Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130352e302f32342d3234203d3e20323132323338.roa
File: 34352e3134362e3130352e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: pxOWseXs+CG9Ehl+hwiI57PufvoOvbHdYojZXKOLTjQ=
Subject key identifier: A6:B9:30:47:07:6B:8C:8E:59:B1:34:96:F6:8A:BC:80:94:13:FF:28
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 1341ECBEE8E4D3A5E9214678C15C00C680C25C75
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130352e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 04 Apr 2024 11:05:14 +0000
ROA not before: Thu 04 Apr 2024 11:00:14 +0000
ROA not after: Thu 03 Apr 2025 11:05:14 +0000
asID: 212238
IP address blocks: 45.146.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:41:ec:be:e8:e4:d3:a5:e9:21:46:78:c1:5c:00:c6:80:c2:5c:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Apr 4 11:00:14 2024 GMT
Not After : Apr 3 11:05:14 2025 GMT
Subject: CN=A6B93047076B8C8E59B13496F68ABC809413FF28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ae:0d:e3:16:70:e9:99:ec:5e:0c:db:46:ae:
be:fa:9b:da:89:c7:7f:59:09:a7:b2:bc:2c:10:59:
69:88:85:72:82:5a:3a:e9:d5:6d:74:c4:73:ca:f2:
e1:e7:a1:d5:85:a4:ad:98:34:d7:8d:a2:95:a9:b9:
a6:0e:3e:83:ac:99:cd:06:70:4a:fc:ae:ad:a7:86:
8f:fb:24:cc:69:44:fc:93:a8:10:c3:94:d4:40:71:
86:37:96:a9:68:07:c9:73:e5:68:cd:fe:72:f2:e1:
a7:e3:c7:ae:32:e7:da:64:24:3e:d3:a0:c4:da:f2:
99:95:1e:77:bd:5f:9a:51:30:92:79:59:0d:68:c2:
bb:e9:af:04:2e:f4:a7:d9:75:07:d9:9c:34:62:83:
35:ac:23:90:98:2a:fd:9c:74:4d:d9:21:5d:55:7c:
58:6d:1a:b8:22:4f:fd:28:62:a6:c4:b4:a1:f8:1d:
d1:cb:aa:86:0e:d4:52:ea:e1:c7:13:fd:d3:4b:ac:
50:72:ad:95:06:f2:25:60:f3:12:54:20:a6:a5:e6:
2a:fa:ba:de:5e:d7:a2:eb:ac:59:60:5e:03:97:5d:
87:a6:8c:3f:4e:86:70:13:7f:7d:f4:b1:24:f5:96:
23:92:e7:ac:75:c2:aa:15:5e:3b:8d:35:34:ec:ce:
89:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B9:30:47:07:6B:8C:8E:59:B1:34:96:F6:8A:BC:80:94:13:FF:28
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130352e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.105.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:cf:9d:91:7f:66:d0:fd:66:06:11:11:da:47:81:93:22:e4:
42:a7:5b:b7:ec:79:94:64:97:2c:6c:21:3b:c5:77:27:71:7c:
70:9d:98:73:4e:b1:3b:e8:be:39:54:4f:80:7c:e6:63:e9:06:
fe:7c:f3:be:1d:82:55:fe:57:7b:a1:60:7b:c8:d4:ab:4e:83:
19:2c:42:e9:c1:50:fa:9a:a9:b0:ff:36:79:91:5b:f1:ba:11:
25:ca:7a:c8:80:7c:64:0e:bb:1f:d0:5f:8d:14:2e:60:e8:18:
76:e1:d2:ee:67:81:37:0c:8f:0b:0e:1f:46:07:1e:e2:e8:02:
f8:10:31:ad:cd:fb:cc:c9:52:a5:62:7b:c4:53:e4:9e:bd:7c:
7a:b3:ba:a0:b6:2f:53:22:a9:ef:3d:a0:7f:3d:52:6b:58:fe:
6a:9f:0d:9f:97:ac:68:75:44:bf:65:a7:59:0e:84:79:57:01:
8d:56:98:c8:8a:42:5f:c3:ed:ca:d9:c6:cc:ba:88:b2:27:55:
c7:3b:53:6f:bf:3a:85:8b:9b:49:c0:01:a8:c9:b1:94:98:47:
30:8f:f2:4d:b5:d3:45:b1:25:83:31:74:30:3d:c0:5a:72:ee:
b8:b6:c4:af:22:5b:a1:96:17:29:55:17:d7:c7:44:44:05:90:
02:4e:7c:de
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUE0Hsvujk06XpIUZ4wVwAxoDCXHUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDA0MDQxMTAwMTRaFw0yNTA0MDMxMTA1MTRaMDMxMTAvBgNV
BAMTKEE2QjkzMDQ3MDc2QjhDOEU1OUIxMzQ5NkY2OEFCQzgwOTQxM0ZGMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsrg3jFnDpmexeDNtGrr76m9qJ
x39ZCaeyvCwQWWmIhXKCWjrp1W10xHPK8uHnodWFpK2YNNeNopWpuaYOPoOsmc0G
cEr8rq2nho/7JMxpRPyTqBDDlNRAcYY3lqloB8lz5WjN/nLy4afjx64y59pkJD7T
oMTa8pmVHne9X5pRMJJ5WQ1owrvprwQu9KfZdQfZnDRigzWsI5CYKv2cdE3ZIV1V
fFhtGrgiT/0oYqbEtKH4HdHLqoYO1FLq4ccT/dNLrFByrZUG8iVg8xJUIKal5ir6
ut5e16LrrFlgXgOXXYemjD9OhnATf330sST1liOS56x1wqoVXjuNNTTszokXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUprkwRwdrjI5ZsTSW9oq8gJQT/ygwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzEzNDM2MmUzMTMw
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtkmkwDQYJKoZIhvcNAQELBQADggEBAM/PnZF/ZtD9ZgYREdpHgZMi5EKnW7fs
eZRklyxsITvFdydxfHCdmHNOsTvovjlUT4B85mPpBv58874dglX+V3uhYHvI1KtO
gxksQunBUPqaqbD/NnmRW/G6ESXKesiAfGQOux/QX40ULmDoGHbh0u5ngTcMjwsO
H0YHHuLoAvgQMa3N+8zJUqVie8RT5J69fHqzuqC2L1Miqe89oH89UmtY/mqfDZ+X
rGh1RL9lp1kOhHlXAY1WmMiKQl/D7crZxsy6iLInVcc7U2+/OoWLm0nAAajJsZSY
RzCP8k2100WxJYMxdDA9wFpy7ri2xK8iW6GWFylVF9fHREQFkAJOfN4=
-----END CERTIFICATE-----
Generated at Sun Apr 28 05:52:17 2024 by rpki-client on console-ams.rpki-client.org