Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/34362e3235302e3234302e302f32302d3234203d3e20313431393935.roa
File: 34362e3235302e3234302e302f32302d3234203d3e20313431393935.roa (raw, json)
Hash identifier: 7h9c3ic2ijne7bcZtVDKPsbHR6LZDseAyEQRvPPRo0U=
Subject key identifier: 96:4B:4D:86:0F:4D:E3:7E:26:AD:87:96:9F:94:7A:5F:6C:4D:6F:55
Certificate issuer: /CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Certificate serial: 4013A6028218EE896BEC4735792DF11AE9EFB0F6
Authority key identifier: F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/34362e3235302e3234302e302f32302d3234203d3e20313431393935.roa
Signing time: Fri 13 Oct 2023 09:32:23 +0000
ROA not before: Fri 13 Oct 2023 09:27:23 +0000
ROA not after: Fri 11 Oct 2024 09:32:23 +0000
asID: 141995
IP address blocks: 46.250.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.mft
rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:13:a6:02:82:18:ee:89:6b:ec:47:35:79:2d:f1:1a:e9:ef:b0:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Validity
Not Before: Oct 13 09:27:23 2023 GMT
Not After : Oct 11 09:32:23 2024 GMT
Subject: CN=964B4D860F4DE37E26AD87969F947A5F6C4D6F55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:83:66:8e:a3:fb:02:23:b9:07:03:f6:25:bd:
03:04:00:ea:c0:bb:0f:11:d3:67:dc:b8:22:90:01:
2a:57:76:23:e5:1d:64:86:de:c8:8e:6f:5a:03:81:
9f:e5:4d:ce:2d:a7:94:c3:40:f2:37:21:32:28:48:
93:79:ee:59:bd:cb:25:75:10:b3:5a:cc:3d:8d:cf:
b3:7d:45:ad:9d:93:da:e9:f4:30:53:00:e2:71:d7:
b4:07:29:b4:e0:99:c9:89:9f:84:c7:59:9e:01:b6:
da:47:3b:ec:c7:53:51:53:50:74:cf:c9:ae:94:34:
85:10:64:7b:84:6f:f2:25:18:b4:75:0e:c1:74:81:
d1:25:3b:e6:7a:de:c2:9b:40:b3:ed:39:3d:e8:45:
55:b2:3a:fb:0e:3a:4d:ea:4a:68:e2:d8:6d:fd:c0:
52:28:bb:4a:62:06:17:09:83:6a:ea:7a:c1:3f:17:
15:d5:c2:5c:35:71:2d:bb:e0:28:a7:7d:1b:b3:2c:
19:3c:07:1a:5c:0c:62:c2:00:34:59:08:85:99:f5:
40:7e:67:f9:4f:30:a2:fa:c5:d4:36:6f:fb:13:22:
75:52:32:cf:3e:da:b9:23:7c:63:07:54:89:31:f7:
bd:bb:33:08:b6:c4:32:ae:ea:52:a2:40:a1:62:51:
e1:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:4B:4D:86:0F:4D:E3:7E:26:AD:87:96:9F:94:7A:5F:6C:4D:6F:55
X509v3 Authority Key Identifier:
keyid:F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/34362e3235302e3234302e302f32302d3234203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.250.240.0/20
Signature Algorithm: sha256WithRSAEncryption
11:b0:e6:1b:d1:ba:90:ea:af:da:d5:11:e4:3e:8f:ac:2f:19:
4d:62:87:60:41:e3:7b:9d:6d:e0:a3:b1:4a:56:76:24:f9:92:
