Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/34352e38312e35392e302f32342d3234203d3e20323131343339.roa
File: 34352e38312e35392e302f32342d3234203d3e20323131343339.roa (raw, json)
Hash identifier: jmfjuQ2LME9LCcB3Ls3X1wO1whmIw278YIL2FglOELk=
Subject key identifier: 14:D4:7E:D6:CE:36:2C:D3:0A:7E:27:DF:E2:67:67:1D:88:81:8B:D7
Certificate issuer: /CN=5da3215abfa4621d57709f838a92801f2e90ddfe
Certificate serial: 716FFE1D2F86C8B416156EFA70642DF7BB6D6856
Authority key identifier: 5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/34352e38312e35392e302f32342d3234203d3e20323131343339.roa
Signing time: Wed 24 Jan 2024 15:48:43 +0000
ROA not before: Wed 24 Jan 2024 15:43:43 +0000
ROA not after: Wed 22 Jan 2025 15:48:43 +0000
asID: 211439
IP address blocks: 45.81.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:6f:fe:1d:2f:86:c8:b4:16:15:6e:fa:70:64:2d:f7:bb:6d:68:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3215abfa4621d57709f838a92801f2e90ddfe
Validity
Not Before: Jan 24 15:43:43 2024 GMT
Not After : Jan 22 15:48:43 2025 GMT
Subject: CN=14D47ED6CE362CD30A7E27DFE267671D88818BD7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1c:71:6e:d8:74:2c:07:19:00:65:bb:9c:ef:
54:07:8d:0c:23:f9:ad:0a:1a:23:dc:81:e3:5c:91:
48:57:d0:0a:a9:50:57:9d:4f:62:75:a6:9e:84:b9:
e8:5f:ce:4a:77:0b:a3:7e:78:48:11:10:ad:2e:39:
2c:f1:e7:81:97:ba:2f:df:8b:e3:78:60:09:25:17:
61:5d:fa:88:44:41:d7:f0:a5:56:42:e8:7b:eb:60:
d1:28:25:c7:5b:d5:7a:a7:ad:e8:a5:a0:52:91:16:
a1:15:02:22:ef:8a:2c:88:c0:09:a2:01:11:c9:87:
48:7b:93:01:5a:98:ec:71:43:00:6d:0d:9a:b2:a3:
80:71:e2:34:20:43:9c:7d:33:3d:e8:87:ee:b2:df:
24:10:2d:96:d2:85:1d:a2:55:54:d1:f4:c1:e4:5d:
01:dd:05:28:be:c5:51:4f:1c:50:6d:87:b1:76:58:
25:0d:8e:e9:0c:b0:c7:29:3c:14:e6:03:14:21:ca:
45:c5:dc:78:f2:85:1a:05:1b:04:73:e2:1d:bc:ab:
48:4a:28:88:cb:92:b4:56:50:08:c6:92:a7:1a:5e:
4c:5f:3b:be:9d:c9:48:8f:36:98:79:c3:7c:9b:6d:
3f:ef:6a:a6:a1:7c:6c:8f:04:5f:fc:98:55:f8:24:
6c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:D4:7E:D6:CE:36:2C:D3:0A:7E:27:DF:E2:67:67:1D:88:81:8B:D7
X509v3 Authority Key Identifier:
keyid:5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/34352e38312e35392e302f32342d3234203d3e20323131343339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.59.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:c2:75:97:00:3f:19:3c:b6:a9:91:47:80:df:c1:a6:40:d3:
dd:b7:fe:7e:9e:9c:ad:4d:68:30:f1:86:6e:59:26:de:d4:5a:
5e:97:90:ae:ba:58:50:28:af:9f:fe:13:ab:4f:04:8a:99:d1:
