Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130372e302f32342d3234203d3e20333938333535.roa
File: 34352e3134362e3130372e302f32342d3234203d3e20333938333535.roa (raw, json)
Hash identifier: u0dbKc3ls1OCu2XxFFnnhVlDpRbvACUZETEl9i9ekXs=
Subject key identifier: 64:D7:41:B7:69:6E:D6:59:70:AD:11:2E:0A:2E:10:FF:89:76:46:C6
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 325D85A177F6C80B4D2FF825B15813CFD9718156
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130372e302f32342d3234203d3e20333938333535.roa
Signing time: Fri 27 Sep 2024 13:43:22 +0000
ROA not before: Fri 27 Sep 2024 13:38:22 +0000
ROA not after: Fri 26 Sep 2025 13:43:22 +0000
asID: 398355
IP address blocks: 45.146.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:5d:85:a1:77:f6:c8:0b:4d:2f:f8:25:b1:58:13:cf:d9:71:81:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Sep 27 13:38:22 2024 GMT
Not After : Sep 26 13:43:22 2025 GMT
Subject: CN=64D741B7696ED65970AD112E0A2E10FF897646C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b8:e0:dd:56:00:c8:2e:1c:78:9c:16:48:c0:
12:a2:53:05:58:56:05:1d:50:b2:9f:a0:59:d8:cb:
4c:aa:83:25:36:9b:26:fd:f1:bb:fe:e3:c2:c2:c7:
f7:f6:b9:96:52:a3:b7:6d:18:3c:34:26:03:15:6d:
96:76:5a:ad:c5:07:2e:11:1f:98:29:bd:e5:63:3a:
a5:62:c9:82:d1:75:a3:cf:5f:06:e2:d5:42:9f:f0:
ff:4d:f3:71:fa:e4:b1:4d:75:5e:79:97:01:5e:d0:
96:e4:5a:27:48:46:94:f6:8b:06:a0:98:27:a5:81:
e6:b3:96:9b:92:1a:c5:9b:0d:54:dd:cc:2c:44:79:
24:bb:e9:8d:49:36:34:66:22:00:43:c5:ca:a9:b9:
f9:c4:a7:28:36:ef:61:7e:c7:f9:57:44:6a:a0:5d:
40:73:4e:b0:ba:62:3c:5c:11:d9:6f:ad:a3:83:96:
20:7f:91:d5:6c:82:44:6c:94:b2:da:39:2b:54:10:
36:1b:03:7f:3e:1d:82:9e:c1:0b:a7:4d:85:f3:46:
7f:cb:05:ab:8a:29:88:1d:50:49:c3:8d:66:88:5b:
bd:30:76:2f:46:0a:87:4b:7b:62:dd:6d:70:3d:1d:
d2:fe:8e:1b:5d:cf:31:31:d8:ac:fb:95:93:a1:77:
71:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:D7:41:B7:69:6E:D6:59:70:AD:11:2E:0A:2E:10:FF:89:76:46:C6
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130372e302f32342d3234203d3e20333938333535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.107.0/24
Signature Algorithm: sha256WithRSAEncryption
46:40:4e:18:e9:ef:5a:43:09:f8:f2:a3:79:c5:2c:a9:1e:cc:
8a:c1:07:14:f0:eb:fa:43:df:60:e3:bb:16:66:1f:9f:60:90:
b6:a4:a9:fc:3f:4e:41:6f:28:47:6d:7f:49:2e:e3:b6:ae:51:
74:82:20:16:e0:aa:13:1c:c3:bd:55:d4:b9:eb:7f:c4:5b:eb:
37:d2:2d:9b:92:82:2e:96:25:de:e0:ef:c2:2d:fb:c7:34:2a:
ce:5e:26:20:2d:e4:6c:9a:16:0d:10:0b:67:68:c4:f4:75:79:
7e:99:86:98:e2:ba:84:7f:dc:db:9e:ef:68:7d:46:8d:b7:2f:
49:db:12:e9:9a:ba:c2:cd:e3:f3:45:12:c2:d2:9c:23:04:ff:
90:34:c0:12:ab:8b:3f:d7:9f:01:61:36:34:56:d5:b8:95:f8:
f9:32:4f:f7:e5:bf:e8:77:61:e4:51:9c:98:1e:95:df:c8:fd:
e3:94:df:62:ff:36:68:d0:93:df:51:c4:14:f0:c1:1a:4b:40:
51:fb:75:c4:e4:51:cc:a7:d2:63:61:a9:25:bd:d8:23:31:e1:
15:51:b0:3d:74:80:fc:ba:cd:f5:32:a1:05:3c:5f:b0:c7:d4:
c4:7a:60:30:47:b2:12:c9:bc:60:69:57:9a:d0:29:24:71:22:
93:e5:42:08
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMl2FoXf2yAtNL/glsVgTz9lxgVYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDA5MjcxMzM4MjJaFw0yNTA5MjYxMzQzMjJaMDMxMTAvBgNV
BAMTKDY0RDc0MUI3Njk2RUQ2NTk3MEFEMTEyRTBBMkUxMEZGODk3NjQ2QzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcuODdVgDILhx4nBZIwBKiUwVY
VgUdULKfoFnYy0yqgyU2myb98bv+48LCx/f2uZZSo7dtGDw0JgMVbZZ2Wq3FBy4R
H5gpveVjOqViyYLRdaPPXwbi1UKf8P9N83H65LFNdV55lwFe0JbkWidIRpT2iwag
mCelgeazlpuSGsWbDVTdzCxEeSS76Y1JNjRmIgBDxcqpufnEpyg272F+x/lXRGqg
XUBzTrC6YjxcEdlvraODliB/kdVsgkRslLLaOStUEDYbA38+HYKewQunTYXzRn/L
BauKKYgdUEnDjWaIW70wdi9GCodLe2LdbXA9HdL+jhtdzzEx2Kz7lZOhd3FRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUZNdBt2lu1llwrREuCi4Q/4l2RsYwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzEzNDM2MmUzMTMw
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzgzMzM1MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtkmswDQYJKoZIhvcNAQELBQADggEBAEZAThjp71pDCfjyo3nFLKkezIrBBxTw
6/pD32DjuxZmH59gkLakqfw/TkFvKEdtf0ku47auUXSCIBbgqhMcw71V1Lnrf8Rb
6zfSLZuSgi6WJd7g78It+8c0Ks5eJiAt5GyaFg0QC2doxPR1eX6ZhpjiuoR/3Nue
72h9Ro23L0nbEumausLN4/NFEsLSnCME/5A0wBKriz/XnwFhNjRW1biV+PkyT/fl
v+h3YeRRnJgeld/I/eOU32L/NmjQk99RxBTwwRpLQFH7dcTkUcyn0mNhqSW92CMx
4RVRsD10gPy6zfUyoQU8X7DH1MR6YDBHshLJvGBpV5rQKSRxIpPlQgg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 07:03:46 2024 by rpki-client on console-fra.rpki-client.org