Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3134392e302f32342d3234203d3e20323132323338.roa
File: 34352e36362e3134392e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: 8vLHE3SnwQ+AijG4/w8Tkn706DRsn9D4+gKtDbOEioA=
Subject key identifier: B0:3D:EB:18:E3:1A:DF:61:77:20:DF:74:2A:7D:9D:91:33:C5:B2:4D
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 475D3A01489D37C440D0E69BF4514FDE743B5CA8
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3134392e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 06 Jun 2024 16:30:06 +0000
ROA not before: Thu 06 Jun 2024 16:25:06 +0000
ROA not after: Thu 05 Jun 2025 16:30:06 +0000
asID: 212238
IP address blocks: 45.66.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:5d:3a:01:48:9d:37:c4:40:d0:e6:9b:f4:51:4f:de:74:3b:5c:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Jun 6 16:25:06 2024 GMT
Not After : Jun 5 16:30:06 2025 GMT
Subject: CN=B03DEB18E31ADF617720DF742A7D9D9133C5B24D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:11:a4:78:71:9e:3a:e1:cd:0c:fd:dd:27:0a:
60:06:bd:6f:9f:00:8e:d7:4f:07:86:36:20:60:29:
41:42:40:8f:bb:7d:0c:a9:b1:9e:42:8e:76:e0:37:
8a:90:c0:54:3c:a7:4a:bd:98:cf:85:7b:1f:9e:f6:
9e:08:e1:80:4f:d8:0e:21:73:79:49:4c:32:ec:f3:
82:d9:78:13:3a:2e:ea:31:5b:70:c5:8d:41:0d:01:
e4:36:77:2f:07:07:e9:1a:d9:19:76:d7:a5:cb:ab:
93:74:bf:02:62:90:b4:3b:4d:e5:61:63:9a:09:b0:
72:c9:91:14:7a:03:25:72:f7:e6:b5:78:30:1e:b6:
c3:51:20:c7:88:49:3a:d0:f2:0f:43:3b:57:9c:4d:
aa:fe:be:ba:4a:ee:55:25:ee:0c:69:72:aa:86:7d:
30:45:17:e5:c9:6b:50:83:57:db:82:6e:cc:06:de:
b2:6a:b4:79:5e:30:12:a6:76:53:a1:45:7c:29:52:
22:ef:de:ac:eb:b3:f7:cf:17:30:92:2c:62:2f:31:
81:3c:8b:53:73:97:38:7d:01:12:ca:69:19:ef:52:
e5:81:c4:44:4b:ad:7b:6d:bd:77:8c:e6:f8:a9:04:
7d:c4:97:1e:61:b7:35:5a:27:72:b0:13:a3:29:84:
ef:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:3D:EB:18:E3:1A:DF:61:77:20:DF:74:2A:7D:9D:91:33:C5:B2:4D
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3134392e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.149.0/24
Signature Algorithm: sha256WithRSAEncryption
92:78:95:74:27:72:ba:80:8f:e5:f0:09:20:d9:58:67:fd:89:
e6:12:99:cd:57:77:0e:ee:8f:89:a1:61:86:72:31:2c:5a:a7:
6f:d8:d7:4a:8c:78:ea:cf:90:44:62:9d:d3:fe:27:de:f1:22:
3f:9d:b3:c5:7f:2e:f4:93:ee:e0:27:19:19:1d:23:30:d3:e5:
0d:54:ce:81:b4:42:1a:8c:99:85:25:75:f8:64:a1:35:ed:51:
fa:ad:15:e1:12:33:b1:e9:9a:5f:69:0a:e9:92:ef:34:6e:a8:
78:12:68:0c:16:cb:c3:4c:cc:1c:e7:a5:b4:79:b0:3c:90:8f:
08:49:14:f7:13:12:f1:6f:a0:89:c2:20:85:1c:14:2d:10:49:
dd:3d:1d:55:d4:15:b2:f3:b2:ae:2d:81:2a:01:e3:c4:43:80:
5a:b4:31:be:8b:6e:34:a9:4e:4a:44:a9:75:01:0a:34:40:a8:
5c:76:ef:f2:05:3a:3c:66:f4:a1:fe:7f:d9:97:74:76:e4:b9:
ce:21:f2:4c:cc:f2:3e:aa:02:6c:da:07:51:64:6f:a6:8f:61:
68:02:2f:5e:87:82:cd:cb:5a:84:07:3b:a5:80:ac:51:b5:9c:
f9:fc:6c:10:75:60:2c:49:77:b2:69:4b:0e:59:2e:7f:62:ed:
6c:e9:f0:ea
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUR106AUidN8RA0Oab9FFP3nQ7XKgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDA2MDYxNjI1MDZaFw0yNTA2MDUxNjMwMDZaMDMxMTAvBgNV
BAMTKEIwM0RFQjE4RTMxQURGNjE3NzIwREY3NDJBN0Q5RDkxMzNDNUIyNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDEaR4cZ464c0M/d0nCmAGvW+f
AI7XTweGNiBgKUFCQI+7fQypsZ5CjnbgN4qQwFQ8p0q9mM+Fex+e9p4I4YBP2A4h
c3lJTDLs84LZeBM6LuoxW3DFjUENAeQ2dy8HB+ka2Rl216XLq5N0vwJikLQ7TeVh
Y5oJsHLJkRR6AyVy9+a1eDAetsNRIMeISTrQ8g9DO1ecTar+vrpK7lUl7gxpcqqG
fTBFF+XJa1CDV9uCbswG3rJqtHleMBKmdlOhRXwpUiLv3qzrs/fPFzCSLGIvMYE8
i1Nzlzh9ARLKaRnvUuWBxERLrXttvXeM5vipBH3Elx5htzVaJ3KwE6MphO/XAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUsD3rGOMa32F3IN90Kn2dkTPFsk0wHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzQzNTJlMzYzNjJlMzEzNDM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LUKVMA0GCSqGSIb3DQEBCwUAA4IBAQCSeJV0J3K6gI/l8Akg2Vhn/YnmEpnNV3cO
7o+JoWGGcjEsWqdv2NdKjHjqz5BEYp3T/ife8SI/nbPFfy70k+7gJxkZHSMw0+UN
VM6BtEIajJmFJXX4ZKE17VH6rRXhEjOx6ZpfaQrpku80bqh4EmgMFsvDTMwc56W0
ebA8kI8ISRT3ExLxb6CJwiCFHBQtEEndPR1V1BWy87KuLYEqAePEQ4BatDG+i240
qU5KRKl1AQo0QKhcdu/yBTo8ZvSh/n/Zl3R25LnOIfJMzPI+qgJs2gdRZG+mj2Fo
Ai9eh4LNy1qEBzulgKxRtZz5/GwQdWAsSXeyaUsOWS5/Yu1s6fDq
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:59:20 2024 by rpki-client on console-fra.rpki-client.org