Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e382e3137352e302f32342d3234203d3e2037353632.roa
File: 34352e382e3137352e302f32342d3234203d3e2037353632.roa (raw, json)
Hash identifier: VWYHjdJkaKU4SS1zaztVGANqJ775n7ZXCWgaamZuAhA=
Subject key identifier: 9E:32:73:ED:D5:13:FB:AC:F9:58:B2:1C:E0:C0:96:49:A6:29:41:E7
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 2E5B056D668EA27A866569F04A3B62C6A3AB6584
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e382e3137352e302f32342d3234203d3e2037353632.roa
Signing time: Thu 06 Jun 2024 16:21:24 +0000
ROA not before: Thu 06 Jun 2024 16:16:24 +0000
ROA not after: Thu 05 Jun 2025 16:21:24 +0000
asID: 7562
IP address blocks: 45.8.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Oct 2024 13:20:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:5b:05:6d:66:8e:a2:7a:86:65:69:f0:4a:3b:62:c6:a3:ab:65:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Jun 6 16:16:24 2024 GMT
Not After : Jun 5 16:21:24 2025 GMT
Subject: CN=9E3273EDD513FBACF958B21CE0C09649A62941E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:dc:9b:45:33:62:39:80:d9:c7:7d:73:f5:e0:
4e:01:0a:cd:42:fd:9f:5a:46:66:3f:2f:e6:bb:08:
39:be:d7:c1:9b:8b:1b:ec:12:ed:e3:93:22:13:58:
1d:f3:ab:42:02:78:15:b9:3e:b0:7a:e5:16:61:dc:
f8:6e:a1:14:fa:9d:6c:66:48:ec:b5:2a:9e:7f:9e:
b2:f8:a6:ad:22:10:09:d3:a8:26:f6:31:18:79:91:
63:30:50:c4:f9:c7:e5:a5:17:60:4d:38:a0:c2:09:
2f:64:df:56:f3:5f:9e:e8:e9:e4:ce:d9:7d:13:15:
6c:42:01:2a:f0:f9:a9:73:15:af:b9:63:a3:27:45:
96:94:bc:54:9a:54:09:fa:12:a7:48:8e:8e:3f:cf:
4e:87:7d:53:4f:67:ef:88:bc:7e:c9:11:46:5b:82:
fb:49:23:12:78:0d:f6:bf:8f:0f:f0:2a:a6:38:bd:
42:b6:70:49:1d:0f:0f:92:41:83:01:28:77:52:7c:
fa:32:e2:41:2a:74:79:76:4c:7c:71:50:e5:ab:fc:
3a:e8:de:3e:d1:94:86:2e:35:06:75:e6:aa:72:0a:
c5:7f:e5:8b:61:15:5a:1b:dd:c5:1b:92:60:dc:cb:
d7:96:9d:96:ed:23:04:b7:a4:ae:af:70:af:35:b9:
af:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:32:73:ED:D5:13:FB:AC:F9:58:B2:1C:E0:C0:96:49:A6:29:41:E7
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e382e3137352e302f32342d3234203d3e2037353632.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.175.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:23:ba:2a:5e:7e:50:63:3e:82:9a:f2:52:9d:9c:dc:70:84:
d1:c2:4f:a2:93:0a:e9:79:2e:ba:09:2b:09:6b:96:54:71:7e:
56:57:06:8c:60:93:2a:ac:ef:29:e1:87:93:26:55:4d:f7:0b:
c1:5a:54:d7:49:e7:2d:72:42:0b:a9:b7:61:3c:6c:00:54:f4:
1e:cb:38:4b:61:ad:d3:61:be:a8:5d:4e:6e:46:2a:15:2e:75:
95:8e:f5:21:6d:4f:64:ae:0d:18:4a:17:87:c3:d7:ed:b5:b3:
8b:28:5b:f9:d8:cf:86:65:0c:e8:9a:65:53:f9:9f:0e:ac:85:
51:70:60:b4:88:0c:72:f0:8c:e9:af:91:91:54:0e:07:04:a4:
4d:e3:48:d9:af:ab:57:1a:1a:20:8f:dc:86:14:54:9a:9a:16:
e6:c3:e3:c7:90:70:79:55:ec:f5:e1:13:41:a9:e9:af:f6:aa:
b5:77:ce:ef:a6:5a:bb:8e:13:af:1f:3c:e2:c9:f3:90:7d:c8:
eb:70:9d:42:15:bd:57:82:7f:f4:36:25:3c:7c:5d:24:06:09:
03:ed:52:49:00:ae:45:b6:4a:eb:28:9b:6b:2c:4f:c6:7a:8c:
4a:72:e5:f5:c3:78:67:23:4b:6f:45:01:b1:6c:b1:cf:c1:9c:
07:a6:4e:4c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIULlsFbWaOonqGZWnwSjtixqOrZYQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDA2MDYxNjE2MjRaFw0yNTA2MDUxNjIxMjRaMDMxMTAvBgNV
BAMTKDlFMzI3M0VERDUxM0ZCQUNGOTU4QjIxQ0UwQzA5NjQ5QTYyOTQxRTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs3JtFM2I5gNnHfXP14E4BCs1C
/Z9aRmY/L+a7CDm+18GbixvsEu3jkyITWB3zq0ICeBW5PrB65RZh3PhuoRT6nWxm
SOy1Kp5/nrL4pq0iEAnTqCb2MRh5kWMwUMT5x+WlF2BNOKDCCS9k31bzX57o6eTO
2X0TFWxCASrw+alzFa+5Y6MnRZaUvFSaVAn6EqdIjo4/z06HfVNPZ++IvH7JEUZb
gvtJIxJ4Dfa/jw/wKqY4vUK2cEkdDw+SQYMBKHdSfPoy4kEqdHl2THxxUOWr/Dro
3j7RlIYuNQZ15qpyCsV/5YthFVob3cUbkmDcy9eWnZbtIwS3pK6vcK81ua/NAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUnjJz7dUT+6z5WLIc4MCWSaYpQecwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzQzNTJlMzgyZTMxMzczNTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM3MzUzNjMyLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQivMA0G
CSqGSIb3DQEBCwUAA4IBAQCqI7oqXn5QYz6CmvJSnZzccITRwk+ikwrpeS66CSsJ
a5ZUcX5WVwaMYJMqrO8p4YeTJlVN9wvBWlTXSectckILqbdhPGwAVPQeyzhLYa3T
Yb6oXU5uRioVLnWVjvUhbU9krg0YSheHw9fttbOLKFv52M+GZQzommVT+Z8OrIVR
cGC0iAxy8Izpr5GRVA4HBKRN40jZr6tXGhogj9yGFFSamhbmw+PHkHB5Vez14RNB
qemv9qq1d87vplq7jhOvHzziyfOQfcjrcJ1CFb1Xgn/0NiU8fF0kBgkD7VJJAK5F
tkrrKJtrLE/GeoxKcuX1w3hnI0tvRQGxbLHPwZwHpk5M
-----END CERTIFICATE-----
Generated at Mon Oct 14 15:19:45 2024 by rpki-client on console-fra.rpki-client.org