Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130362e302f32342d3234203d3e20323034313135.roa
File: 34352e3134362e3130362e302f32342d3234203d3e20323034313135.roa (raw, json)
Hash identifier: 4AqBE13JMqEa0bkQhzdgGW00WgS9NfoPlamgxlTIres=
Subject key identifier: 44:42:38:9D:03:58:A7:DB:07:16:59:EA:42:3B:C9:B7:26:75:9D:15
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 40A051722BEBA3EAB77DE8AEDADCC5D01936ADE4
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130362e302f32342d3234203d3e20323034313135.roa
Signing time: Fri 10 May 2024 11:57:43 +0000
ROA not before: Fri 10 May 2024 11:52:43 +0000
ROA not after: Fri 09 May 2025 11:57:43 +0000
asID: 204115
IP address blocks: 45.146.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:a0:51:72:2b:eb:a3:ea:b7:7d:e8:ae:da:dc:c5:d0:19:36:ad:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: May 10 11:52:43 2024 GMT
Not After : May 9 11:57:43 2025 GMT
Subject: CN=4442389D0358A7DB071659EA423BC9B726759D15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:93:47:30:69:ee:9e:1d:4c:08:45:8f:3b:7b:
7b:3d:c0:0e:5e:4f:14:ee:88:1e:03:6a:d9:6c:ac:
32:bd:a6:06:ba:13:11:e3:f3:6a:d5:77:0d:17:04:
f2:dd:50:1d:ce:41:4b:ce:b4:ba:b5:c0:e9:0f:99:
2d:81:b7:8b:42:f1:10:f5:7d:ae:cc:63:68:6d:c9:
e4:31:be:e3:ea:74:e2:5d:3b:0d:e7:57:79:15:82:
d0:b7:f0:9e:05:e5:c8:f3:d2:0a:d5:73:3a:21:1c:
fc:51:23:4c:1f:cd:24:a7:29:ff:61:21:15:b6:d3:
75:8c:66:de:bf:38:bd:3c:4c:2c:54:57:ae:88:a2:
8f:ac:a4:ef:e6:9a:80:21:da:d7:bf:a3:8e:32:1f:
58:da:53:ac:84:47:e5:c6:db:54:0b:13:dc:0d:99:
9f:5a:27:83:b0:e8:a8:a9:de:b5:6a:8e:a6:d8:fc:
fe:5d:8f:f4:ff:13:a5:80:2a:44:97:21:45:6b:78:
1b:cc:b1:e1:dc:2a:6e:05:40:d4:eb:cf:45:b7:82:
e1:d9:a0:c2:34:a9:c7:9e:9d:5d:e6:27:2c:33:79:
ef:60:64:8a:35:2f:71:be:71:58:52:c4:05:fc:3f:
67:1e:bb:88:f0:3b:20:c1:e8:f3:57:28:c0:ec:e9:
f9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:42:38:9D:03:58:A7:DB:07:16:59:EA:42:3B:C9:B7:26:75:9D:15
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130362e302f32342d3234203d3e20323034313135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.106.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:d9:b9:aa:7f:86:65:76:56:2b:49:52:b2:fb:75:74:42:f1:
15:97:f7:92:68:8e:98:fe:fa:29:ce:1f:cd:4f:d1:53:63:6a:
93:55:9a:99:1f:eb:9b:54:5e:64:2b:8d:e7:1c:3e:66:73:52:
83:46:3c:7d:72:84:6f:f4:b3:c1:61:9c:85:fd:8d:1a:4f:b4:
49:53:0a:df:a3:e3:36:f5:a4:c4:f9:7a:5e:e3:f2:56:9e:7f:
68:73:85:d8:d3:02:67:48:e5:a0:9a:b5:aa:a4:b9:6f:89:11:
52:05:61:05:a4:1f:6d:83:f4:df:d1:91:ae:85:10:79:02:45:
b9:3e:d1:3c:7f:ab:00:aa:77:da:8d:c3:73:68:a2:da:87:f6:
72:0e:34:67:c2:be:c4:83:82:11:63:73:f1:03:2e:17:37:c3:
89:af:8c:1f:a8:24:fe:c7:06:23:3c:28:19:f5:a6:d7:41:91:
ce:56:92:4d:3b:08:e9:9f:f1:34:c8:76:62:77:10:cd:b8:32:
95:ed:9e:f0:92:3a:22:28:28:90:f2:de:50:d3:99:14:22:62:
c7:e7:d3:57:b8:21:ee:07:e9:93:c8:cb:a3:ad:87:45:cb:26:
16:62:95:57:a6:6f:06:67:37:9d:89:53:32:1c:60:a2:2c:c3:
25:e2:47:93
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQKBRcivro+q3feiu2tzF0Bk2reQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDA1MTAxMTUyNDNaFw0yNTA1MDkxMTU3NDNaMDMxMTAvBgNV
BAMTKDQ0NDIzODlEMDM1OEE3REIwNzE2NTlFQTQyM0JDOUI3MjY3NTlEMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0k0cwae6eHUwIRY87e3s9wA5e
TxTuiB4DatlsrDK9pga6ExHj82rVdw0XBPLdUB3OQUvOtLq1wOkPmS2Bt4tC8RD1
fa7MY2htyeQxvuPqdOJdOw3nV3kVgtC38J4F5cjz0grVczohHPxRI0wfzSSnKf9h
IRW203WMZt6/OL08TCxUV66Ioo+spO/mmoAh2te/o44yH1jaU6yER+XG21QLE9wN
mZ9aJ4Ow6Kip3rVqjqbY/P5dj/T/E6WAKkSXIUVreBvMseHcKm4FQNTrz0W3guHZ
oMI0qceenV3mJywzee9gZIo1L3G+cVhSxAX8P2ceu4jwOyDB6PNXKMDs6fn7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUREI4nQNYp9sHFlnqQjvJtyZ1nRUwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzEzNDM2MmUzMTMw
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzMTMxMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtkmowDQYJKoZIhvcNAQELBQADggEBAKfZuap/hmV2VitJUrL7dXRC8RWX95Jo
jpj++inOH81P0VNjapNVmpkf65tUXmQrjeccPmZzUoNGPH1yhG/0s8FhnIX9jRpP
tElTCt+j4zb1pMT5el7j8laef2hzhdjTAmdI5aCataqkuW+JEVIFYQWkH22D9N/R
ka6FEHkCRbk+0Tx/qwCqd9qNw3NootqH9nIONGfCvsSDghFjc/EDLhc3w4mvjB+o
JP7HBiM8KBn1ptdBkc5Wkk07COmf8TTIdmJ3EM24MpXtnvCSOiIoKJDy3lDTmRQi
Ysfn01e4Ie4H6ZPIy6Oth0XLJhZilVembwZnN52JUzIcYKIswyXiR5M=
-----END CERTIFICATE-----
Generated at Sun May 12 02:35:59 2024 by rpki-client on console-ams.rpki-client.org