Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35362e302f32342d3234203d3e203239353338.roa
File: 34352e3135382e35362e302f32342d3234203d3e203239353338.roa (raw, json)
Hash identifier: kSRUa9yEwrwiH0oIYxWXW2UmV/v1YO1F9MqX/bs/YJQ=
Subject key identifier: 64:E1:F9:DF:2C:65:C5:D4:71:75:A2:EB:6B:58:2A:34:05:D8:14:1F
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 47FD6B15C100EDEE9F143CE0F70A2379DE5AFD98
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35362e302f32342d3234203d3e203239353338.roa
Signing time: Wed 21 Feb 2024 19:05:13 +0000
ROA not before: Wed 21 Feb 2024 19:00:13 +0000
ROA not after: Wed 19 Feb 2025 19:05:13 +0000
asID: 29538
IP address blocks: 45.158.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:fd:6b:15:c1:00:ed:ee:9f:14:3c:e0:f7:0a:23:79:de:5a:fd:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 21 19:00:13 2024 GMT
Not After : Feb 19 19:05:13 2025 GMT
Subject: CN=64E1F9DF2C65C5D47175A2EB6B582A3405D8141F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:67:d0:67:0b:9f:f8:69:46:f7:8a:55:e7:83:
0d:4e:89:74:9e:74:07:57:b1:cf:a8:23:2c:66:ad:
18:a0:81:1c:5f:a7:bb:db:a7:b5:d3:0a:bb:02:44:
8e:79:3e:7b:75:e9:ed:9c:05:db:24:91:e5:17:75:
be:4b:51:85:aa:a3:14:cc:52:f8:23:e4:da:99:bd:
a2:3b:ee:23:e3:35:22:6c:46:2e:d7:fd:46:83:44:
0b:1c:95:34:fb:31:ba:28:07:6e:24:1b:a2:e7:c7:
40:9e:c9:f3:9b:26:c2:09:36:d8:d1:b1:f0:bc:2b:
22:72:fa:e1:96:55:18:04:f0:37:44:ed:ae:5c:44:
6f:c7:a7:1c:eb:1a:05:a4:32:fb:f7:1b:ff:8a:53:
ad:e2:9a:71:e1:12:35:33:44:d4:05:89:34:27:8f:
61:95:d0:b0:a0:9e:be:98:1b:e9:fe:5c:34:7a:db:
68:de:7b:e1:0e:9c:25:b1:16:49:ad:7b:b5:a4:b6:
eb:15:5c:a6:4f:65:a1:1c:ad:a2:80:52:df:5e:c0:
d8:cd:20:90:a8:3f:41:09:89:50:7a:c2:d2:21:ce:
f5:1c:dd:6b:1b:24:8b:3c:8a:87:e5:d9:78:0d:3c:
6c:11:73:34:60:75:9f:ca:1b:7f:eb:02:7a:d2:2b:
1d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E1:F9:DF:2C:65:C5:D4:71:75:A2:EB:6B:58:2A:34:05:D8:14:1F
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35362e302f32342d3234203d3e203239353338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.56.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:5b:dc:ce:7f:47:6f:71:b8:8a:a4:d9:3a:5a:f0:a7:9f:b7:
0e:79:91:16:dd:aa:66:cf:d5:8d:16:b1:b6:ac:eb:5f:d0:8e:
d3:0f:fb:fa:cd:f6:2a:93:3a:ee:5b:5f:86:b8:85:2a:59:35:
cc:92:90:ed:54:08:19:44:76:c2:24:92:2a:00:69:f1:8d:48:
ca:3c:36:d4:f9:e3:17:ea:ec:cf:05:09:86:c4:0f:45:2b:04:
df:ca:8d:55:00:9c:ac:2c:39:e8:6c:ec:69:86:84:9c:6e:65:
41:ce:d0:b1:7b:76:ca:c7:62:f3:94:6f:bf:50:d4:55:fb:1c:
35:b1:39:34:5c:b8:57:57:e4:ff:f9:aa:8d:99:fe:f9:4d:8f:
ac:5a:46:84:ea:82:2a:42:af:e2:eb:ed:8a:0d:3a:5b:38:aa:
ab:b1:6d:1c:4e:94:43:4b:44:99:b5:17:f2:d3:6e:19:50:93:
43:8b:5b:80:0a:8f:fe:a5:7c:62:f0:b0:47:47:f6:9a:03:e4:
f6:4a:0d:6c:ba:e5:35:ae:cc:ef:2f:7d:ab:32:b7:e2:cb:f9:
7f:4e:d3:e2:3e:82:a3:58:07:c5:0c:4f:6e:f2:b7:97:47:8f:
e1:8e:50:81:25:12:6b:1e:d9:43:05:db:40:92:eb:f8:cf:d0:
2f:e9:47:22
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUR/1rFcEA7e6fFDzg9wojed5a/ZgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDAyMjExOTAwMTNaFw0yNTAyMTkxOTA1MTNaMDMxMTAvBgNV
BAMTKDY0RTFGOURGMkM2NUM1RDQ3MTc1QTJFQjZCNTgyQTM0MDVEODE0MUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJZ9BnC5/4aUb3ilXngw1OiXSe
dAdXsc+oIyxmrRiggRxfp7vbp7XTCrsCRI55Pnt16e2cBdskkeUXdb5LUYWqoxTM
Uvgj5NqZvaI77iPjNSJsRi7X/UaDRAsclTT7MbooB24kG6Lnx0CeyfObJsIJNtjR
sfC8KyJy+uGWVRgE8DdE7a5cRG/HpxzrGgWkMvv3G/+KU63imnHhEjUzRNQFiTQn
j2GV0LCgnr6YG+n+XDR622jee+EOnCWxFkmte7WktusVXKZPZaEcraKAUt9ewNjN
IJCoP0EJiVB6wtIhzvUc3WsbJIs8iofl2XgNPGwRczRgdZ/KG3/rAnrSKx1lAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUZOH53yxlxdRxdaLra1gqNAXYFB8wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzNTM4MmUzNTM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzOTM1MzMzOC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2e
ODANBgkqhkiG9w0BAQsFAAOCAQEAXVvczn9Hb3G4iqTZOlrwp5+3DnmRFt2qZs/V
jRaxtqzrX9CO0w/7+s32KpM67ltfhriFKlk1zJKQ7VQIGUR2wiSSKgBp8Y1Iyjw2
1PnjF+rszwUJhsQPRSsE38qNVQCcrCw56GzsaYaEnG5lQc7QsXt2ysdi85Rvv1DU
VfscNbE5NFy4V1fk//mqjZn++U2PrFpGhOqCKkKv4uvtig06Wziqq7FtHE6UQ0tE
mbUX8tNuGVCTQ4tbgAqP/qV8YvCwR0f2mgPk9koNbLrlNa7M7y99qzK34sv5f07T
4j6Co1gHxQxPbvK3l0eP4Y5QgSUSax7ZQwXbQJLr+M/QL+lHIg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:43 2024 by rpki-client on console-ams.rpki-client.org