e4:09:43:1e:3e:41:76:06:cd:8f:6e:c8:7c:04:83:95:56:80:
39:e8:56:bc:f4:5f:d7:6a:41:b0:44:1c:37:e7:c9:16:99:e9:
6e:a1:c0:e8:7c:97:d3:1f:90:93:31:05:d7:b0:b5:af:b2:f3:
11:ea:a9:0c:ad:f0:21:35:31:e9:ce:c7:e0:91:da:c0:2a:ad:
49:26:33:da:7b:9e:44:24:64:19:b2:58:9a:f0:b9:48:a8:52:
70:16:33:30:01:b5:e5:86:84:fe:aa:7a:88:8f:ce:e0:19:6c:
c6:48:53:2c:ea:c9:5c:6a:1f:4d:71:88:1e:3f:a3:5a:a9:73:
4e:81:6c:a5:93:a1:ba:aa:b1:cb:e6:87:cd:1f:04:37:84:a7:
7d:da:54:d5:9c:87:19:83:2c:8c:7d:6e:2e:b8:6f:21:a2:fb:
e8:c1:fd:f2:ce:13:e2:df:09:ff:37:75:b9:dc:8b:0b:de:ca:
ca:02:85:8d:85:94:34:4a:27:7f:bf:df:e0:aa:fe:83:b5:e8:
d0:82:43:5e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUcW/+HS+GyLQWFW76cGQt97ttaFYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWRhMzIxNWFiZmE0NjIxZDU3NzA5ZjgzOGE5MjgwMWYy
ZTkwZGRmZTAeFw0yNDAxMjQxNTQzNDNaFw0yNTAxMjIxNTQ4NDNaMDMxMTAvBgNV
BAMTKDE0RDQ3RUQ2Q0UzNjJDRDMwQTdFMjdERkUyNjc2NzFEODg4MThCRDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClHHFu2HQsBxkAZbuc71QHjQwj
+a0KGiPcgeNckUhX0AqpUFedT2J1pp6Euehfzkp3C6N+eEgREK0uOSzx54GXui/f
i+N4YAklF2Fd+ohEQdfwpVZC6HvrYNEoJcdb1XqnreiloFKRFqEVAiLviiyIwAmi
ARHJh0h7kwFamOxxQwBtDZqyo4Bx4jQgQ5x9Mz3oh+6y3yQQLZbShR2iVVTR9MHk
XQHdBSi+xVFPHFBth7F2WCUNjukMsMcpPBTmAxQhykXF3HjyhRoFGwRz4h28q0hK
KIjLkrRWUAjGkqcaXkxfO76dyUiPNph5w3ybbT/vaqahfGyPBF/8mFX4JGy1AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUFNR+1s42LNMKfiff4mdnHYiBi9cwHwYDVR0j
BBgwFoAUXaMhWr+kYh1XcJ+DipKAHy6Q3f4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmYyNDU2N2ItN2E3NC00YzFmLWFhODUtZGQyNGFmNzNj
Y2JiLzAvNURBMzIxNUFCRkE0NjIxRDU3NzA5RjgzOEE5MjgwMUYyRTkwRERGRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hhTWhXci1rWWgxWGNKLURpcEtBSHk2
UTNmNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYyNDU2N2It
N2E3NC00YzFmLWFhODUtZGQyNGFmNzNjY2JiLzAvMzQzNTJlMzgzMTJlMzUzOTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMTM0MzMzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1R
OzANBgkqhkiG9w0BAQsFAAOCAQEAp8J1lwA/GTy2qZFHgN/BpkDT3bf+fp6crU1o
MPGGblkm3tRaXpeQrrpYUCivn/4Tq08EipnR5AlDHj5BdgbNj27IfASDlVaAOehW
vPRf12pBsEQcN+fJFpnpbqHA6HyX0x+QkzEF17C1r7LzEeqpDK3wITUx6c7H4JHa
wCqtSSYz2nueRCRkGbJYmvC5SKhScBYzMAG15YaE/qp6iI/O4BlsxkhTLOrJXGof
TXGIHj+jWqlzToFspZOhuqqxy+aHzR8EN4SnfdpU1ZyHGYMsjH1uLrhvIaL76MH9
8s4T4t8J/zd1udyLC97KygKFjYWUNEonf7/f4Kr+g7Xo0IJDXg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:13 2024 by rpki-client on console-fra.rpki-client.org