Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137322e302f32342d3234203d3e20323135303236.roa
File: 34352e38372e3137322e302f32342d3234203d3e20323135303236.roa (raw, json)
Hash identifier: C7gjWtOfdjPUmWVAp9SfVij3GuYXBkX3DbbW/74B4EY=
Subject key identifier: 0C:4E:42:0B:48:B5:63:F7:05:77:3E:B3:A5:0E:B3:C2:0E:3A:83:02
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 574E8C02E4BCE6551626D778DB66847D050D6815
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137322e302f32342d3234203d3e20323135303236.roa
Signing time: Wed 13 Nov 2024 13:19:01 +0000
ROA not before: Wed 13 Nov 2024 13:14:01 +0000
ROA not after: Wed 12 Nov 2025 13:19:01 +0000
asID: 215026
IP address blocks: 45.87.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:4e:8c:02:e4:bc:e6:55:16:26:d7:78:db:66:84:7d:05:0d:68:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Nov 13 13:14:01 2024 GMT
Not After : Nov 12 13:19:01 2025 GMT
Subject: CN=0C4E420B48B563F705773EB3A50EB3C20E3A8302
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f4:8f:de:6c:0a:af:3e:c6:76:90:9f:7f:68:
62:70:1c:a7:d2:5c:af:0e:1b:b0:cf:88:5c:bd:a8:
dd:56:d3:14:56:71:24:f0:93:88:5e:1a:ec:38:b6:
83:fa:b0:de:0c:9a:3a:64:a2:72:05:94:11:b7:44:
89:e9:1b:c6:09:f1:a5:3c:54:3b:70:f0:53:78:f1:
e1:5c:a2:d4:ff:2d:e8:42:23:b6:bf:4a:1e:a0:d0:
82:11:93:eb:4f:b0:03:1e:54:21:3c:61:09:fa:c1:
fc:96:68:28:a8:00:ef:70:e2:50:32:01:44:f6:3a:
0b:e5:c3:12:1d:84:1e:c4:71:cd:fd:c7:fe:3d:a6:
b5:a0:5c:4b:2b:e6:5e:03:79:9e:91:50:00:8b:c0:
b8:4f:50:21:c3:75:5e:c4:b4:46:11:78:7d:01:ff:
d5:4e:98:c2:f6:0d:59:02:8e:ac:16:9c:84:34:7f:
bb:40:81:e0:4e:59:06:79:39:51:94:05:0e:f0:8e:
f6:9f:bf:16:fa:45:c3:77:c0:99:2a:92:bb:9a:d3:
de:db:e5:1d:70:ef:04:75:86:38:ea:12:c7:53:e9:
6f:a3:f1:c0:1d:4b:84:5a:8b:4b:6c:37:12:0e:20:
17:ce:15:0c:d7:eb:94:e7:a0:ce:b6:52:83:e1:e7:
f5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:4E:42:0B:48:B5:63:F7:05:77:3E:B3:A5:0E:B3:C2:0E:3A:83:02
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137322e302f32342d3234203d3e20323135303236.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.172.0/24
Signature Algorithm: sha256WithRSAEncryption
36:be:0b:45:ed:41:47:5a:17:0e:02:fd:bb:1f:1a:76:66:16:
3d:b4:dc:1b:f4:4d:85:26:f5:8c:87:4b:74:f3:ef:c9:a1:a5:
f1:59:af:de:dc:ab:8a:86:be:ea:e9:7c:db:56:13:7a:de:50:
b4:ea:d9:71:84:40:2d:11:aa:3c:3d:6c:73:0f:9c:58:39:eb:
ea:7e:f8:10:11:b3:a1:ea:73:e1:79:10:5f:75:2c:60:8a:fb:
96:3d:75:5c:d2:f2:5d:42:16:a7:9b:7a:b8:62:c5:97:8a:cc:
e4:74:a9:28:a0:a9:e1:04:a2:9a:c0:b3:e9:9a:00:bc:a9:3a:
04:ad:76:b1:0e:8f:fd:16:d0:9f:34:97:f7:c4:03:80:22:cd:
b9:24:14:8f:fb:a1:d9:52:a1:5e:64:f0:60:40:38:b3:18:16:
8a:35:df:c6:f4:eb:bc:cd:12:ce:5d:c4:0c:9a:4a:48:b7:06:
c6:e6:cb:01:d3:99:6f:40:26:64:cc:dc:c9:b6:7b:85:d9:f3:
58:70:25:1a:95:27:eb:dc:cc:56:bb:b7:3e:cb:6e:93:f2:4b:
8d:e7:11:b0:7f:0e:bd:18:02:30:9a:43:d0:c4:c6:a0:5d:77:
b4:36:d6:36:6a:b6:cc:85:20:51:1f:61:8f:42:bc:80:a6:1b:
dc:98:ac:93
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUV06MAuS85lUWJtd422aEfQUNaBUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDExMTMxMzE0MDFaFw0yNTExMTIxMzE5MDFaMDMxMTAvBgNV
BAMTKDBDNEU0MjBCNDhCNTYzRjcwNTc3M0VCM0E1MEVCM0MyMEUzQTgzMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk9I/ebAqvPsZ2kJ9/aGJwHKfS
XK8OG7DPiFy9qN1W0xRWcSTwk4heGuw4toP6sN4MmjpkonIFlBG3RInpG8YJ8aU8
VDtw8FN48eFcotT/LehCI7a/Sh6g0IIRk+tPsAMeVCE8YQn6wfyWaCioAO9w4lAy
AUT2OgvlwxIdhB7Ecc39x/49prWgXEsr5l4DeZ6RUACLwLhPUCHDdV7EtEYReH0B
/9VOmML2DVkCjqwWnIQ0f7tAgeBOWQZ5OVGUBQ7wjvafvxb6RcN3wJkqkrua097b
5R1w7wR1hjjqEsdT6W+j8cAdS4Rai0tsNxIOIBfOFQzX65TnoM62UoPh5/VTAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUDE5CC0i1Y/cFdz6zpQ6zwg46gwIwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzgzNzJlMzEzNzMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM1MzAzMjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVesMA0GCSqGSIb3DQEBCwUAA4IBAQA2vgtF7UFHWhcOAv27Hxp2ZhY9tNwb9E2F
JvWMh0t08+/JoaXxWa/e3KuKhr7q6XzbVhN63lC06tlxhEAtEao8PWxzD5xYOevq
fvgQEbOh6nPheRBfdSxgivuWPXVc0vJdQhanm3q4YsWXiszkdKkooKnhBKKawLPp
mgC8qToErXaxDo/9FtCfNJf3xAOAIs25JBSP+6HZUqFeZPBgQDizGBaKNd/G9Ou8
zRLOXcQMmkpItwbG5ssB05lvQCZkzNzJtnuF2fNYcCUalSfr3MxWu7c+y26T8kuN
5xGwfw69GAIwmkPQxMagXXe0NtY2arbMhSBRH2GPQryAphvcmKyT
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:43 2024 by rpki-client on console-ams.rpki-client.org