Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/34362e3130322e3233332e302f32342d3234203d3e203233383635.roa
File: 34362e3130322e3233332e302f32342d3234203d3e203233383635.roa (raw, json)
Hash identifier: YyMBgTPVms4MPnbkUVc7TpGwl6ukB7kzc/uAePl3SRA=
Subject key identifier: 7A:E8:B3:D0:FF:D8:E0:58:FC:8C:F1:8C:43:06:20:56:0B:1A:BC:30
Certificate issuer: /CN=ed9edb2a15871785fbae38e23c38820dbfa2cca4
Certificate serial: 5E34E2FC152B1353F6E6D240F14ED13F8ED35F57
Authority key identifier: ED:9E:DB:2A:15:87:17:85:FB:AE:38:E2:3C:38:82:0D:BF:A2:CC:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/34362e3130322e3233332e302f32342d3234203d3e203233383635.roa
Signing time: Wed 11 Dec 2024 05:57:59 +0000
ROA not before: Wed 11 Dec 2024 05:52:59 +0000
ROA not after: Wed 10 Dec 2025 05:57:59 +0000
asID: 23865
IP address blocks: 46.102.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.crl
rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.mft
rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:34:e2:fc:15:2b:13:53:f6:e6:d2:40:f1:4e:d1:3f:8e:d3:5f:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed9edb2a15871785fbae38e23c38820dbfa2cca4
Validity
Not Before: Dec 11 05:52:59 2024 GMT
Not After : Dec 10 05:57:59 2025 GMT
Subject: CN=7AE8B3D0FFD8E058FC8CF18C430620560B1ABC30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:62:21:32:c1:d9:2b:fd:fc:50:f6:0b:2e:f1:
bb:1f:92:f4:62:d0:91:8a:a3:61:c0:25:7a:a1:aa:
a0:83:47:80:d6:d1:a9:c0:19:f1:66:fc:37:dd:8c:
03:34:dd:66:67:7a:6f:0e:e2:94:80:27:e1:11:ce:
34:7a:32:14:68:ef:3f:6d:54:ca:a7:da:69:80:db:
f0:81:10:5f:83:48:87:00:32:c3:d6:59:bf:c1:69:
58:04:a8:7a:d5:3e:a9:47:62:e9:fc:fd:e4:88:23:
43:56:a3:9a:7c:3f:66:f6:d1:7c:af:89:1c:ba:cb:
ec:83:de:3b:c2:ec:2a:cd:d1:67:40:95:ac:6d:eb:
fb:26:40:0f:e7:9b:57:61:c3:89:d5:fe:11:76:c0:
c6:50:e3:06:f6:2d:ec:0f:b4:fd:50:30:5c:9b:89:
f4:de:a7:47:4f:82:80:26:ed:0d:cf:bc:91:54:23:
8e:1a:a8:38:d5:ab:79:00:58:d3:4b:aa:28:b5:b9:
71:c5:0a:b5:75:05:4b:f1:23:f2:09:0d:37:1a:f2:
4c:3e:ca:28:05:fe:63:0f:08:e5:26:0b:65:7c:92:
f4:bd:cd:aa:28:93:bd:ca:a1:51:e3:9d:ef:df:ad:
8b:cf:20:d9:13:72:6f:97:5b:57:63:97:87:75:04:
e5:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:E8:B3:D0:FF:D8:E0:58:FC:8C:F1:8C:43:06:20:56:0B:1A:BC:30
X509v3 Authority Key Identifier:
keyid:ED:9E:DB:2A:15:87:17:85:FB:AE:38:E2:3C:38:82:0D:BF:A2:CC:A4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/34362e3130322e3233332e302f32342d3234203d3e203233383635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.233.0/24
Signature Algorithm: sha256WithRSAEncryption
