Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130372e302f32342d3234203d3e20333938343635.roa
File: 34352e3134362e3130372e302f32342d3234203d3e20333938343635.roa (raw, json)
Hash identifier: GUlVJRfT2pYN84+eEDrscnUzyGKelM3Z1i74XVF0D8Y=
Subject key identifier: 9E:D8:25:2D:6A:97:59:A5:C5:FC:B2:E9:AC:94:9E:30:24:18:C9:80
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 3879FF27CC2D837F5C21ADE1BD6D165F1C27797C
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130372e302f32342d3234203d3e20333938343635.roa
Signing time: Thu 04 Apr 2024 11:05:14 +0000
ROA not before: Thu 04 Apr 2024 11:00:14 +0000
ROA not after: Thu 03 Apr 2025 11:05:14 +0000
asID: 398465
IP address blocks: 45.146.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:79:ff:27:cc:2d:83:7f:5c:21:ad:e1:bd:6d:16:5f:1c:27:79:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Apr 4 11:00:14 2024 GMT
Not After : Apr 3 11:05:14 2025 GMT
Subject: CN=9ED8252D6A9759A5C5FCB2E9AC949E302418C980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1d:a4:d4:c7:aa:7a:e8:0b:80:f6:53:f3:b6:
32:9b:f9:d1:b4:e6:ae:f7:71:71:04:d2:a1:3e:13:
3a:29:a6:b9:d2:8b:4b:55:a5:09:95:5d:45:67:ad:
46:c8:b6:1d:af:aa:6a:9b:b9:34:73:03:5a:bc:58:
dd:b3:8d:03:25:45:a4:84:2f:3c:60:a0:b5:19:7d:
81:15:83:73:24:67:8d:a8:87:73:d5:bc:91:f3:70:
d5:93:5b:a8:ae:7c:13:6d:66:49:b6:bc:c1:f0:e0:
4d:a6:74:ea:cd:f1:e3:17:9c:c6:1d:b8:26:a4:f3:
24:1e:21:bb:a4:53:eb:53:1f:39:9a:c5:81:b7:79:
0b:91:a1:fb:70:fa:3f:af:71:4b:70:8b:f2:ba:8d:
86:0d:58:31:52:d9:b1:02:3f:d3:03:5a:ca:b0:a4:
a8:88:50:16:9f:07:d3:bb:a0:5e:c7:08:fb:01:64:
a0:65:47:b0:f3:4e:84:e3:88:f4:56:42:65:52:5b:
ed:40:ec:10:03:79:0b:65:0f:1b:a4:e0:60:12:d3:
d8:d2:aa:71:10:aa:5f:e7:4d:4f:93:65:ee:1c:89:
a9:ab:c6:72:9c:40:89:37:e5:81:48:07:6d:b3:da:
24:b9:36:c7:d1:1b:01:77:01:ea:f5:41:ef:23:fb:
e4:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D8:25:2D:6A:97:59:A5:C5:FC:B2:E9:AC:94:9E:30:24:18:C9:80
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130372e302f32342d3234203d3e20333938343635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.107.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:be:c5:97:69:c0:ca:86:ca:60:c0:f7:f6:57:31:39:b9:64:
2f:5a:26:8b:b6:1f:eb:6e:ac:47:33:ee:c3:56:59:63:4f:8c:
4c:21:19:5e:a5:a9:1c:72:62:c0:91:28:41:09:20:39:c8:6f:
e7:66:ae:a0:0b:9c:6f:5e:02:8f:3a:9e:d4:c7:d2:6e:37:be:
35:a8:1c:b9:b8:3c:86:29:a9:0d:e1:60:99:4e:79:02:c5:94:
25:5c:0b:6d:0c:3c:75:2a:bf:cd:b9:50:80:95:25:26:dc:03:
a8:71:86:8f:eb:ed:e3:6d:4c:e8:33:0a:ac:48:85:a5:49:f8:
11:74:b1:f2:3a:b5:ce:7c:ce:5a:4f:e8:66:13:85:6a:24:9f:
be:86:c0:81:42:ce:56:4b:7b:3f:22:06:b2:41:8d:1e:fc:b9:
ed:9a:09:56:ee:96:48:55:47:f5:40:b2:8e:3d:27:69:ce:09:
08:7f:66:73:17:4c:12:bc:78:f3:6a:fe:70:9c:60:ab:17:b7:
2e:18:b2:3f:85:14:6b:ec:3e:24:a8:b2:42:f2:9f:d6:31:07:
44:2a:69:ea:a1:a2:27:f2:85:52:d0:c8:82:b7:9d:16:72:e1:
e2:e5:7f:b9:b4:78:cb:46:4b:f1:22:ed:81:26:f2:11:cf:c6:
d5:fd:85:60
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOHn/J8wtg39cIa3hvW0WXxwneXwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDA0MDQxMTAwMTRaFw0yNTA0MDMxMTA1MTRaMDMxMTAvBgNV
BAMTKDlFRDgyNTJENkE5NzU5QTVDNUZDQjJFOUFDOTQ5RTMwMjQxOEM5ODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/HaTUx6p66AuA9lPztjKb+dG0
5q73cXEE0qE+EzopprnSi0tVpQmVXUVnrUbIth2vqmqbuTRzA1q8WN2zjQMlRaSE
LzxgoLUZfYEVg3MkZ42oh3PVvJHzcNWTW6iufBNtZkm2vMHw4E2mdOrN8eMXnMYd
uCak8yQeIbukU+tTHzmaxYG3eQuRoftw+j+vcUtwi/K6jYYNWDFS2bECP9MDWsqw
pKiIUBafB9O7oF7HCPsBZKBlR7DzToTjiPRWQmVSW+1A7BADeQtlDxuk4GAS09jS
qnEQql/nTU+TZe4ciamrxnKcQIk35YFIB22z2iS5NsfRGwF3Aer1Qe8j++RHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUntglLWqXWaXF/LLprJSeMCQYyYAwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzEzNDM2MmUzMTMw
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzgzNDM2MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtkmswDQYJKoZIhvcNAQELBQADggEBAGy+xZdpwMqGymDA9/ZXMTm5ZC9aJou2
H+turEcz7sNWWWNPjEwhGV6lqRxyYsCRKEEJIDnIb+dmrqALnG9eAo86ntTH0m43
vjWoHLm4PIYpqQ3hYJlOeQLFlCVcC20MPHUqv825UICVJSbcA6hxho/r7eNtTOgz
CqxIhaVJ+BF0sfI6tc58zlpP6GYThWokn76GwIFCzlZLez8iBrJBjR78ue2aCVbu
lkhVR/VAso49J2nOCQh/ZnMXTBK8ePNq/nCcYKsXty4Ysj+FFGvsPiSoskLyn9Yx
B0QqaeqhoifyhVLQyIK3nRZy4eLlf7m0eMtGS/Ei7YEm8hHPxtX9hWA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:41:51 2024 by rpki-client on console-ams.rpki-client.org