Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39392e302f32342d3234203d3e20323039323432.roa
File: 34352e3133372e39392e302f32342d3234203d3e20323039323432.roa (raw, json)
Hash identifier: LGCMKJs2W7veIo3odKlAW5nif9lspBZtACmKzoeuV08=
Subject key identifier: 8D:84:C9:EF:B8:51:EE:7F:DF:FF:50:90:5E:D6:34:BD:0F:B4:51:32
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 3DB5126F3B30B9C384DCC3E8CECCA7FD6BE52F18
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39392e302f32342d3234203d3e20323039323432.roa
Signing time: Wed 21 Feb 2024 19:05:12 +0000
ROA not before: Wed 21 Feb 2024 19:00:12 +0000
ROA not after: Wed 19 Feb 2025 19:05:12 +0000
asID: 209242
IP address blocks: 45.137.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:b5:12:6f:3b:30:b9:c3:84:dc:c3:e8:ce:cc:a7:fd:6b:e5:2f:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 21 19:00:12 2024 GMT
Not After : Feb 19 19:05:12 2025 GMT
Subject: CN=8D84C9EFB851EE7FDFFF50905ED634BD0FB45132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:fe:c4:9b:6e:2a:03:b6:57:90:3a:b9:39:39:
c3:bd:9b:21:94:f4:c5:09:c4:f8:a8:84:73:0d:dd:
67:a3:f2:ed:5a:1e:ac:bc:d5:22:e1:bf:2e:24:7c:
1f:36:b6:8a:ca:96:8a:3d:51:dc:70:35:33:7d:3b:
d4:b1:18:6c:12:9e:55:99:be:95:c3:b1:23:47:62:
2c:a1:4e:68:fc:90:4d:f5:6b:e7:ad:c0:ef:73:51:
3d:6d:f8:3f:6b:08:6d:1c:0f:eb:c4:ad:26:1b:e0:
eb:5a:0e:ef:5c:20:82:59:77:6c:db:d7:6f:fd:e6:
d7:b7:f2:aa:bb:9c:36:c6:82:fa:0e:17:57:44:85:
66:de:fc:f8:90:11:30:ea:b9:62:2f:68:f0:b2:07:
37:48:fb:a9:46:f6:24:23:90:e1:07:c9:97:d1:e4:
4b:90:0f:25:fa:fb:b7:53:ae:e4:32:18:f3:5f:89:
6e:3d:a7:f9:b0:80:cb:62:3a:bd:74:e3:76:4d:81:
92:09:09:5a:3b:3c:18:d0:39:66:9f:e0:a1:9b:ad:
0c:8c:41:1d:29:19:cc:60:65:57:b5:65:4b:6c:87:
11:1e:a7:f3:1c:c2:88:a6:18:b1:3a:7e:15:f0:fd:
45:00:16:83:65:6f:c8:15:50:e8:21:bc:ed:ac:2b:
b1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:84:C9:EF:B8:51:EE:7F:DF:FF:50:90:5E:D6:34:BD:0F:B4:51:32
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39392e302f32342d3234203d3e20323039323432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.99.0/24
Signature Algorithm: sha256WithRSAEncryption
61:7d:86:28:d8:4c:53:c0:c7:8b:88:65:2a:b0:5f:ae:a8:83:
1a:35:25:b5:dd:ca:e6:af:98:c8:1b:7d:12:a2:0d:bb:55:1b:
d2:c9:2a:6c:3f:b0:7e:a0:0f:b8:2e:36:f8:5f:55:65:fd:22:
13:2b:b9:34:c3:59:da:91:0a:dc:cb:db:36:9b:e3:08:41:73:
b0:3b:f9:78:ce:b2:da:5f:b7:c6:55:9c:b2:5d:d2:da:55:fb:
cf:43:c5:1b:5b:8d:5a:33:4d:fe:4e:50:87:c1:5d:9b:fa:7a:
20:6d:6c:7b:72:49:46:28:3a:87:b8:c6:80:28:48:ad:80:7a:
d2:28:ec:02:a3:6a:a3:b3:91:c7:0d:ce:84:d7:b9:c3:b4:5d:
d4:7a:53:c8:16:55:e8:0c:28:39:4e:39:7a:18:a1:d3:de:f8:
1c:97:7b:a4:46:7a:3f:43:24:ec:c2:ff:b1:10:8a:24:c3:0d:
1b:a6:3d:ca:ab:c4:8c:14:04:5e:c5:ec:33:b5:9f:a7:01:ad:
bf:9b:ec:d1:c2:cf:7e:d2:34:44:f3:05:00:4a:cb:62:b0:d9:
28:4e:15:17:9f:c7:b6:c8:d5:a9:61:30:8a:6d:2a:b7:90:d7:
be:98:8e:de:f5:9e:63:76:73:4c:66:50:01:3d:17:e2:ae:51:
e3:c2:d1:c4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPbUSbzswucOE3MPozsyn/WvlLxgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDAyMjExOTAwMTJaFw0yNTAyMTkxOTA1MTJaMDMxMTAvBgNV
BAMTKDhEODRDOUVGQjg1MUVFN0ZERkZGNTA5MDVFRDYzNEJEMEZCNDUxMzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDm/sSbbioDtleQOrk5OcO9myGU
9MUJxPiohHMN3Wej8u1aHqy81SLhvy4kfB82torKloo9UdxwNTN9O9SxGGwSnlWZ
vpXDsSNHYiyhTmj8kE31a+etwO9zUT1t+D9rCG0cD+vErSYb4OtaDu9cIIJZd2zb
12/95te38qq7nDbGgvoOF1dEhWbe/PiQETDquWIvaPCyBzdI+6lG9iQjkOEHyZfR
5EuQDyX6+7dTruQyGPNfiW49p/mwgMtiOr1043ZNgZIJCVo7PBjQOWaf4KGbrQyM
QR0pGcxgZVe1ZUtshxEep/McwoimGLE6fhXw/UUAFoNlb8gVUOghvO2sK7FtAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUjYTJ77hR7n/f/1CQXtY0vQ+0UTIwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM5MzIzNDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYljMA0GCSqGSIb3DQEBCwUAA4IBAQBhfYYo2ExTwMeLiGUqsF+uqIMaNSW13crm
r5jIG30Sog27VRvSySpsP7B+oA+4Ljb4X1Vl/SITK7k0w1nakQrcy9s2m+MIQXOw
O/l4zrLaX7fGVZyyXdLaVfvPQ8UbW41aM03+TlCHwV2b+nogbWx7cklGKDqHuMaA
KEitgHrSKOwCo2qjs5HHDc6E17nDtF3UelPIFlXoDCg5Tjl6GKHT3vgcl3ukRno/
QyTswv+xEIokww0bpj3Kq8SMFARexewztZ+nAa2/m+zRws9+0jRE8wUASstisNko
ThUXn8e2yNWpYTCKbSq3kNe+mI7e9Z5jdnNMZlABPRfirlHjwtHE
-----END CERTIFICATE-----
Generated at Tue May 7 00:09:13 2024 by rpki-client on console-ams.rpki-client.org