Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130342e302f32342d3234203d3e20323039303433.roa
File: 34352e3134362e3130342e302f32342d3234203d3e20323039303433.roa (raw, json)
Hash identifier: ZnYUjPHbPWPU89zXMQJVEpnqNb3t67tabEJahxbwxKM=
Subject key identifier: 0B:00:22:A6:92:49:AF:E8:AD:5B:18:02:A1:85:08:57:D4:E3:AF:BB
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 040B0B7C300374AE7C7C2FA98D4BE590FB000F38
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130342e302f32342d3234203d3e20323039303433.roa
Signing time: Thu 04 Apr 2024 11:05:15 +0000
ROA not before: Thu 04 Apr 2024 11:00:15 +0000
ROA not after: Thu 03 Apr 2025 11:05:15 +0000
asID: 209043
IP address blocks: 45.146.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:0b:0b:7c:30:03:74:ae:7c:7c:2f:a9:8d:4b:e5:90:fb:00:0f:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Apr 4 11:00:15 2024 GMT
Not After : Apr 3 11:05:15 2025 GMT
Subject: CN=0B0022A69249AFE8AD5B1802A1850857D4E3AFBB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c0:e5:f7:14:5b:88:a2:b0:32:d9:6d:a4:38:
db:15:b8:e1:b9:95:5d:e1:85:de:b7:ad:14:fb:7e:
01:49:d0:30:17:40:70:7c:e7:62:98:c6:41:fe:8b:
37:d7:96:09:c6:41:03:0f:f8:84:d7:04:2f:49:53:
3a:4c:7a:9b:04:7c:b2:1a:f8:f9:cc:da:76:7d:6e:
f1:62:8a:2f:19:fa:c6:8d:72:60:67:26:e8:df:cd:
66:d0:ed:14:d8:7b:59:2d:b4:18:60:63:7a:30:ad:
54:c6:6f:84:ce:12:1b:81:65:46:a6:e1:ce:32:46:
aa:47:d0:18:18:dd:c6:d8:63:ff:02:f1:8b:09:07:
7e:78:82:72:3f:07:14:df:98:61:e5:34:62:f0:5f:
db:7d:2c:de:7a:e7:1f:4e:49:e8:cb:2c:21:3d:03:
1e:f3:bd:de:2a:ad:65:05:a2:6c:b6:ac:98:0f:64:
9e:a8:a5:f9:d1:0f:3d:b9:b2:ba:df:f6:9a:46:26:
ba:45:08:c2:b6:ea:96:d9:b3:ee:dc:4c:76:02:9e:
ee:50:a7:53:25:c6:dd:5d:18:44:85:67:ce:ba:2d:
d7:20:d7:e3:80:e0:44:82:b1:0d:20:bd:1c:3f:fb:
16:1e:26:db:15:8a:3c:5e:e8:b2:22:90:9e:17:35:
ad:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:00:22:A6:92:49:AF:E8:AD:5B:18:02:A1:85:08:57:D4:E3:AF:BB
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130342e302f32342d3234203d3e20323039303433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.104.0/24
Signature Algorithm: sha256WithRSAEncryption
25:66:c2:24:bc:54:4e:2f:97:6b:c6:8a:fa:8a:34:45:69:3d:
3d:66:ea:3e:2c:c8:3b:11:7d:af:3b:63:ff:7d:dc:f9:0b:b1:
b4:d4:a4:32:91:17:aa:55:f2:e8:17:08:86:e3:d7:42:61:9b:
9d:04:ef:b3:e7:e4:18:24:36:2d:1a:e9:77:18:db:d5:fe:c6:
5c:47:2b:fb:5e:ea:e3:c5:d0:82:f0:23:d2:7f:ca:27:e9:56:
5e:d6:ec:59:ed:53:f9:bf:e5:7b:91:88:67:4b:67:65:72:c8:
03:81:c5:9c:18:0b:16:96:f3:2e:eb:2b:b5:10:7c:e9:20:94:
9f:4f:65:30:95:0d:61:e8:17:05:95:b9:f8:1b:16:a1:a9:ca:
29:c2:d1:32:bc:ef:67:4e:66:5a:ca:bd:80:d3:11:87:7b:1f:
49:33:de:d0:82:43:29:b9:69:2f:fb:6a:97:a5:6c:d0:fe:6c:
85:e1:e5:39:41:ce:73:43:68:bf:d2:98:27:f4:01:b5:8c:53:
ba:9a:87:9d:55:18:ec:2e:85:a7:e5:f3:b1:ea:a2:65:4c:e9:
8f:34:8b:37:af:3c:39:ae:31:e8:c7:10:69:7f:56:75:ef:ac:
fb:41:29:ad:b0:13:ae:35:1e:96:ea:31:d1:b6:10:6a:6f:d6:
ee:ab:e6:68
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUBAsLfDADdK58fC+pjUvlkPsADzgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDA0MDQxMTAwMTVaFw0yNTA0MDMxMTA1MTVaMDMxMTAvBgNV
BAMTKDBCMDAyMkE2OTI0OUFGRThBRDVCMTgwMkExODUwODU3RDRFM0FGQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCwOX3FFuIorAy2W2kONsVuOG5
lV3hhd63rRT7fgFJ0DAXQHB852KYxkH+izfXlgnGQQMP+ITXBC9JUzpMepsEfLIa
+PnM2nZ9bvFiii8Z+saNcmBnJujfzWbQ7RTYe1kttBhgY3owrVTGb4TOEhuBZUam
4c4yRqpH0BgY3cbYY/8C8YsJB354gnI/BxTfmGHlNGLwX9t9LN565x9OSejLLCE9
Ax7zvd4qrWUFomy2rJgPZJ6opfnRDz25srrf9ppGJrpFCMK26pbZs+7cTHYCnu5Q
p1Mlxt1dGESFZ866Ldcg1+OA4ESCsQ0gvRw/+xYeJtsVijxe6LIikJ4XNa2JAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUCwAippJJr+itWxgCoYUIV9Tjr7swHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzEzNDM2MmUzMTMw
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzkzMDM0MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtkmgwDQYJKoZIhvcNAQELBQADggEBACVmwiS8VE4vl2vGivqKNEVpPT1m6j4s
yDsRfa87Y/993PkLsbTUpDKRF6pV8ugXCIbj10Jhm50E77Pn5BgkNi0a6XcY29X+
xlxHK/te6uPF0ILwI9J/yifpVl7W7FntU/m/5XuRiGdLZ2VyyAOBxZwYCxaW8y7r
K7UQfOkglJ9PZTCVDWHoFwWVufgbFqGpyinC0TK872dOZlrKvYDTEYd7H0kz3tCC
Qym5aS/7apelbND+bIXh5TlBznNDaL/SmCf0AbWMU7qah51VGOwuhafl87HqomVM
6Y80izevPDmuMejHEGl/VnXvrPtBKa2wE641HpbqMdG2EGpv1u6r5mg=
-----END CERTIFICATE-----
Generated at Sun May 12 01:38:53 2024 by rpki-client on console-fra.rpki-client.org