21:3c:6e:d7:89:2c:3f:e0:9b:d5:a4:cb:d4:76:95:d4:79:76:
a3:61:92:fa:55:8e:d5:6c:f5:6d:ad:7e:4e:33:03:4f:f3:ae:
b8:c5:b5:c9:8a:7b:be:67:51:11:73:0f:37:0d:f0:c5:32:d0:
a4:3b:45:42:a7:d2:3b:97:41:74:80:49:94:b7:dd:ed:34:49:
f8:c2:54:d3:ae:0a:83:31:97:3f:84:ab:8e:d8:da:40:31:87:
67:21:84:42:4b:38:06:58:3d:d5:99:89:b3:f2:c5:4f:d7:ff:
3d:58:d9:59:47:b1:bd:c2:3e:c8:a9:16:c3:dc:58:75:5e:ec:
82:b0:21:02:e1:c4:e1:f3:5b:81:11:f0:94:a6:80:f9:f0:2c:
2d:d6:44:dd:9e:23:32:8f:86:31:9c:14:5a:83:19:03:fc:b3:
ce:90:14:41:40:93:38:4e:04:9b:25:31:f2:00:7e:cf:37:71:
5c:93:be:7a:3d:cd:32:d5:19:7c:dd:44:0e:1b:42:6b:72:37:
9f:04:8b:f2:fb:2f:a3:f8:8b:0f:dd:92:f9:42:91:53:8b:e5:
6e:a5:93:63:4f:67:45:83:31:ac:a4:18:a7:7b:5a:a2:3e:01:
92:5e:59:19:c8:fc:28:26:a3:aa:10:65:8d:23:e8:ea:45:2e:
9b:01:f2:7a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXjTi/BUrE1P25tJA8U7RP47TX1cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWQ5ZWRiMmExNTg3MTc4NWZiYWUzOGUyM2MzODgyMGRi
ZmEyY2NhNDAeFw0yNDEyMTEwNTUyNTlaFw0yNTEyMTAwNTU3NTlaMDMxMTAvBgNV
BAMTKDdBRThCM0QwRkZEOEUwNThGQzhDRjE4QzQzMDYyMDU2MEIxQUJDMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwYiEywdkr/fxQ9gsu8bsfkvRi
0JGKo2HAJXqhqqCDR4DW0anAGfFm/DfdjAM03WZnem8O4pSAJ+ERzjR6MhRo7z9t
VMqn2mmA2/CBEF+DSIcAMsPWWb/BaVgEqHrVPqlHYun8/eSII0NWo5p8P2b20Xyv
iRy6y+yD3jvC7CrN0WdAlaxt6/smQA/nm1dhw4nV/hF2wMZQ4wb2LewPtP1QMFyb
ifTep0dPgoAm7Q3PvJFUI44aqDjVq3kAWNNLqii1uXHFCrV1BUvxI/IJDTca8kw+
yigF/mMPCOUmC2V8kvS9zaook73KoVHjne/frYvPINkTcm+XW1djl4d1BOWXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUeuiz0P/Y4Fj8jPGMQwYgVgsavDAwHwYDVR0j
BBgwFoAU7Z7bKhWHF4X7rjjiPDiCDb+izKQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWEwZGU5N2YtN2VlOC00Y2UwLWIwNDUtZWZhYzhjMjQz
Yzc5LzAvRUQ5RURCMkExNTg3MTc4NUZCQUUzOEUyM0MzODgyMERCRkEyQ0NBNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdaN2JLaFdIRjRYN3JqamlQRGlDRGIt
aXpLUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWEwZGU5N2Yt
N2VlOC00Y2UwLWIwNDUtZWZhYzhjMjQzYzc5LzAvMzQzNjJlMzEzMDMyMmUzMjMz
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMzMzgzNjM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LmbpMA0GCSqGSIb3DQEBCwUAA4IBAQAhPG7XiSw/4JvVpMvUdpXUeXajYZL6VY7V
bPVtrX5OMwNP8664xbXJinu+Z1ERcw83DfDFMtCkO0VCp9I7l0F0gEmUt93tNEn4
wlTTrgqDMZc/hKuO2NpAMYdnIYRCSzgGWD3VmYmz8sVP1/89WNlZR7G9wj7IqRbD
3Fh1XuyCsCEC4cTh81uBEfCUpoD58Cwt1kTdniMyj4YxnBRagxkD/LPOkBRBQJM4
TgSbJTHyAH7PN3Fck756Pc0y1Rl83UQOG0JrcjefBIvy+y+j+IsP3ZL5QpFTi+Vu
pZNjT2dFgzGspBine1qiPgGSXlkZyPwoJqOqEGWNI+jqRS6bAfJ6
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:53:22 2025 by rpki-client