Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35372e302f32342d3234203d3e203438363738.roa
File: 34352e3135382e35372e302f32342d3234203d3e203438363738.roa (raw, json)
Hash identifier: T6OjqIGHUYsESuHzXMZP9KOVpN/GrLArBn2NpG1rjh8=
Subject key identifier: C7:FD:81:E4:AD:67:B4:FB:EA:FA:DB:CC:D5:27:3F:79:2D:C0:42:EE
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 471A6E0783F44FC7C8FF59D96898948442318BAD
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35372e302f32342d3234203d3e203438363738.roa
Signing time: Sat 12 Aug 2023 14:33:13 +0000
ROA not before: Sat 12 Aug 2023 14:28:13 +0000
ROA not after: Sat 10 Aug 2024 14:33:13 +0000
asID: 48678
IP address blocks: 45.158.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 14:08:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:1a:6e:07:83:f4:4f:c7:c8:ff:59:d9:68:98:94:84:42:31:8b:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Aug 12 14:28:13 2023 GMT
Not After : Aug 10 14:33:13 2024 GMT
Subject: CN=C7FD81E4AD67B4FBEAFADBCCD5273F792DC042EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:af:c0:ec:04:82:04:b2:19:7b:6d:ed:6c:8e:
51:23:32:05:09:0b:8a:29:ec:aa:65:77:9b:65:1b:
61:0e:43:d6:e6:b9:d1:83:a6:72:c2:75:8d:98:85:
34:49:41:0d:ad:a0:40:cc:d1:c0:c8:bf:00:04:13:
39:bd:46:17:9e:1f:5c:77:93:a2:a3:22:2b:a3:96:
40:c1:4b:c2:c6:cf:7b:c9:21:f4:46:2d:ea:84:c9:
48:d9:9c:04:f0:3b:88:43:95:aa:30:02:ec:87:10:
05:37:0a:21:e9:d4:f6:c0:28:e0:7e:0b:5e:28:6e:
44:01:87:69:50:0e:a8:8b:f9:be:6e:9f:33:19:95:
88:65:31:df:1f:f5:1b:38:51:57:01:9b:d7:78:7a:
18:9f:33:b7:12:bf:a0:9c:8c:c1:ca:76:75:5e:ce:
9b:cc:e5:24:9d:62:e1:26:e1:df:6e:db:c7:96:37:
37:d1:4d:d4:06:7e:7d:d2:fb:4a:0b:5f:c6:c9:0e:
b4:6b:30:bc:01:41:68:b8:56:d1:7f:1d:1a:bf:82:
46:d1:42:c1:12:a2:98:13:d0:2f:73:c2:7b:83:31:
c2:3e:86:4d:f6:e4:65:e2:cf:83:7d:6a:7f:39:60:
ba:30:f8:16:09:6b:28:f2:69:08:a9:8b:4c:7c:94:
ed:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:FD:81:E4:AD:67:B4:FB:EA:FA:DB:CC:D5:27:3F:79:2D:C0:42:EE
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35372e302f32342d3234203d3e203438363738.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.57.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:79:6c:54:8d:42:f0:96:f1:54:ba:e0:b6:9c:fe:32:30:3e:
29:df:47:5e:d6:c0:33:e0:d2:a5:34:a0:7e:28:37:6a:5a:c1:
f9:b9:33:e2:ea:40:26:3b:0a:c5:10:c5:80:6a:26:86:45:94:
05:50:4f:83:0a:a1:6b:cc:97:42:35:e4:df:95:b2:a0:3c:c4:
ce:d8:83:06:1b:e4:5c:de:33:b7:2c:da:51:3e:8a:32:28:9d:
d4:a1:5c:70:ee:a4:5e:a1:b9:8b:39:e0:b7:6e:05:08:6e:a8:
87:35:d0:9c:a0:78:37:2b:06:f7:cc:7a:75:62:ad:1e:80:e3:
c1:46:13:b3:5a:ad:07:b4:17:9d:a1:75:a6:96:b7:0f:7b:2c:
c3:6d:8b:00:5f:07:5a:d9:05:79:97:23:cc:87:76:da:7b:dd:
51:3c:71:6e:d0:27:61:40:ee:c0:0f:c9:fe:a7:fb:7f:81:bd:
e9:9f:38:93:7f:0a:aa:43:33:6f:51:fa:89:70:c3:02:8c:fc:
6d:e8:7a:9d:5e:01:69:25:1b:07:58:ee:ff:bb:7b:21:4a:cf:
7a:49:30:6c:ac:2b:1c:b8:9d:92:a6:c6:42:4e:87:6c:ef:7b:
8d:59:a5:49:02:fe:d8:ed:79:30:fa:72:5e:a3:94:f2:6b:82:
03:99:45:ce
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIURxpuB4P0T8fI/1nZaJiUhEIxi60wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzA4MTIxNDI4MTNaFw0yNDA4MTAxNDMzMTNaMDMxMTAvBgNV
BAMTKEM3RkQ4MUU0QUQ2N0I0RkJFQUZBREJDQ0Q1MjczRjc5MkRDMDQyRUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6r8DsBIIEshl7be1sjlEjMgUJ
C4op7Kpld5tlG2EOQ9bmudGDpnLCdY2YhTRJQQ2toEDM0cDIvwAEEzm9RheeH1x3
k6KjIiujlkDBS8LGz3vJIfRGLeqEyUjZnATwO4hDlaowAuyHEAU3CiHp1PbAKOB+
C14obkQBh2lQDqiL+b5unzMZlYhlMd8f9Rs4UVcBm9d4ehifM7cSv6CcjMHKdnVe
zpvM5SSdYuEm4d9u28eWNzfRTdQGfn3S+0oLX8bJDrRrMLwBQWi4VtF/HRq/gkbR
QsESopgT0C9zwnuDMcI+hk325GXiz4N9an85YLow+BYJayjyaQipi0x8lO2JAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUx/2B5K1ntPvq+tvM1Sc/eS3AQu4wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzNTM4MmUzNTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzODM2MzczOC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2e
OTANBgkqhkiG9w0BAQsFAAOCAQEAfHlsVI1C8JbxVLrgtpz+MjA+Kd9HXtbAM+DS
pTSgfig3alrB+bkz4upAJjsKxRDFgGomhkWUBVBPgwqha8yXQjXk35WyoDzEztiD
BhvkXN4ztyzaUT6KMiid1KFccO6kXqG5izngt24FCG6ohzXQnKB4NysG98x6dWKt
HoDjwUYTs1qtB7QXnaF1ppa3D3ssw22LAF8HWtkFeZcjzId22nvdUTxxbtAnYUDu
wA/J/qf7f4G96Z84k38KqkMzb1H6iXDDAoz8beh6nV4BaSUbB1ju/7t7IUrPekkw
bKwrHLidkqbGQk6HbO97jVmlSQL+2O15MPpyXqOU8muCA5lFzg==
-----END CERTIFICATE-----
Generated at Sat May 11 18:18:50 2024 by rpki-client on console-ams.rpki-client.org