Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39392e302f32342d3234203d3e203136323736.roa
File: 34352e3133322e39392e302f32342d3234203d3e203136323736.roa (raw, json)
Hash identifier: 2qGOPP+wHNHYmIbjKv1RUZFuJnASnXzesYdp4Zq7L+A=
Subject key identifier: 13:A7:6A:01:F7:B5:F4:C9:F0:30:55:25:ED:77:6C:DF:8F:6B:AF:99
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 4AB6988E5987865E3A8DCEB2E0A72472FCBCD220
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39392e302f32342d3234203d3e203136323736.roa
Signing time: Thu 03 Oct 2024 09:22:56 +0000
ROA not before: Thu 03 Oct 2024 09:17:56 +0000
ROA not after: Thu 02 Oct 2025 09:22:56 +0000
asID: 16276
IP address blocks: 45.132.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:b6:98:8e:59:87:86:5e:3a:8d:ce:b2:e0:a7:24:72:fc:bc:d2:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Oct 3 09:17:56 2024 GMT
Not After : Oct 2 09:22:56 2025 GMT
Subject: CN=13A76A01F7B5F4C9F0305525ED776CDF8F6BAF99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:09:5d:f6:cc:00:e1:f3:31:11:65:c7:2c:60:
61:bb:09:e2:98:3f:37:dc:c7:de:85:56:93:34:f7:
8d:f4:f8:db:b4:ab:bd:0e:81:f4:41:17:0d:b7:f7:
dc:85:41:d0:bd:e8:f4:ec:6b:d2:7f:45:2c:b0:6e:
01:f0:5c:68:63:88:5a:af:38:a2:63:4b:e2:4e:62:
fe:b4:57:12:73:08:3e:11:5f:9d:cc:90:2b:1a:6d:
f6:98:e4:16:5c:54:32:2a:b0:51:c7:b5:22:c1:55:
5b:77:0b:38:32:cd:30:4f:d5:df:77:e9:50:06:d8:
35:a0:ce:98:b9:b4:a9:b0:22:ce:b0:c8:15:c8:df:
a1:08:0d:8c:4a:74:f3:4e:a4:e0:02:7c:ff:41:b5:
62:54:96:cd:75:69:48:59:29:05:90:2f:bf:41:21:
85:20:f9:f4:97:3f:91:b6:6d:26:7d:18:84:49:be:
c3:97:4d:51:17:be:a2:a1:67:65:be:61:b1:fa:d9:
ae:ea:2c:bb:39:4a:0e:ed:71:c1:d3:2a:86:3d:17:
df:61:e8:f5:f8:70:22:0b:f7:3a:1b:8d:9a:be:a5:
38:95:50:81:47:cf:25:34:43:e8:a1:bf:7c:9e:75:
15:a1:4d:69:89:69:90:15:42:50:82:65:a7:3e:4e:
a1:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:A7:6A:01:F7:B5:F4:C9:F0:30:55:25:ED:77:6C:DF:8F:6B:AF:99
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39392e302f32342d3234203d3e203136323736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.99.0/24
Signature Algorithm: sha256WithRSAEncryption
99:de:42:1a:f8:c2:95:eb:c3:b1:35:64:dc:00:7b:cc:ae:f5:
bd:cb:f9:ee:b1:da:e4:4d:c1:dc:d9:16:09:40:4a:d7:9c:f2:
be:d2:f3:b2:32:55:c8:a4:1a:a9:94:b9:35:a1:f8:fd:e6:8b:
70:a8:7d:0a:33:56:1b:da:54:22:41:95:22:80:1d:dc:1d:d0:
68:6a:e5:93:4a:f2:86:86:bb:00:1a:44:d3:cf:48:ee:6e:cc:
af:93:fe:cf:65:29:4e:c7:97:cf:28:66:31:87:e7:d9:1b:2e:
31:c6:2e:1c:12:4b:ea:df:65:d3:65:59:ba:05:94:33:a9:36:
76:b1:18:fc:d3:c3:22:ab:2d:7b:11:47:48:1b:fd:28:2c:eb:
36:5c:bd:b4:75:fe:45:00:fa:dc:44:d2:cc:ed:60:b0:b8:7b:
de:10:da:6c:be:fb:f8:47:af:0a:e6:be:1d:0f:b0:93:94:1b:
1a:03:f3:97:87:51:74:6e:38:68:af:6e:c0:6f:c5:5a:c4:cd:
bc:9c:63:b7:c8:ab:cd:30:ed:f6:f3:87:55:6f:16:b0:3b:61:
1f:dc:12:08:84:d1:44:58:fd:c5:8e:c1:14:d6:85:39:74:a4:
16:fa:bf:b5:7a:b3:f1:cf:1d:24:16:e7:66:90:13:7a:79:8e:
97:e7:d3:a9
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUSraYjlmHhl46jc6y4Kckcvy80iAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDEwMDMwOTE3NTZaFw0yNTEwMDIwOTIyNTZaMDMxMTAvBgNV
BAMTKDEzQTc2QTAxRjdCNUY0QzlGMDMwNTUyNUVENzc2Q0RGOEY2QkFGOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoCV32zADh8zERZccsYGG7CeKY
Pzfcx96FVpM09430+Nu0q70OgfRBFw2399yFQdC96PTsa9J/RSywbgHwXGhjiFqv
OKJjS+JOYv60VxJzCD4RX53MkCsabfaY5BZcVDIqsFHHtSLBVVt3CzgyzTBP1d93
6VAG2DWgzpi5tKmwIs6wyBXI36EIDYxKdPNOpOACfP9BtWJUls11aUhZKQWQL79B
IYUg+fSXP5G2bSZ9GIRJvsOXTVEXvqKhZ2W+YbH62a7qLLs5Sg7tccHTKoY9F99h
6PX4cCIL9zobjZq+pTiVUIFHzyU0Q+ihv3yedRWhTWmJaZAVQlCCZac+TqG/AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUE6dqAfe19MnwMFUl7Xds349rr5kwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzEzMzMyMmUzOTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNjMyMzczNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2E
YzANBgkqhkiG9w0BAQsFAAOCAQEAmd5CGvjClevDsTVk3AB7zK71vcv57rHa5E3B
3NkWCUBK15zyvtLzsjJVyKQaqZS5NaH4/eaLcKh9CjNWG9pUIkGVIoAd3B3QaGrl
k0ryhoa7ABpE089I7m7Mr5P+z2UpTseXzyhmMYfn2RsuMcYuHBJL6t9l02VZugWU
M6k2drEY/NPDIqstexFHSBv9KCzrNly9tHX+RQD63ETSzO1gsLh73hDabL77+Eev
Cua+HQ+wk5QbGgPzl4dRdG44aK9uwG/FWsTNvJxjt8irzTDt9vOHVW8WsDthH9wS
CITRRFj9xY7BFNaFOXSkFvq/tXqz8c8dJBbnZpATenmOl+fTqQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:41:51 2024 by rpki-client on console-ams.rpki-client.org