Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3132392e33332e302f32342d3234203d3e20323032343235.roa
File: 34352e3132392e33332e302f32342d3234203d3e20323032343235.roa (raw, json)
Hash identifier: qbQkNSb8A3aGzhwz6+8ZrwJUzZHFTPmlIlQ6PSLjYk4=
Subject key identifier: D2:8C:68:83:D9:3C:DD:1B:A2:82:C2:AC:25:5D:BF:63:47:20:59:5A
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 773B53585A5D702B9EDCD84E759D11E49CC950F9
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3132392e33332e302f32342d3234203d3e20323032343235.roa
Signing time: Mon 26 Feb 2024 08:52:57 +0000
ROA not before: Mon 26 Feb 2024 08:47:57 +0000
ROA not after: Mon 24 Feb 2025 08:52:57 +0000
asID: 202425
IP address blocks: 45.129.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:3b:53:58:5a:5d:70:2b:9e:dc:d8:4e:75:9d:11:e4:9c:c9:50:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:57 2024 GMT
Not After : Feb 24 08:52:57 2025 GMT
Subject: CN=D28C6883D93CDD1BA282C2AC255DBF634720595A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ad:e2:5c:7d:4d:dc:c8:69:a7:f8:20:8f:4a:
ba:86:28:17:21:7b:7a:62:d7:2e:c1:40:73:50:8f:
4b:f8:14:e3:67:73:fc:c7:14:54:25:29:27:eb:04:
96:5a:b2:84:22:f4:78:4b:62:02:4d:13:22:8a:15:
54:e7:9c:7e:47:d0:31:fc:fb:09:cf:22:2e:b3:ca:
95:5d:6e:bf:19:19:38:1e:4a:8c:b6:be:3d:1b:d2:
9c:0d:77:96:de:0a:f8:db:a9:86:f2:e0:df:cf:ac:
e4:53:63:a8:67:78:1c:97:8c:49:c4:c9:69:b9:2d:
a1:88:b3:56:65:e7:cf:84:15:df:ac:42:38:d2:a9:
ff:0b:45:32:ae:62:15:de:0d:c2:52:65:73:38:75:
34:a2:0f:52:a8:17:c0:86:7c:4b:ed:bb:5f:df:66:
82:c6:3f:fd:c0:5b:25:a6:a2:57:4e:85:46:ec:a9:
52:4c:1e:12:c0:9c:74:8c:7b:df:0d:25:15:da:93:
69:a8:03:63:79:cf:92:d3:17:07:9f:ff:55:f0:ba:
77:94:28:63:56:45:d0:8d:07:af:eb:6f:76:4c:58:
98:09:44:0e:e3:fa:be:82:da:9b:ee:21:d5:4f:a0:
bc:9d:4d:ec:32:d4:57:d5:bd:c9:77:54:74:6d:83:
8a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:8C:68:83:D9:3C:DD:1B:A2:82:C2:AC:25:5D:BF:63:47:20:59:5A
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3132392e33332e302f32342d3234203d3e20323032343235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.33.0/24
Signature Algorithm: sha256WithRSAEncryption
91:07:75:11:3b:75:d9:cb:82:af:d9:ac:19:b9:21:eb:e9:0f:
fb:65:2a:a1:27:c8:25:c1:dc:af:4e:63:e6:f3:6c:2d:fd:2a:
a6:8f:24:dd:30:82:ee:32:c2:dd:e9:a6:ac:54:e4:fe:30:48:
06:f7:c0:aa:56:90:49:ff:55:ba:08:57:c9:b1:33:b6:1b:01:
dd:c0:97:93:02:e4:4b:67:95:dd:3b:b4:5d:ee:bf:37:7c:71:
2f:4e:42:73:47:1b:38:8a:a7:2b:24:04:41:c2:f0:86:37:8a:
64:ef:58:b6:81:13:b3:78:39:3c:cc:36:0b:ab:93:5e:ac:30:
0a:ee:b8:06:2a:77:39:4d:15:e9:9f:91:63:3d:96:a8:75:56:
26:f0:96:b2:14:85:8c:d1:84:69:cd:5d:08:90:29:f6:83:75:
b5:52:e8:1e:5b:6a:5d:14:f6:b6:f8:60:b1:78:8e:1f:6b:8b:
83:41:f3:9d:a6:7a:fd:c1:29:ff:04:ba:a4:9e:57:2d:ab:24:
48:a7:16:bf:1c:c0:a8:d5:1d:03:8e:c9:97:f1:ca:bf:d5:66:
ad:30:c7:0e:b3:74:ff:09:ea:09:ba:ea:6c:12:b2:71:cb:7f:
bb:6d:22:ff:72:4d:6b:9a:99:35:cb:c3:87:99:ab:43:62:15:
90:b6:c2:c4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdztTWFpdcCue3NhOdZ0R5JzJUPkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NTdaFw0yNTAyMjQwODUyNTdaMDMxMTAvBgNV
BAMTKEQyOEM2ODgzRDkzQ0REMUJBMjgyQzJBQzI1NURCRjYzNDcyMDU5NUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzreJcfU3cyGmn+CCPSrqGKBch
e3pi1y7BQHNQj0v4FONnc/zHFFQlKSfrBJZasoQi9HhLYgJNEyKKFVTnnH5H0DH8
+wnPIi6zypVdbr8ZGTgeSoy2vj0b0pwNd5beCvjbqYby4N/PrORTY6hneByXjEnE
yWm5LaGIs1Zl58+EFd+sQjjSqf8LRTKuYhXeDcJSZXM4dTSiD1KoF8CGfEvtu1/f
ZoLGP/3AWyWmoldOhUbsqVJMHhLAnHSMe98NJRXak2moA2N5z5LTFwef/1XwuneU
KGNWRdCNB6/rb3ZMWJgJRA7j+r6C2pvuIdVPoLydTewy1FfVvcl3VHRtg4pzAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU0oxog9k83RuigsKsJV2/Y0cgWVowHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzQzNTJlMzEzMjM5MmUzMzMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMyMzQzMjM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYEhMA0GCSqGSIb3DQEBCwUAA4IBAQCRB3URO3XZy4Kv2awZuSHr6Q/7ZSqhJ8gl
wdyvTmPm82wt/SqmjyTdMILuMsLd6aasVOT+MEgG98CqVpBJ/1W6CFfJsTO2GwHd
wJeTAuRLZ5XdO7Rd7r83fHEvTkJzRxs4iqcrJARBwvCGN4pk71i2gROzeDk8zDYL
q5NerDAK7rgGKnc5TRXpn5FjPZaodVYm8JayFIWM0YRpzV0IkCn2g3W1UugeW2pd
FPa2+GCxeI4fa4uDQfOdpnr9wSn/BLqknlctqyRIpxa/HMCo1R0DjsmX8cq/1Wat
MMcOs3T/CeoJuupsErJxy3+7bSL/ck1rmpk1y8OHmatDYhWQtsLE
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:44 2024 by rpki-client on console-ams.rpki-client.org