Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/34352e38312e35392e302f32342d3234203d3e20323132333834.roa
File: 34352e38312e35392e302f32342d3234203d3e20323132333834.roa (raw, json)
Hash identifier: /pglx2sU5jtCytGHT0V5IZzX70yBH2Gm59ZtgUW/WO4=
Subject key identifier: 3F:F1:23:CD:AC:EF:32:51:C6:A1:DA:A8:72:53:2E:BE:71:61:30:20
Certificate issuer: /CN=5da3215abfa4621d57709f838a92801f2e90ddfe
Certificate serial: 5E4E47D1FE952CBFFCD11151537F2588AE0DFDFD
Authority key identifier: 5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/34352e38312e35392e302f32342d3234203d3e20323132333834.roa
Signing time: Thu 01 Feb 2024 13:05:12 +0000
ROA not before: Thu 01 Feb 2024 13:00:12 +0000
ROA not after: Thu 30 Jan 2025 13:05:12 +0000
asID: 212384
IP address blocks: 45.81.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:4e:47:d1:fe:95:2c:bf:fc:d1:11:51:53:7f:25:88:ae:0d:fd:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3215abfa4621d57709f838a92801f2e90ddfe
Validity
Not Before: Feb 1 13:00:12 2024 GMT
Not After : Jan 30 13:05:12 2025 GMT
Subject: CN=3FF123CDACEF3251C6A1DAA872532EBE71613020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:93:0e:a4:cb:ba:38:91:c9:b5:eb:88:ab:97:
ae:7a:ce:ef:6c:97:75:05:fb:3f:43:99:30:90:40:
b4:33:69:8c:34:2c:2f:9b:08:7d:f7:0b:6f:0e:f2:
c4:d9:ae:f8:41:c1:c8:0e:51:17:88:91:5b:57:6b:
33:f3:47:b0:59:d7:98:9a:45:3d:05:56:a4:3f:82:
00:9c:42:15:07:da:f2:47:36:3c:18:2e:07:89:1b:
b4:6f:e8:8d:0a:66:ff:22:14:06:af:73:ba:0a:4d:
8c:73:1a:8e:36:57:98:e7:ef:b3:99:2d:dd:ce:b5:
fe:c2:31:62:b4:e6:50:3d:34:6a:6f:7a:ff:f0:4e:
8c:dc:35:7d:34:32:9d:d3:29:c1:f7:16:81:b5:d6:
b3:91:89:33:bf:89:dd:a0:f3:7d:e2:d2:2a:21:51:
43:30:ea:02:8b:66:f9:7d:a2:1c:d0:45:46:99:4d:
c8:8c:11:26:b0:4b:a7:2d:5e:7c:27:26:a4:ce:59:
46:c1:80:58:eb:04:06:81:28:37:93:95:05:5f:c7:
48:d8:44:96:79:99:e4:b0:96:a5:d2:85:02:ad:43:
3b:07:df:62:1f:6c:b6:83:a2:5b:16:1e:81:26:28:
9a:d2:40:e6:16:31:06:d3:6e:8a:c2:dd:95:95:0a:
bd:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:F1:23:CD:AC:EF:32:51:C6:A1:DA:A8:72:53:2E:BE:71:61:30:20
X509v3 Authority Key Identifier:
keyid:5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/34352e38312e35392e302f32342d3234203d3e20323132333834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.59.0/24
Signature Algorithm: sha256WithRSAEncryption
45:ed:d9:a8:79:55:7a:14:33:75:eb:18:a2:0d:d6:b7:0c:7e:
93:55:12:77:e1:2f:95:ec:2e:49:7f:5b:60:af:0d:df:35:97:
6c:17:f4:ce:27:3c:c1:eb:ab:5f:d8:62:bb:42:d9:47:0f:9f:
