Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133382e302f32342d3234203d3e203232373831.roa
File: 34352e39312e3133382e302f32342d3234203d3e203232373831.roa (raw, json)
Hash identifier: P/UuSdAcTO1o+77N2b7zB+Fe2ONROk7ss4dzqIA0YF0=
Subject key identifier: EE:99:F8:52:6E:A1:E6:6B:2C:68:CF:18:E4:47:70:19:89:4D:7A:CD
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 4CDEBB1B8E16762DA5A5EA99295A65424D570E7A
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133382e302f32342d3234203d3e203232373831.roa
Signing time: Wed 27 Dec 2023 23:37:52 +0000
ROA not before: Wed 27 Dec 2023 23:32:52 +0000
ROA not after: Wed 25 Dec 2024 23:37:52 +0000
asID: 22781
IP address blocks: 45.91.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 14:08:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:de:bb:1b:8e:16:76:2d:a5:a5:ea:99:29:5a:65:42:4d:57:0e:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Dec 27 23:32:52 2023 GMT
Not After : Dec 25 23:37:52 2024 GMT
Subject: CN=EE99F8526EA1E66B2C68CF18E4477019894D7ACD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:21:22:ee:37:6c:1b:88:04:5c:33:97:e8:68:
6c:55:66:8b:77:96:08:fb:14:bb:23:96:32:a4:54:
92:da:a0:92:bb:2e:43:9c:60:70:f9:98:66:bd:8c:
53:69:54:a0:43:83:e6:2d:a8:87:bd:c8:a4:30:3c:
8e:e4:8d:61:dc:e6:51:ff:2e:29:4b:4b:db:c6:3f:
ac:ee:93:7f:57:b2:67:23:e6:9a:9f:72:c2:c3:0c:
14:85:28:56:59:9b:b2:ac:a0:16:b6:7b:35:d3:db:
cd:21:ce:02:7c:a4:37:9e:6a:7e:8e:b7:60:70:db:
5b:23:5b:cf:d7:51:31:09:0a:f3:31:0c:2c:05:85:
01:33:c6:24:76:35:d7:55:8b:93:f9:70:d3:f5:8c:
a0:ec:4a:4c:3c:09:db:6e:89:06:88:f7:66:63:c4:
76:d1:6c:68:46:f2:58:ca:27:ab:bb:97:c6:1b:46:
5c:c8:62:61:44:29:c4:84:31:1b:09:62:91:38:84:
fa:67:14:0d:e9:cd:a4:de:5a:37:f9:82:72:89:b7:
01:af:26:04:d2:d8:bd:6c:45:6e:dc:17:f0:49:e4:
9c:03:7a:8b:c8:43:16:36:12:c0:f3:38:b5:46:24:
08:5e:a4:da:0c:0a:81:c1:a4:ff:4d:29:a9:49:ad:
58:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:99:F8:52:6E:A1:E6:6B:2C:68:CF:18:E4:47:70:19:89:4D:7A:CD
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133382e302f32342d3234203d3e203232373831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.138.0/24
Signature Algorithm: sha256WithRSAEncryption
74:29:d3:ca:7d:09:5d:92:e1:24:a5:0a:7f:66:7a:7c:e7:78:
c9:43:cd:77:61:61:42:db:45:99:bd:ab:96:c0:b1:48:da:91:
e2:88:68:c9:7c:a2:70:7b:d4:cb:6f:cd:01:f8:b8:9e:67:24:
90:a7:3b:27:64:d2:5e:9d:cf:c7:74:65:ff:2b:0e:03:ff:b1:
a3:8a:f3:44:26:4e:30:d0:0c:99:c9:d8:ce:b5:e5:20:1c:b9:
b3:d0:e9:e1:0b:6f:8e:43:13:36:7f:54:8d:4b:9c:d8:b6:25:
a5:24:ee:d4:74:4c:87:87:f5:db:11:b5:8a:a0:1e:1a:59:9b:
0e:c3:94:e2:70:c3:26:a9:0f:de:e0:67:da:1c:6d:4d:8b:83:
3c:bc:54:6b:93:13:9c:6e:20:00:23:e0:eb:1a:c0:25:f5:06:
80:68:70:be:af:15:17:9d:a5:21:ff:93:ef:ba:8c:57:41:b9:
ca:1e:01:9b:62:e4:1a:e7:4a:78:ed:80:17:1b:b9:66:8b:cb:
d6:77:c3:a5:21:e4:4f:9d:98:9b:6e:1e:26:5e:31:63:d0:19:
a6:f2:48:81:04:56:97:b1:8f:02:cd:06:a9:32:a4:98:81:65:
15:c2:6b:f6:f4:79:07:e7:4b:36:4d:06:4c:48:17:c8:f5:fa:
5d:cd:8e:6e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUTN67G44Wdi2lpeqZKVplQk1XDnowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzEyMjcyMzMyNTJaFw0yNDEyMjUyMzM3NTJaMDMxMTAvBgNV
BAMTKEVFOTlGODUyNkVBMUU2NkIyQzY4Q0YxOEU0NDc3MDE5ODk0RDdBQ0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAISLuN2wbiARcM5foaGxVZot3
lgj7FLsjljKkVJLaoJK7LkOcYHD5mGa9jFNpVKBDg+YtqIe9yKQwPI7kjWHc5lH/
LilLS9vGP6zuk39Xsmcj5pqfcsLDDBSFKFZZm7KsoBa2ezXT280hzgJ8pDeean6O
t2Bw21sjW8/XUTEJCvMxDCwFhQEzxiR2NddVi5P5cNP1jKDsSkw8CdtuiQaI92Zj
xHbRbGhG8ljKJ6u7l8YbRlzIYmFEKcSEMRsJYpE4hPpnFA3pzaTeWjf5gnKJtwGv
JgTS2L1sRW7cF/BJ5JwDeovIQxY2EsDzOLVGJAhepNoMCoHBpP9NKalJrViPAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU7pn4Um6h5mssaM8Y5EdwGYlNes0wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzkzMTJlMzEzMzM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMjM3MzgzMS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1b
ijANBgkqhkiG9w0BAQsFAAOCAQEAdCnTyn0JXZLhJKUKf2Z6fOd4yUPNd2FhQttF
mb2rlsCxSNqR4ohoyXyicHvUy2/NAfi4nmckkKc7J2TSXp3Px3Rl/ysOA/+xo4rz
RCZOMNAMmcnYzrXlIBy5s9Dp4QtvjkMTNn9UjUuc2LYlpSTu1HRMh4f12xG1iqAe
GlmbDsOU4nDDJqkP3uBn2hxtTYuDPLxUa5MTnG4gACPg6xrAJfUGgGhwvq8VF52l
If+T77qMV0G5yh4Bm2LkGudKeO2AFxu5ZovL1nfDpSHkT52Ym24eJl4xY9AZpvJI
gQRWl7GPAs0GqTKkmIFlFcJr9vR5B+dLNk0GTEgXyPX6Xc2Obg==
-----END CERTIFICATE-----
Generated at Sat May 11 18:18:50 2024 by rpki-client on console-ams.rpki-client.org