Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34362e3235332e3134312e302f32342d3234203d3e20323031333431.roa
File: 34362e3235332e3134312e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: LcZq6ebgqlwWUu9VmjZ3fzizYz8J88DrwVPBWewErEk=
Subject key identifier: E9:92:11:D2:96:04:F9:D4:90:2C:82:42:F5:FB:69:E8:DB:17:46:90
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 7DDDDAC8A1F209AE075540C1429BC22003974503
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34362e3235332e3134312e302f32342d3234203d3e20323031333431.roa
Signing time: Thu 21 Nov 2024 16:44:20 +0000
ROA not before: Thu 21 Nov 2024 16:39:20 +0000
ROA not after: Thu 20 Nov 2025 16:44:20 +0000
asID: 201341
IP address blocks: 46.253.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:dd:da:c8:a1:f2:09:ae:07:55:40:c1:42:9b:c2:20:03:97:45:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Nov 21 16:39:20 2024 GMT
Not After : Nov 20 16:44:20 2025 GMT
Subject: CN=E99211D29604F9D4902C8242F5FB69E8DB174690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:92:08:27:26:9e:d6:62:7d:d1:0c:fb:34:91:
1a:62:d7:ce:3f:b1:19:5e:8f:55:ca:e3:43:e7:73:
dc:1f:8e:92:64:10:b9:c7:7d:86:43:d5:f6:db:01:
db:d8:b6:68:76:b3:66:d3:ff:58:38:95:dd:b1:a6:
47:6d:e4:18:1d:01:48:5b:91:5f:36:6e:a2:21:95:
0c:73:f4:b8:0c:a1:2c:b7:99:8b:e3:36:29:68:06:
1d:13:08:1d:5c:6d:6b:27:c8:7f:2b:b1:a9:8c:e2:
81:bd:1c:e5:f6:94:f6:ed:c9:c8:b9:0e:dd:75:2c:
a5:c8:ee:01:6b:9a:14:3e:2e:e0:13:d6:29:cb:7a:
5f:53:94:53:4b:dd:f6:0b:ec:3d:68:d0:10:ed:fc:
ce:61:58:03:29:81:32:52:38:ef:35:e7:e4:34:b4:
16:20:47:4c:59:64:b7:c5:31:8c:eb:3d:dd:cd:25:
8f:c6:a3:1d:ab:90:77:f9:18:c9:9c:54:84:ab:39:
12:7e:35:a0:0d:16:d8:59:62:56:1c:e2:55:8a:46:
0c:12:d6:e6:e7:10:38:b1:18:13:37:af:63:cb:11:
05:da:8b:54:a9:4b:88:a9:a7:78:f0:cd:d5:a0:d5:
d2:66:f7:f4:e8:a7:d3:d0:58:06:17:c4:37:90:30:
74:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:92:11:D2:96:04:F9:D4:90:2C:82:42:F5:FB:69:E8:DB:17:46:90
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34362e3235332e3134312e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.141.0/24
Signature Algorithm: sha256WithRSAEncryption
97:18:4b:39:30:f0:b3:58:61:1b:01:b5:5e:22:13:dd:be:a1:
86:50:4a:dc:4c:74:44:f3:1d:03:3a:8a:e0:90:e9:14:85:09:
a3:63:05:14:4e:10:6b:94:d6:c3:56:a7:30:55:37:ea:f1:b1:
5d:c5:0e:43:57:b5:77:ba:09:f8:ca:c1:18:cf:ac:3a:65:a2:
e4:59:1b:5d:70:2c:39:63:6a:8f:b1:27:e2:1d:72:35:d2:af:
24:7a:82:cf:5e:22:96:2b:8f:2a:67:34:1b:6e:69:84:e6:4e:
87:96:2c:5b:77:c9:f8:a5:04:83:a2:08:14:d0:04:f5:a0:4d:
0b:3e:94:8d:57:4d:a3:e1:86:8b:0c:ba:9f:de:cb:2f:04:38:
55:b3:19:08:97:ec:c3:65:39:c0:6a:60:fe:7c:62:e8:a6:9f:
7f:27:8a:cc:77:99:74:dc:23:ac:12:0e:fa:e3:92:89:dc:d8:
10:d6:71:97:8d:4c:82:b1:38:ee:d6:6c:b4:60:5c:f7:6e:a4:
54:9c:0e:80:33:e0:62:26:69:f1:60:4f:0f:fd:35:0f:c4:40:
8c:4b:d8:48:4c:db:ee:52:d7:12:0e:23:3c:b4:d7:ca:61:8d:
f8:d3:62:99:47:d8:11:ce:dd:7b:9d:71:c4:a9:37:51:9e:36:
cf:e5:26:b2
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUfd3ayKHyCa4HVUDBQpvCIAOXRQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDExMjExNjM5MjBaFw0yNTExMjAxNjQ0MjBaMDMxMTAvBgNV
BAMTKEU5OTIxMUQyOTYwNEY5RDQ5MDJDODI0MkY1RkI2OUU4REIxNzQ2OTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEkggnJp7WYn3RDPs0kRpi184/
sRlej1XK40Pnc9wfjpJkELnHfYZD1fbbAdvYtmh2s2bT/1g4ld2xpkdt5BgdAUhb
kV82bqIhlQxz9LgMoSy3mYvjNiloBh0TCB1cbWsnyH8rsamM4oG9HOX2lPbtyci5
Dt11LKXI7gFrmhQ+LuAT1inLel9TlFNL3fYL7D1o0BDt/M5hWAMpgTJSOO815+Q0
tBYgR0xZZLfFMYzrPd3NJY/Gox2rkHf5GMmcVISrORJ+NaANFthZYlYc4lWKRgwS
1ubnEDixGBM3r2PLEQXai1SpS4ipp3jwzdWg1dJm9/Top9PQWAYXxDeQMHS9AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU6ZIR0pYE+dSQLIJC9ftp6NsXRpAwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM2MmUzMjM1MzMy
ZTMxMzQzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMTMzMzQzMS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAC79jTANBgkqhkiG9w0BAQsFAAOCAQEAlxhLOTDws1hhGwG1XiIT3b6h
hlBK3Ex0RPMdAzqK4JDpFIUJo2MFFE4Qa5TWw1anMFU36vGxXcUOQ1e1d7oJ+MrB
GM+sOmWi5FkbXXAsOWNqj7En4h1yNdKvJHqCz14iliuPKmc0G25phOZOh5YsW3fJ
+KUEg6IIFNAE9aBNCz6UjVdNo+GGiwy6n97LLwQ4VbMZCJfsw2U5wGpg/nxi6Kaf
fyeKzHeZdNwjrBIO+uOSidzYENZxl41MgrE47tZstGBc926kVJwOgDPgYiZp8WBP
D/01D8RAjEvYSEzb7lLXEg4jPLTXymGN+NNimUfYEc7de51xxKk3UZ42z+Umsg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:14 2024 by rpki-client on console-fra.rpki-client.org