f0:a0:b3:5d:4d:80:bd:a6:6d:b2:e2:73:cb:ab:ed:be:77:bd:
d8:3d:ad:7d:75:bd:7c:d6:38:04:19:c1:09:dc:6d:ef:dd:b1:
2e:fb:3e:99:ad:7a:98:da:dd:d3:99:f9:ac:82:6c:88:9f:1c:
68:a4:97:80:92:9b:01:e6:a1:ef:de:87:8f:d2:f0:f3:2a:af:
61:75:6a:47:9e:1f:04:4f:03:f2:19:59:c8:81:24:ba:2b:a8:
6c:7d:44:02:19:8b:65:1c:53:b1:9a:b7:bb:53:f7:f8:a3:6a:
d8:68:38:17:95:1b:91:3c:32:5a:89:3c:4c:89:92:24:be:b3:
5e:c8:f1:c7:ac:4f:9a:e0:f8:61:d1:6d:f9:d3:c6:d8:be:53:
fc:73:0e:cd:4d:a4:bb:e0:15:f6:a0:01:91:ea:f7:a3:2f:a2:
cb:77:34:46:1b:17:e3:7b:2d:78:dc:b5:83:eb:3b:fc:82:10:
5a:16:48:61:c4:89:d7:a3:50:cd:f1:c1:ee:d5:b0:8b:ee:30:
18:93:c8:b7
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUXk5H0f6VLL/80RFRU38liK4N/f0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWRhMzIxNWFiZmE0NjIxZDU3NzA5ZjgzOGE5MjgwMWYy
ZTkwZGRmZTAeFw0yNDAyMDExMzAwMTJaFw0yNTAxMzAxMzA1MTJaMDMxMTAvBgNV
BAMTKDNGRjEyM0NEQUNFRjMyNTFDNkExREFBODcyNTMyRUJFNzE2MTMwMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbkw6ky7o4kcm164irl656zu9s
l3UF+z9DmTCQQLQzaYw0LC+bCH33C28O8sTZrvhBwcgOUReIkVtXazPzR7BZ15ia
RT0FVqQ/ggCcQhUH2vJHNjwYLgeJG7Rv6I0KZv8iFAavc7oKTYxzGo42V5jn77OZ
Ld3Otf7CMWK05lA9NGpvev/wTozcNX00Mp3TKcH3FoG11rORiTO/id2g833i0ioh
UUMw6gKLZvl9ohzQRUaZTciMESawS6ctXnwnJqTOWUbBgFjrBAaBKDeTlQVfx0jY
RJZ5meSwlqXShQKtQzsH32IfbLaDolsWHoEmKJrSQOYWMQbTborC3ZWVCr2vAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUP/EjzazvMlHGodqoclMuvnFhMCAwHwYDVR0j
BBgwFoAUXaMhWr+kYh1XcJ+DipKAHy6Q3f4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmYyNDU2N2ItN2E3NC00YzFmLWFhODUtZGQyNGFmNzNj
Y2JiLzAvNURBMzIxNUFCRkE0NjIxRDU3NzA5RjgzOEE5MjgwMUYyRTkwRERGRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hhTWhXci1rWWgxWGNKLURpcEtBSHk2
UTNmNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYyNDU2N2It
N2E3NC00YzFmLWFhODUtZGQyNGFmNzNjY2JiLzAvMzQzNTJlMzgzMTJlMzUzOTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMzMzgzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1R
OzANBgkqhkiG9w0BAQsFAAOCAQEARe3ZqHlVehQzdesYog3Wtwx+k1USd+Evlewu
SX9bYK8N3zWXbBf0zic8weurX9hiu0LZRw+f8KCzXU2AvaZtsuJzy6vtvne92D2t
fXW9fNY4BBnBCdxt792xLvs+ma16mNrd05n5rIJsiJ8caKSXgJKbAeah796Hj9Lw
8yqvYXVqR54fBE8D8hlZyIEkuiuobH1EAhmLZRxTsZq3u1P3+KNq2Gg4F5UbkTwy
Wok8TImSJL6zXsjxx6xPmuD4YdFt+dPG2L5T/HMOzU2ku+AV9qABker3oy+iy3c0
RhsX43steNy1g+s7/IIQWhZIYcSJ16NQzfHB7tWwi+4wGJPItw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:13 2024 by rpki-client on console-fra.rpki-client.org