Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e38302e372e302f32342d3234203d3e203631333137.roa
File: 34352e38302e372e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: cfoa5TrQOooKFb96kBpn8ATLd5440wZNDCzaNFEUg3c=
Subject key identifier: 21:8B:49:C7:95:24:71:AD:6F:EF:8B:2E:96:18:76:1F:58:70:B9:E7
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 22318878FFBDDCDF4D2AAC499F65FF6B0B3A8172
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e38302e372e302f32342d3234203d3e203631333137.roa
Signing time: Sat 20 Apr 2024 21:05:16 +0000
ROA not before: Sat 20 Apr 2024 21:00:16 +0000
ROA not after: Sat 19 Apr 2025 21:05:16 +0000
asID: 61317
IP address blocks: 45.80.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:31:88:78:ff:bd:dc:df:4d:2a:ac:49:9f:65:ff:6b:0b:3a:81:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Apr 20 21:00:16 2024 GMT
Not After : Apr 19 21:05:16 2025 GMT
Subject: CN=218B49C7952471AD6FEF8B2E9618761F5870B9E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:82:c2:1d:91:5f:b5:01:66:42:45:a0:89:3e:
4d:93:06:01:d4:f7:ce:c7:27:26:87:5e:b9:4c:58:
78:80:99:0d:ca:f4:56:e3:f1:ad:11:ce:f6:30:17:
26:65:fe:69:c3:24:a0:5d:63:bf:92:28:c0:e5:ad:
33:e8:01:55:53:72:38:40:49:ee:63:5f:bd:73:a9:
59:0a:e7:b7:aa:7c:bf:aa:a5:b2:ca:e3:e2:68:46:
fb:aa:b0:cb:75:06:1a:dd:40:d2:0a:12:f2:e6:52:
c6:ec:32:b8:08:ed:bd:1d:02:c5:ad:5e:8d:ff:97:
a4:bb:f8:b0:a6:62:88:ca:36:fd:43:e0:4e:f0:73:
6b:9d:b3:d6:85:8c:f9:6c:ea:59:cb:ce:a0:e3:41:
f7:8d:d5:06:74:c8:93:38:bb:89:9e:ac:ca:91:70:
08:44:e5:33:30:f0:c2:49:3b:4f:cb:1d:ce:4c:8b:
40:41:65:28:80:9f:72:83:82:63:57:85:65:47:5f:
d5:ab:0d:c6:79:dd:6a:96:65:06:62:42:62:75:18:
67:91:47:be:44:30:a9:a8:f0:c9:6c:a5:5f:ab:2b:
a8:41:21:da:d4:8a:fe:ab:be:ed:68:92:79:d2:56:
c3:45:b4:f1:89:cb:04:af:e0:95:66:be:8f:e9:e1:
38:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:8B:49:C7:95:24:71:AD:6F:EF:8B:2E:96:18:76:1F:58:70:B9:E7
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e38302e372e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.7.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:72:f1:2c:3a:e4:9f:e6:8a:3e:54:1c:7d:91:a5:b5:ee:f0:
22:f8:69:93:3b:cd:f8:c1:79:58:23:ce:fd:c7:a4:bf:5f:6a:
4a:d6:39:e6:be:81:53:a2:4a:15:9a:cd:0e:8c:7c:fa:fe:d9:
c1:b6:32:81:76:86:cd:0b:9b:7c:0d:12:38:20:fc:1d:80:27:
2d:1d:7a:3a:01:17:53:14:ab:7f:8c:18:2a:14:e6:30:76:59:
54:6b:a4:c9:10:a0:e9:b1:14:6c:85:7e:a3:f3:d7:8f:e7:f7:
60:b2:19:07:44:20:54:bf:0e:55:af:f0:53:41:3f:27:2f:1e:
7e:c8:55:00:eb:d4:f6:57:da:dd:99:e7:e6:7f:fc:fd:12:97:
de:f2:4d:e5:76:62:e2:20:3a:18:54:92:6d:c6:86:0b:ad:92:
11:2d:42:69:ba:99:94:e4:0f:16:be:9b:3d:2d:d8:c2:6c:e7:
c1:c1:57:f3:07:d5:c3:bb:99:6e:1e:8d:c9:92:67:c9:fe:50:
0b:d7:6a:c2:fa:87:fb:28:71:bb:41:b7:9a:5d:80:5d:b8:20:
5b:43:de:3c:b2:87:89:b4:a1:88:76:69:20:29:cd:53:c3:d0:
b6:f2:95:54:c6:4d:50:99:c7:88:84:8c:97:5a:62:97:69:b6:
fc:d2:16:28
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUIjGIeP+93N9NKqxJn2X/aws6gXIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDA0MjAyMTAwMTZaFw0yNTA0MTkyMTA1MTZaMDMxMTAvBgNV
BAMTKDIxOEI0OUM3OTUyNDcxQUQ2RkVGOEIyRTk2MTg3NjFGNTg3MEI5RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGgsIdkV+1AWZCRaCJPk2TBgHU
987HJyaHXrlMWHiAmQ3K9Fbj8a0RzvYwFyZl/mnDJKBdY7+SKMDlrTPoAVVTcjhA
Se5jX71zqVkK57eqfL+qpbLK4+JoRvuqsMt1BhrdQNIKEvLmUsbsMrgI7b0dAsWt
Xo3/l6S7+LCmYojKNv1D4E7wc2uds9aFjPls6lnLzqDjQfeN1QZ0yJM4u4merMqR
cAhE5TMw8MJJO0/LHc5Mi0BBZSiAn3KDgmNXhWVHX9WrDcZ53WqWZQZiQmJ1GGeR
R75EMKmo8MlspV+rK6hBIdrUiv6rvu1oknnSVsNFtPGJywSv4JVmvo/p4ThpAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUIYtJx5Ukca1v74sulhh2H1hwuecwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzgzMDJlMzcyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVAHMA0G
CSqGSIb3DQEBCwUAA4IBAQA8cvEsOuSf5oo+VBx9kaW17vAi+GmTO834wXlYI879
x6S/X2pK1jnmvoFTokoVms0OjHz6/tnBtjKBdobNC5t8DRI4IPwdgCctHXo6ARdT
FKt/jBgqFOYwdllUa6TJEKDpsRRshX6j89eP5/dgshkHRCBUvw5Vr/BTQT8nLx5+
yFUA69T2V9rdmefmf/z9Epfe8k3ldmLiIDoYVJJtxoYLrZIRLUJpupmU5A8Wvps9
LdjCbOfBwVfzB9XDu5luHo3JkmfJ/lAL12rC+of7KHG7QbeaXYBduCBbQ948soeJ
tKGIdmkgKc1Tw9C28pVUxk1QmceIhIyXWmKXabb80hYo
-----END CERTIFICATE-----
Generated at Wed Apr 24 20:12:25 2024 by rpki-client on console-ams.rpki-client.org