:DC:11:6A:D0:4E:5C:40:0D:C1:2F:AC:28:9C
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 5FDAD5CA3D614FDB53FB7B67D63D4123ABC38949
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e20313532363732.roa
Signing time: Sat 11 May 2024 15:37:07 +0000
ROA not before: Sat 11 May 2024 15:32:07 +0000
ROA not after: Sat 10 May 2025 15:37:07 +0000
asID: 152672
IP address blocks: 45.137.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:da:d5:ca:3d:61:4f:db:53:fb:7b:67:d6:3d:41:23:ab:c3:89:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: May 11 15:32:07 2024 GMT
Not After : May 10 15:37:07 2025 GMT
Subject: CN=A906FEE0BED48BDC116AD04E5C400DC12FAC289C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6c:0e:98:3c:ba:ed:5b:5b:a6:e4:0d:d2:94:
9c:c2:6d:c2:5f:b8:36:a7:82:da:a9:e6:b8:1d:be:
e5:c8:19:bc:57:ea:da:89:73:bd:4e:76:82:a6:c8:
e6:73:36:bb:f8:5d:44:89:fb:a4:c7:1c:95:73:92:
6b:c2:48:de:8c:dc:13:b2:11:f1:1e:4f:96:fc:63:
d2:40:01:eb:12:b2:29:72:45:4c:32:ff:bf:23:a7:
35:3f:93:7a:50:53:a1:e2:89:79:27:0c:4a:85:f0:
09:4c:59:f4:5e:7f:b1:c9:ee:ce:b3:6d:d2:04:cd:
45:62:a2:8e:de:24:e1:e0:96:0d:c6:b4:59:25:c8:
a7:ef:39:9e:11:b5:6e:3f:ca:1d:16:45:ff:ce:fa:
98:ea:8c:d6:f3:f7:27:63:2a:6c:8f:d2:2c:46:61:
33:d7:65:6e:3d:e9:14:34:09:49:5b:5c:f5:85:5b:
2b:a6:33:88:21:92:44:57:89:a0:6e:ad:8a:48:a7:
47:37:db:f8:b6:5a:43:4b:3a:c8:e5:93:bc:82:ee:
34:25:a8:c9:4b:2f:7f:71:f7:c7:c6:d7:6d:d4:2b:
66:05:c4:e0:23:4d:52:fe:d5:6e:b8:b8:a4:b5:3c:
2e:40:b3:d4:23:4c:f3:9f:a7:06:c2:eb:28:cf:0b:
66:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:06:FE:E0:BE:D4:8B:DC:11:6A:D0:4E:5C:40:0D:C1:2F:AC:28:9C
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e20313532363732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.97.0/24
Signature Algorithm: sha256WithRSAEncryption
60:73:54:fc:c9:90:0b:eb:c3:fc:a6:82:c2:f2:fb:df:63:02:
3c:dd:33:6a:57:55:4c:3e:1c:de:38:8e:2d:4e:0f:b5:fe:e4:
35:e5:4d:94:49:2c:11:fd:cd:75:51:02:4a:96:4e:b9:53:7a:
64:2c:03:cb:cd:b9:54:6f:28:3b:d1:38:d8:6c:ac:5d:bd:ea:
ed:fd:49:f0:5e:e8:fc:19:69:7c:0d:e6:af:ec:c9:68:e0:09:
f7:75:87:dd:ad:27:a3:c2:c2:39:ab:c1:8d:d2:83:fa:0f:71:
c6:92:a7:79:63:2b:dd:d2:9a:db:72:98:ff:bf:cb:d4:ce:fe:
60:de:04:48:37:1a:77:ba:4b:3b:31:71:a6:59:71:7e:a6:ab:
06:16:d3:db:3c:d2:13:1a:25:95:49:64:bb:51:4c:62:f9:43:
03:65:60:4f:be:4a:63:68:75:fd:2a:43:30:f3:f2:a6:83:60:
9d:3c:bb:db:4a:00:e0:b2:c0:69:ad:78:10:ef:86:64:e6:d2:
3b:19:e7:59:33:b0:ae:ec:40:41:85:df:1f:11:d5:85:e2:e9:
be:96:2c:1b:69:34:36:10:de:84:9c:3b:c4:e7:f8:a1:14:7c:
5c:85:f2:79:8d:4c:ab:d5:09:4b:b8:4b:c2:aa:bd:a5:65:bb:
e9:d7:c9:ee
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUX9rVyj1hT9tT+3tn1j1BI6vDiUkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA1MTExNTMyMDdaFw0yNTA1MTAxNTM3MDdaMDMxMTAvBgNV
BAMTKEE5MDZGRUUwQkVENDhCREMxMTZBRDA0RTVDNDAwREMxMkZBQzI4OUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNbA6YPLrtW1um5A3SlJzCbcJf
uDangtqp5rgdvuXIGbxX6tqJc71OdoKmyOZzNrv4XUSJ+6THHJVzkmvCSN6M3BOy
EfEeT5b8Y9JAAesSsilyRUwy/78jpzU/k3pQU6HiiXknDEqF8AlMWfRef7HJ7s6z
bdIEzUVioo7eJOHglg3GtFklyKfvOZ4RtW4/yh0WRf/O+pjqjNbz9ydjKmyP0ixG
YTPXZW496RQ0CUlbXPWFWyumM4ghkkRXiaBurYpIp0c32/i2WkNLOsjlk7yC7jQl
qMlLL39x98fG123UK2YFxOAjTVL+1W64uKS1PC5As9QjTPOfpwbC6yjPC2avAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqQb+4L7Ui9wRatBOXEANwS+sKJwwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNTMyMzYzNzMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYlhMA0GCSqGSIb3DQEBCwUAA4IBAQBgc1T8yZAL68P8poLC8vvfYwI83TNqV1VM
PhzeOI4tTg+1/uQ15U2USSwR/c11UQJKlk65U3pkLAPLzblUbyg70TjYbKxdvert
/UnwXuj8GWl8Deav7Mlo4An3dYfdrSejwsI5q8GN0oP6D3HGkqd5Yyvd0prbcpj/
v8vUzv5g3gRINxp3uks7MXGmWXF+pqsGFtPbPNITGiWVSWS7UUxi+UMDZWBPvkpj
aHX9KkMw8/Kmg2CdPLvbSgDgssBprXgQ74Zk5tI7GedZM7Cu7EBBhd8fEdWF4um+
liwbaTQ2EN6EnDvE5/ihFHxchfJ5jUyr1QlLuEvCqr2lZbvp18nu
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:01 2024 by rpki-client on console-fra.rpki-client.org