Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137342e302f32342d3234203d3e20323134303030.roa
File: 34352e38372e3137342e302f32342d3234203d3e20323134303030.roa (raw, json)
Hash identifier: 3frJhF+oZAyRCKNtf9/hroiOSvb2mTVYgLv5iCk+S5g=
Subject key identifier: 85:AC:85:9A:AB:19:37:7E:2F:61:14:8A:D9:6F:99:88:72:9F:C7:42
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 330A3962124BED1BF35AC8DBA50D0824A2449D6A
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137342e302f32342d3234203d3e20323134303030.roa
Signing time: Wed 13 Nov 2024 07:08:04 +0000
ROA not before: Wed 13 Nov 2024 07:03:04 +0000
ROA not after: Wed 12 Nov 2025 07:08:04 +0000
asID: 214000
IP address blocks: 45.87.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:0a:39:62:12:4b:ed:1b:f3:5a:c8:db:a5:0d:08:24:a2:44:9d:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Nov 13 07:03:04 2024 GMT
Not After : Nov 12 07:08:04 2025 GMT
Subject: CN=85AC859AAB19377E2F61148AD96F9988729FC742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5c:a1:f2:f8:ad:bb:80:7f:e5:6f:59:0a:b8:
52:a3:21:f0:d4:b1:4a:70:b7:91:a9:a9:ca:36:05:
17:19:49:3c:a2:79:58:b0:7d:62:aa:d9:be:fa:4d:
11:e9:fc:4b:62:af:d0:30:d7:45:14:53:1b:84:16:
d9:6b:d1:e9:19:df:62:ad:99:17:da:93:ec:00:54:
f0:37:5c:fd:aa:b5:5e:7e:11:c8:fd:55:b3:b8:e8:
b3:70:49:80:f5:7f:43:45:b0:1f:5c:9c:de:6f:2e:
f8:f6:fb:64:1b:7d:e4:ac:43:8f:a1:58:27:ce:d7:
12:11:7d:fa:7f:6e:77:f2:41:1a:11:dc:8b:4f:e8:
82:09:52:07:ab:42:73:d1:be:6d:79:35:39:25:4a:
d1:4c:28:dc:0c:e9:5a:01:91:b4:e1:e2:03:29:70:
3b:d6:53:a1:43:d3:50:84:c6:8e:53:2b:c9:ce:28:
79:33:b3:39:c4:3f:ed:5c:b6:6a:41:6b:40:fa:ff:
52:24:a0:a1:6c:fd:10:04:77:9a:7a:ee:75:1d:0b:
b0:02:e9:8a:2b:45:fb:22:09:46:d9:7e:b8:33:fc:
09:21:2c:47:76:2d:10:17:61:ec:a7:a9:88:a6:e8:
8d:8f:ab:12:77:ae:e5:2a:d5:91:64:e2:3c:bc:a3:
53:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:AC:85:9A:AB:19:37:7E:2F:61:14:8A:D9:6F:99:88:72:9F:C7:42
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137342e302f32342d3234203d3e20323134303030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.174.0/24
Signature Algorithm: sha256WithRSAEncryption
29:2b:59:2f:4d:eb:ad:56:b5:a8:86:ce:85:5d:2f:e8:22:08:
d9:5a:55:10:7c:4b:03:c8:4c:84:fb:d6:30:7e:fc:0f:b9:d6:
d3:16:29:9a:67:bd:2e:fa:6f:b2:c2:8f:a4:38:71:01:38:e3:
73:a2:a8:4e:72:0b:24:0c:1e:13:48:49:cd:fe:85:eb:de:56:
37:9d:c2:36:12:e6:c9:12:96:f7:d5:22:e2:6d:c0:03:33:fd:
4b:d1:73:62:ae:ce:33:46:4e:92:0c:47:ed:25:89:23:10:09:
7f:f4:55:e7:df:c3:d8:db:1a:af:63:4c:a1:cd:4b:43:c9:f9:
08:49:cb:4e:ab:3b:2d:cd:75:f0:d7:37:95:72:4d:98:0b:05:
10:38:d8:ef:df:c1:fb:cc:d2:b2:f4:9a:81:0f:e1:d1:4c:2d:
29:9b:23:28:03:f6:46:0a:45:ae:4e:9e:16:3a:87:2a:94:ad:
bb:b3:85:5b:ca:4d:ce:de:3b:3d:ff:d6:34:62:eb:1c:a3:c4:
86:7f:7c:36:1e:73:11:33:50:e7:8b:85:c4:f0:07:04:f2:57:
7b:00:83:d3:66:e1:ad:f7:31:1e:67:f4:d8:71:63:3a:1c:85:
46:ba:18:7f:9f:b2:4a:1b:a8:eb:c3:b8:9b:ab:d8:bc:5f:6c:
aa:3f:ab:83
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMwo5YhJL7RvzWsjbpQ0IJKJEnWowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDExMTMwNzAzMDRaFw0yNTExMTIwNzA4MDRaMDMxMTAvBgNV
BAMTKDg1QUM4NTlBQUIxOTM3N0UyRjYxMTQ4QUQ5NkY5OTg4NzI5RkM3NDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3XKHy+K27gH/lb1kKuFKjIfDU
sUpwt5Gpqco2BRcZSTyieViwfWKq2b76TRHp/Etir9Aw10UUUxuEFtlr0ekZ32Kt
mRfak+wAVPA3XP2qtV5+Ecj9VbO46LNwSYD1f0NFsB9cnN5vLvj2+2QbfeSsQ4+h
WCfO1xIRffp/bnfyQRoR3ItP6IIJUgerQnPRvm15NTklStFMKNwM6VoBkbTh4gMp
cDvWU6FD01CExo5TK8nOKHkzsznEP+1ctmpBa0D6/1IkoKFs/RAEd5p67nUdC7AC
6YorRfsiCUbZfrgz/AkhLEd2LRAXYeynqYim6I2PqxJ3ruUq1ZFk4jy8o1PXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUhayFmqsZN34vYRSK2W+ZiHKfx0IwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzgzNzJlMzEzNzM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM0MzAzMDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVeuMA0GCSqGSIb3DQEBCwUAA4IBAQApK1kvTeutVrWohs6FXS/oIgjZWlUQfEsD
yEyE+9YwfvwPudbTFimaZ70u+m+ywo+kOHEBOONzoqhOcgskDB4TSEnN/oXr3lY3
ncI2EubJEpb31SLibcADM/1L0XNirs4zRk6SDEftJYkjEAl/9FXn38PY2xqvY0yh
zUtDyfkISctOqzstzXXw1zeVck2YCwUQONjv38H7zNKy9JqBD+HRTC0pmyMoA/ZG
CkWuTp4WOocqlK27s4Vbyk3O3js9/9Y0Yusco8SGf3w2HnMRM1Dni4XE8AcE8ld7
AIPTZuGt9zEeZ/TYcWM6HIVGuhh/n7JKG6jrw7ibq9i8X2yqP6uD
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:43 2024 by rpki-client on console-ams.rpki-client.org