a6:fc:88:38:85:8c:de:c1:3c:e5:1e:74:b1:97:19:cd:d2:fd:
b4:16:ab:54:12:17:cb:8b:fa:ac:c7:f2:c5:f3:de:64:65:c9:
b9:47:8c:08:2c:5b:b9:2f:3e:0e:a7:4f:3f:88:0c:fd:ca:b0:
71:45:9b:ad:95:41:83:37:07:20:f9:dd:53:f5:cb:ea:9f:3a:
f1:82:12:de:50:fa:03:7b:b6:54:63:f6:6d:38:18:ee:60:b0:
be:fb:fc:26:bc:3c:96:5f:b2:0b:50:fa:9a:e2:0d:4b:71:c0:
af:69:da:ad:e6:a7:b9:3f:e5:7b:b1:8a:e8:c9:5a:65:e0:8a:
c1:57:fb:e7:cb:21:58:4d:8d:5b:bf:2b:98:64:f0:be:3a:b1:
f7:6d:f3:ae:a8:60:de:8a:b6:ca:35:19:c3:ff:25:7b:30:a5:
60:b4:d7:6b:3b:28:d7:1c:e1:d1:e8:52:35:db:01:0d:42:49:
f8:c9:cd:16:88:2e:62:93:d5:0f:68:02:9b:35:1a:05:aa:60:
0a:27:ca:1d:9f:ed:b0:68:71:a5:6e:ac:f9:c5:0b:b8:6c:68:
0b:0a:30:13
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQBOmAoIY7olr7Ec1eS3xGunvsPYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjI5ZmJhYjRkYjg2N2Y2YmQ5YTdlZmY2YWE1NWQ5OGMx
NjJlMWFhZDAeFw0yMzEwMTMwOTI3MjNaFw0yNDEwMTEwOTMyMjNaMDMxMTAvBgNV
BAMTKDk2NEI0RDg2MEY0REUzN0UyNkFEODc5NjlGOTQ3QTVGNkM0RDZGNTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtg2aOo/sCI7kHA/YlvQMEAOrA
uw8R02fcuCKQASpXdiPlHWSG3siOb1oDgZ/lTc4tp5TDQPI3ITIoSJN57lm9yyV1
ELNazD2Nz7N9Ra2dk9rp9DBTAOJx17QHKbTgmcmJn4THWZ4BttpHO+zHU1FTUHTP
ya6UNIUQZHuEb/IlGLR1DsF0gdElO+Z63sKbQLPtOT3oRVWyOvsOOk3qSmji2G39
wFIou0piBhcJg2rqesE/FxXVwlw1cS274CinfRuzLBk8BxpcDGLCADRZCIWZ9UB+
Z/lPMKL6xdQ2b/sTInVSMs8+2rkjfGMHVIkx9727Mwi2xDKu6lKiQKFiUeETAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUlktNhg9N434mrYeWn5R6X2xNb1UwHwYDVR0j
BBgwFoAU8p+6tNuGf2vZp+/2qlXZjBYuGq0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQtM2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0
OTEyLzAvRjI5RkJBQjREQjg2N0Y2QkQ5QTdFRkY2QUE1NUQ5OEMxNjJFMUFBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhwLTZ0TnVHZjJ2WnAtXzJxbFhaakJZ
dUdxMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQt
M2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0OTEyLzAvMzQzNjJlMzIzNTMwMmUzMjM0
MzAyZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAQu+vAwDQYJKoZIhvcNAQELBQADggEBABGw5hvRupDqr9rVEeQ+j6wvGU1ih2BB
43udbeCjsUpWdiT5kqb8iDiFjN7BPOUedLGXGc3S/bQWq1QSF8uL+qzH8sXz3mRl
yblHjAgsW7kvPg6nTz+IDP3KsHFFm62VQYM3ByD53VP1y+qfOvGCEt5Q+gN7tlRj
9m04GO5gsL77/Ca8PJZfsgtQ+priDUtxwK9p2q3mp7k/5XuxiujJWmXgisFX++fL
IVhNjVu/K5hk8L46sfdt866oYN6Ktso1GcP/JXswpWC012s7KNcc4dHoUjXbAQ1C
SfjJzRaILmKT1Q9oAps1GgWqYAonyh2f7bBocaVurPnFC7hsaAsKMBM=
-----END CERTIFICATE-----
Generated at Fri May 17 08:09:14 2024 by rpki-client on console-ams.rpki-client.org