Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3135312e302f32342d3234203d3e203134343435.roa
File: 34352e36362e3135312e302f32342d3234203d3e203134343435.roa (raw, json)
Hash identifier: YcMfxtlC0OZvWXWuQvAufJCcKwFf+SVOgvxwMBge394=
Subject key identifier: 9D:8C:B4:DE:69:FE:42:68:F8:A7:DB:64:2A:DB:70:A4:83:89:BB:2F
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 712E6D269F4B67A99CF7547EBFEE0CC6A650E63E
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3135312e302f32342d3234203d3e203134343435.roa
Signing time: Thu 06 Jun 2024 16:21:38 +0000
ROA not before: Thu 06 Jun 2024 16:16:38 +0000
ROA not after: Thu 05 Jun 2025 16:21:38 +0000
asID: 14445
IP address blocks: 45.66.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Oct 2024 13:20:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:2e:6d:26:9f:4b:67:a9:9c:f7:54:7e:bf:ee:0c:c6:a6:50:e6:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Jun 6 16:16:38 2024 GMT
Not After : Jun 5 16:21:38 2025 GMT
Subject: CN=9D8CB4DE69FE4268F8A7DB642ADB70A48389BB2F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c0:b1:20:f9:05:41:4b:24:c0:7d:96:c3:aa:
6e:71:e7:46:cf:15:d7:8a:95:3c:11:e8:27:2c:01:
39:3e:f4:57:bf:0d:08:9b:4c:5a:51:d0:99:f7:6c:
ae:02:b6:61:49:c8:01:b4:03:eb:a1:0f:27:53:97:
99:00:28:7d:94:b1:bd:89:a7:de:61:ec:3b:a6:27:
a4:4e:3a:00:e9:b5:b9:a2:16:ac:d2:36:cf:27:d9:
21:1c:3a:80:a7:a3:ae:a1:a3:85:11:ec:16:24:ae:
98:48:ff:cf:22:e4:f0:97:de:dd:2a:cb:e0:db:7d:
55:6d:a6:20:d8:71:67:4e:98:49:f4:34:d9:c1:f2:
0d:ea:d7:5b:c5:c2:2f:cf:37:8f:65:30:e4:f1:d3:
59:ad:34:f6:c7:d4:e8:f1:d5:8f:23:ee:16:c8:cc:
fe:47:67:9a:c3:dd:90:69:29:12:c1:8e:ce:bb:74:
f2:e1:f8:01:b6:94:9d:71:ba:e1:0d:aa:5d:9b:27:
64:ff:c3:dd:99:b0:45:14:28:65:33:20:02:78:b1:
22:91:7e:69:04:76:cd:61:24:20:36:1b:f4:34:fa:
10:b8:21:69:b3:17:12:39:94:d7:52:f0:49:01:79:
4e:5f:1b:27:e6:d9:f9:5e:52:d1:f6:7a:bb:c2:ec:
b5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:8C:B4:DE:69:FE:42:68:F8:A7:DB:64:2A:DB:70:A4:83:89:BB:2F
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3135312e302f32342d3234203d3e203134343435.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.151.0/24
Signature Algorithm: sha256WithRSAEncryption
44:88:4e:8f:a6:ff:f9:9c:98:9a:62:16:b1:f6:80:50:21:30:
f6:e8:a3:61:35:9e:ba:e8:e6:5b:0f:06:d1:ba:f5:04:67:da:
39:11:8a:d0:df:1d:88:a1:18:7b:3a:93:8b:d1:8a:f8:50:12:
02:83:a5:18:07:af:82:f1:52:22:70:48:bf:5a:7c:52:b5:be:
d7:1f:91:ec:c4:84:74:81:1c:4d:0a:f0:d4:bb:89:8e:26:70:
bd:54:fd:5d:36:59:1d:2e:16:dc:ea:46:b7:df:a1:16:a9:b4:
ff:ce:7d:2c:c9:18:cd:b2:c9:92:23:35:eb:47:05:7f:21:c9:
a5:97:fd:a9:db:90:f4:85:de:60:ef:6a:57:95:db:4c:3c:0b:
02:92:f3:8e:de:fd:31:76:5b:9c:55:58:07:9d:3e:e0:dd:c2:
d2:8f:da:dd:58:ce:8c:e7:74:db:d7:2f:b0:ea:bf:fd:ed:b1:
13:dc:5b:14:62:27:fe:3f:39:71:d6:6a:70:97:9e:f4:97:c2:
ec:4e:51:56:fc:03:4b:e7:a2:0b:59:af:af:9b:35:0e:0b:3b:
01:6e:5a:5b:b9:ba:38:b8:f2:ba:de:3b:46:55:8f:77:65:60:
f5:8f:38:9e:ca:1a:67:45:b3:a2:57:38:f2:57:7b:9e:44:fa:
b9:23:c8:d7
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUcS5tJp9LZ6mc91R+v+4MxqZQ5j4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDA2MDYxNjE2MzhaFw0yNTA2MDUxNjIxMzhaMDMxMTAvBgNV
BAMTKDlEOENCNERFNjlGRTQyNjhGOEE3REI2NDJBREI3MEE0ODM4OUJCMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBwLEg+QVBSyTAfZbDqm5x50bP
FdeKlTwR6CcsATk+9Fe/DQibTFpR0Jn3bK4CtmFJyAG0A+uhDydTl5kAKH2Usb2J
p95h7DumJ6ROOgDptbmiFqzSNs8n2SEcOoCno66ho4UR7BYkrphI/88i5PCX3t0q
y+DbfVVtpiDYcWdOmEn0NNnB8g3q11vFwi/PN49lMOTx01mtNPbH1Ojx1Y8j7hbI
zP5HZ5rD3ZBpKRLBjs67dPLh+AG2lJ1xuuENql2bJ2T/w92ZsEUUKGUzIAJ4sSKR
fmkEds1hJCA2G/Q0+hC4IWmzFxI5lNdS8EkBeU5fGyfm2fleUtH2ervC7LWfAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUnYy03mn+Qmj4p9tkKttwpIOJuy8wHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzQzNTJlMzYzNjJlMzEzNTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDM0MzQzNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1C
lzANBgkqhkiG9w0BAQsFAAOCAQEARIhOj6b/+ZyYmmIWsfaAUCEw9uijYTWeuujm
Ww8G0br1BGfaORGK0N8diKEYezqTi9GK+FASAoOlGAevgvFSInBIv1p8UrW+1x+R
7MSEdIEcTQrw1LuJjiZwvVT9XTZZHS4W3OpGt9+hFqm0/859LMkYzbLJkiM160cF
fyHJpZf9qduQ9IXeYO9qV5XbTDwLApLzjt79MXZbnFVYB50+4N3C0o/a3VjOjOd0
29cvsOq//e2xE9xbFGIn/j85cdZqcJee9JfC7E5RVvwDS+eiC1mvr5s1Dgs7AW5a
W7m6OLjyut47RlWPd2Vg9Y84nsoaZ0Wzolc48ld7nkT6uSPI1w==
-----END CERTIFICATE-----
Generated at Mon Oct 14 15:19:45 2024 by rpki-client on console-fra.rpki-client.org