Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39382e302f32342d3234203d3e20383334.roa
File: 34352e3133372e39382e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: yKtmBRMuaXJZAKw/nfBFV6vQkya+37n7NiqKgapoOmU=
Subject key identifier: 99:F4:D6:AD:CD:D6:EB:82:2A:79:C3:2C:1E:D2:FA:15:F3:4B:0C:A4
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 3EDBFA76779DD4D822AF45E0DC5ACD5C096B4B9A
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39382e302f32342d3234203d3e20383334.roa
Signing time: Mon 11 Dec 2023 00:00:08 +0000
ROA not before: Sun 10 Dec 2023 23:55:08 +0000
ROA not after: Mon 09 Dec 2024 00:00:08 +0000
asID: 834
IP address blocks: 45.137.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Dec 2023 22:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:db:fa:76:77:9d:d4:d8:22:af:45:e0:dc:5a:cd:5c:09:6b:4b:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Dec 10 23:55:08 2023 GMT
Not After : Dec 9 00:00:08 2024 GMT
Subject: CN=99F4D6ADCDD6EB822A79C32C1ED2FA15F34B0CA4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b4:df:00:03:a0:2b:ba:da:d6:4f:30:17:4d:
8c:fa:a4:60:35:2f:98:c7:62:b1:d5:04:d5:47:1f:
3b:1f:80:98:22:fa:a0:31:32:fd:f3:9d:ba:e4:33:
42:85:97:76:fd:3d:e9:dc:14:2b:9c:3d:7d:d8:0c:
28:c1:8c:9e:a1:5d:f6:71:28:7c:b6:d0:52:6b:51:
7a:34:d9:9a:9e:83:ad:34:ec:28:58:22:3a:b4:f3:
1f:35:7b:1e:b9:65:55:68:28:15:c1:db:f9:fe:2e:
3d:ca:6f:b7:63:88:94:71:46:f9:4c:a1:84:26:4b:
04:39:b5:b0:16:7a:fe:76:2c:2c:ba:76:bf:3d:7d:
da:f9:92:09:71:ad:b6:60:7d:fb:84:c9:31:ab:d8:
3b:ff:b4:a4:fe:f4:37:5f:11:c2:9f:0b:16:d1:41:
b6:08:cd:c3:3e:65:e3:1d:db:ee:c4:59:ff:b6:7d:
34:8e:60:b0:64:16:ff:67:6a:6e:cc:ba:34:31:8e:
3f:bd:be:f1:b7:6b:36:6a:25:9c:38:bb:d7:b9:ed:
1e:65:03:fe:c7:86:bf:91:09:9e:5b:31:4e:bc:2f:
89:43:e1:05:6c:43:e4:08:7b:73:84:54:30:90:4d:
38:8c:11:e4:b0:fc:aa:a1:46:df:e2:d9:7b:ae:cd:
14:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F4:D6:AD:CD:D6:EB:82:2A:79:C3:2C:1E:D2:FA:15:F3:4B:0C:A4
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39382e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.98.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:80:bb:c1:48:bd:a0:25:be:63:92:28:93:ac:a3:81:9a:78:
16:4d:28:67:47:6a:5b:96:6d:bd:ba:b3:17:a6:c7:f8:14:5f:
0d:4d:9b:ca:4a:b3:40:30:41:fa:a2:60:df:0c:04:b5:65:e9:
ed:eb:56:9e:2c:af:6e:c0:46:e3:91:87:02:13:f0:a4:90:46:
d5:d1:d7:db:7f:7b:59:eb:0d:9a:1b:f9:52:ef:01:18:92:34:
b8:fb:ad:f6:96:d1:44:dc:11:45:14:f9:f8:9c:cf:90:51:44:
11:99:b8:12:ac:13:f6:a5:e9:1e:77:6b:a9:e1:05:c7:c1:c3:
13:38:3a:de:43:df:cc:80:b7:37:fe:be:83:6e:c6:46:1c:9d:
b1:0f:77:d9:8f:be:76:a1:74:1e:86:71:66:07:b8:d0:ba:38:
5a:a4:a6:d6:66:05:7e:80:11:6a:36:48:0e:d6:5b:12:75:15:
1a:15:f6:43:17:60:ae:c0:57:86:5d:96:c4:e5:46:cb:16:e2:
34:a7:4d:27:90:34:3d:94:6c:a8:d2:74:ea:a2:2d:1f:c0:15:
b3:7e:6d:3c:69:76:c4:e7:f6:66:c4:e9:0f:42:7d:eb:eb:a8:
f9:ef:ea:d2:7e:10:13:a5:42:6b:e1:e8:61:35:23:3d:91:e7:
1f:d8:37:e9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUPtv6dned1Ngir0Xg3FrNXAlrS5owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzEyMTAyMzU1MDhaFw0yNDEyMDkwMDAwMDhaMDMxMTAvBgNV
BAMTKDk5RjRENkFEQ0RENkVCODIyQTc5QzMyQzFFRDJGQTE1RjM0QjBDQTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEtN8AA6ArutrWTzAXTYz6pGA1
L5jHYrHVBNVHHzsfgJgi+qAxMv3znbrkM0KFl3b9PencFCucPX3YDCjBjJ6hXfZx
KHy20FJrUXo02Zqeg6007ChYIjq08x81ex65ZVVoKBXB2/n+Lj3Kb7djiJRxRvlM
oYQmSwQ5tbAWev52LCy6dr89fdr5kglxrbZgffuEyTGr2Dv/tKT+9DdfEcKfCxbR
QbYIzcM+ZeMd2+7EWf+2fTSOYLBkFv9nam7MujQxjj+9vvG3azZqJZw4u9e57R5l
A/7Hhr+RCZ5bMU68L4lD4QVsQ+QIe3OEVDCQTTiMEeSw/KqhRt/i2XuuzRRnAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUmfTWrc3W64IqecMsHtL6FfNLDKQwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYliMA0G
CSqGSIb3DQEBCwUAA4IBAQAdgLvBSL2gJb5jkiiTrKOBmngWTShnR2pblm29urMX
psf4FF8NTZvKSrNAMEH6omDfDAS1Zent61aeLK9uwEbjkYcCE/CkkEbV0dfbf3tZ
6w2aG/lS7wEYkjS4+632ltFE3BFFFPn4nM+QUUQRmbgSrBP2peked2up4QXHwcMT
ODreQ9/MgLc3/r6DbsZGHJ2xD3fZj752oXQehnFmB7jQujhapKbWZgV+gBFqNkgO
1lsSdRUaFfZDF2CuwFeGXZbE5UbLFuI0p00nkDQ9lGyo0nTqoi0fwBWzfm08aXbE
5/ZmxOkPQn3r66j57+rSfhATpUJr4ehhNSM9kecf2Dfp
-----END CERTIFICATE-----
Generated at Mon Dec 11 00:47:36 2023 by rpki-client on console-ams.rpki-client.org