Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e382e3137332e302f32342d3234203d3e20323131393735.roa
File: 34352e382e3137332e302f32342d3234203d3e20323131393735.roa (raw, json)
Hash identifier: PLkCQNlQNIk+qYGscHQ2Yudzk7rwtgDN04SmGqj+zYk=
Subject key identifier: 2B:A2:49:0A:28:1F:5D:37:F8:F5:44:88:58:E0:4D:B1:39:D8:DC:9B
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 7141F2801B363C26DB780BC7FFCADE1663E3AF5E
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e382e3137332e302f32342d3234203d3e20323131393735.roa
Signing time: Thu 06 Jun 2024 16:30:18 +0000
ROA not before: Thu 06 Jun 2024 16:25:18 +0000
ROA not after: Thu 05 Jun 2025 16:30:18 +0000
asID: 211975
IP address blocks: 45.8.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Oct 2024 13:20:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:41:f2:80:1b:36:3c:26:db:78:0b:c7:ff:ca:de:16:63:e3:af:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Jun 6 16:25:18 2024 GMT
Not After : Jun 5 16:30:18 2025 GMT
Subject: CN=2BA2490A281F5D37F8F5448858E04DB139D8DC9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:28:04:43:1f:fd:d6:56:a9:b5:87:e7:2e:83:
65:3d:ce:9a:42:d9:85:50:85:f4:07:17:86:75:8f:
de:fb:18:46:67:69:e4:37:48:61:67:cd:76:a9:bc:
bb:38:87:5d:15:03:9f:fa:91:e5:1c:8a:b4:3f:90:
9e:bc:11:1b:e6:be:38:d5:d8:58:f3:78:19:a2:01:
1e:55:a3:b0:08:54:e4:fb:27:39:03:df:ff:78:cb:
a5:49:4f:c7:8c:f3:09:8d:48:19:9a:75:bf:f8:e0:
bd:33:f5:a5:50:29:5f:dd:b8:73:49:36:b0:66:c4:
35:93:54:48:ae:82:aa:fd:52:d5:96:2d:49:c2:b0:
a7:66:d1:5a:a3:70:d5:ec:52:04:74:55:0d:37:9e:
70:f6:b5:bb:8f:9e:0b:f9:11:15:24:2e:4d:dc:b6:
cd:f4:b9:b6:ed:dc:e4:94:f6:10:8b:ce:dd:64:17:
8b:9b:ff:d7:85:d9:b4:5b:08:db:4a:c8:15:f5:8c:
a8:3b:1c:fb:bf:e4:e1:c6:a7:f4:79:5b:24:29:68:
1e:48:cb:c9:4e:2e:1c:bb:f5:b9:14:3f:36:f5:e5:
a8:03:df:2a:fe:f8:0a:9c:87:72:dd:0d:ee:61:8c:
f8:6a:a2:32:e1:43:55:44:f3:4c:4c:48:6d:16:ff:
85:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:A2:49:0A:28:1F:5D:37:F8:F5:44:88:58:E0:4D:B1:39:D8:DC:9B
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e382e3137332e302f32342d3234203d3e20323131393735.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.173.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:06:55:5f:0f:ed:a7:cd:c0:36:14:50:7f:a0:7b:bb:9a:ef:
3d:40:e7:c9:23:c7:c2:6b:32:92:1a:ed:0b:46:be:89:84:b0:
ce:23:38:c6:49:2f:b1:15:b7:53:ab:3a:46:c7:93:79:e3:12:
bb:9a:81:68:8c:a3:ae:29:ef:77:47:49:47:7f:2e:0d:65:93:
7f:51:da:cf:48:c8:34:9c:27:68:a2:bf:59:c2:58:59:eb:b8:
cf:88:15:ce:81:cc:ee:4a:88:e4:1c:35:88:4f:ad:c8:04:a0:
88:f3:ce:ce:87:5d:fa:cd:1f:54:57:54:d7:97:4e:b3:8d:e9:
40:45:30:b4:e8:b6:77:32:44:32:44:32:85:34:ed:09:d2:3c:
4e:a5:5c:45:02:00:c1:6e:59:52:70:76:03:f2:de:59:41:8e:
1d:19:27:d9:ac:31:08:17:87:2d:33:3c:5d:9f:a4:10:1f:89:
9b:77:fa:0d:f1:47:27:24:af:40:ad:e1:2d:14:04:8f:d0:e9:
c8:a9:fe:fc:f7:14:ed:4c:e8:85:f0:e6:ec:4b:c8:49:48:87:
51:d7:0b:2a:40:58:b5:3b:55:88:78:18:98:5a:02:86:0d:12:
ab:b5:7e:15:2e:a3:1c:d0:2d:34:0d:c7:b7:f9:b9:a6:f9:6c:
5f:8a:fd:b5
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUcUHygBs2PCbbeAvH/8reFmPjr14wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDA2MDYxNjI1MThaFw0yNTA2MDUxNjMwMThaMDMxMTAvBgNV
BAMTKDJCQTI0OTBBMjgxRjVEMzdGOEY1NDQ4ODU4RTA0REIxMzlEOERDOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTKARDH/3WVqm1h+cug2U9zppC
2YVQhfQHF4Z1j977GEZnaeQ3SGFnzXapvLs4h10VA5/6keUcirQ/kJ68ERvmvjjV
2FjzeBmiAR5Vo7AIVOT7JzkD3/94y6VJT8eM8wmNSBmadb/44L0z9aVQKV/duHNJ
NrBmxDWTVEiugqr9UtWWLUnCsKdm0VqjcNXsUgR0VQ03nnD2tbuPngv5ERUkLk3c
ts30ubbt3OSU9hCLzt1kF4ub/9eF2bRbCNtKyBX1jKg7HPu/5OHGp/R5WyQpaB5I
y8lOLhy79bkUPzb15agD3yr++Aqch3LdDe5hjPhqojLhQ1VE80xMSG0W/4XVAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUK6JJCigfXTf49USIWOBNsTnY3JswHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzQzNTJlMzgyZTMxMzczMzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMTM5MzczNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0I
rTANBgkqhkiG9w0BAQsFAAOCAQEAfwZVXw/tp83ANhRQf6B7u5rvPUDnySPHwmsy
khrtC0a+iYSwziM4xkkvsRW3U6s6RseTeeMSu5qBaIyjrinvd0dJR38uDWWTf1Ha
z0jINJwnaKK/WcJYWeu4z4gVzoHM7kqI5Bw1iE+tyASgiPPOzodd+s0fVFdU15dO
s43pQEUwtOi2dzJEMkQyhTTtCdI8TqVcRQIAwW5ZUnB2A/LeWUGOHRkn2awxCBeH
LTM8XZ+kEB+Jm3f6DfFHJySvQK3hLRQEj9DpyKn+/PcU7UzohfDm7EvISUiHUdcL
KkBYtTtViHgYmFoChg0Sq7V+FS6jHNAtNA3Ht/m5pvlsX4r9tQ==
-----END CERTIFICATE-----
Generated at Mon Oct 14 17:29:35 2024 by rpki-client on console-ams.rpki-client.org