Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3134382e302f32342d3234203d3e203631333137.roa
File: 34352e36362e3134382e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: ma4p5n6JH0oJh+6VWTzapcFLY0gy6kDdq6Pdj+L3vJY=
Subject key identifier: 90:41:3E:EF:08:9D:F2:05:E9:54:92:47:A0:2D:A8:D4:8D:83:E8:38
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 48BC69290F2741173B9AE9F2989C1D67320E8640
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3134382e302f32342d3234203d3e203631333137.roa
Signing time: Thu 06 Jun 2024 16:22:37 +0000
ROA not before: Thu 06 Jun 2024 16:17:37 +0000
ROA not after: Thu 05 Jun 2025 16:22:37 +0000
asID: 61317
IP address blocks: 45.66.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Oct 2024 13:20:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:bc:69:29:0f:27:41:17:3b:9a:e9:f2:98:9c:1d:67:32:0e:86:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Jun 6 16:17:37 2024 GMT
Not After : Jun 5 16:22:37 2025 GMT
Subject: CN=90413EEF089DF205E9549247A02DA8D48D83E838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:56:0e:07:d9:15:c8:ea:31:a6:d1:b4:eb:9f:
c8:4e:c9:16:32:38:df:77:3d:af:7c:5b:43:05:3e:
75:cf:8b:00:fe:96:65:50:41:04:79:0b:5e:27:aa:
e1:73:09:dc:46:9b:18:dc:57:6d:35:b9:6d:d0:41:
c8:90:49:10:e4:c4:7e:34:20:8d:b9:a7:d6:0b:da:
2e:d2:e4:4d:34:aa:00:6b:dc:91:9b:5d:f5:d9:e3:
e1:b4:e5:b3:6f:36:3f:fd:21:ab:51:0e:d3:44:e5:
68:31:53:05:f7:d9:0d:33:d4:87:9a:08:7f:96:52:
bc:fa:19:a3:69:e6:8a:c6:8f:2d:d0:46:37:58:c5:
5d:53:62:ee:02:53:0d:31:1a:17:50:d3:78:06:e2:
0b:15:95:ba:9e:2a:46:3d:a1:16:2c:9f:28:75:af:
8d:a0:a4:aa:b7:60:fd:04:70:7c:e6:0c:8d:7a:4c:
99:ab:58:30:18:aa:ca:db:d8:48:68:31:7d:4a:c5:
9b:71:1b:17:8b:5a:eb:ab:ba:ff:db:06:15:f7:9a:
15:2b:38:c6:b7:b5:ae:75:dd:ac:c4:e5:f6:38:ce:
17:6b:f3:ff:f2:4b:d3:1f:cf:5a:2c:b7:14:b1:1d:
0a:4e:1c:6b:73:a4:94:d8:5e:cd:a9:4d:1a:86:52:
92:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:41:3E:EF:08:9D:F2:05:E9:54:92:47:A0:2D:A8:D4:8D:83:E8:38
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3134382e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.148.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:03:70:f6:30:70:83:f7:63:e0:9b:c5:eb:c7:82:13:87:6e:
60:07:78:5e:3d:ae:22:b9:b0:20:f4:f8:57:fa:fa:27:7d:5c:
a8:f3:2d:ae:a0:2a:28:2a:c4:67:d8:bc:bc:af:93:5a:51:79:
7c:8b:16:bb:58:bd:53:19:77:a2:13:61:2f:1a:9c:22:da:c1:
ae:34:35:f6:f4:1b:92:4c:5a:1e:93:83:ee:8c:80:54:e0:aa:
cd:01:67:57:f0:96:ad:95:d8:12:04:a3:fc:25:25:43:87:0b:
e5:66:c5:19:0b:8b:8a:1c:5b:ed:b3:3f:de:0f:e9:25:a4:9e:
8c:d3:86:08:10:81:0d:bb:91:d7:48:65:3c:69:b8:6f:fd:5a:
7c:6e:02:79:8d:65:88:0c:df:9f:45:07:d2:9c:bf:3d:f4:91:
28:55:d2:8d:8b:0d:cd:f6:41:f9:a6:b0:8c:3d:32:08:a4:f3:
55:b5:a9:3d:d4:ae:27:b5:ed:9f:84:ce:85:5e:35:75:f2:fb:
44:ec:45:92:f5:72:3c:4a:66:b1:58:72:3e:ee:a2:fb:83:94:
ed:f4:e3:d2:33:8f:e2:b4:41:e9:cb:45:4a:5b:11:12:73:1e:
d3:53:45:40:61:e6:3f:b7:42:77:c7:48:3c:85:7b:78:65:52:
67:fa:b7:d1
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUSLxpKQ8nQRc7munymJwdZzIOhkAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDA2MDYxNjE3MzdaFw0yNTA2MDUxNjIyMzdaMDMxMTAvBgNV
BAMTKDkwNDEzRUVGMDg5REYyMDVFOTU0OTI0N0EwMkRBOEQ0OEQ4M0U4MzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVVg4H2RXI6jGm0bTrn8hOyRYy
ON93Pa98W0MFPnXPiwD+lmVQQQR5C14nquFzCdxGmxjcV201uW3QQciQSRDkxH40
II25p9YL2i7S5E00qgBr3JGbXfXZ4+G05bNvNj/9IatRDtNE5WgxUwX32Q0z1Iea
CH+WUrz6GaNp5orGjy3QRjdYxV1TYu4CUw0xGhdQ03gG4gsVlbqeKkY9oRYsnyh1
r42gpKq3YP0EcHzmDI16TJmrWDAYqsrb2EhoMX1KxZtxGxeLWuuruv/bBhX3mhUr
OMa3ta513azE5fY4zhdr8//yS9Mfz1ostxSxHQpOHGtzpJTYXs2pTRqGUpJpAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUkEE+7wid8gXpVJJHoC2o1I2D6DgwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzQzNTJlMzYzNjJlMzEzNDM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTMzMzEzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1C
lDANBgkqhkiG9w0BAQsFAAOCAQEAegNw9jBwg/dj4JvF68eCE4duYAd4Xj2uIrmw
IPT4V/r6J31cqPMtrqAqKCrEZ9i8vK+TWlF5fIsWu1i9Uxl3ohNhLxqcItrBrjQ1
9vQbkkxaHpOD7oyAVOCqzQFnV/CWrZXYEgSj/CUlQ4cL5WbFGQuLihxb7bM/3g/p
JaSejNOGCBCBDbuR10hlPGm4b/1afG4CeY1liAzfn0UH0py/PfSRKFXSjYsNzfZB
+aawjD0yCKTzVbWpPdSuJ7Xtn4TOhV41dfL7ROxFkvVyPEpmsVhyPu6i+4OU7fTj
0jOP4rRB6ctFSlsREnMe01NFQGHmP7dCd8dIPIV7eGVSZ/q30Q==
-----END CERTIFICATE-----
Generated at Mon Oct 14 15:19:45 2024 by rpki-client on console-fra.rpki-client.org