Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3132392e33332e302f32342d3234203d3e20323036383034.roa
File: 34352e3132392e33332e302f32342d3234203d3e20323036383034.roa (raw, json)
Hash identifier: IxXIYllOJoK7RgjmqdYVOtyboybWGimT7dX1DS+LUzQ=
Subject key identifier: FC:DA:A6:94:0A:09:1A:72:1B:22:80:05:7D:59:EF:A0:24:2D:AE:36
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 45DBDDD4EFF58FD59F9BF8FAE415DE23E9FB3356
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3132392e33332e302f32342d3234203d3e20323036383034.roa
Signing time: Mon 26 Feb 2024 08:52:51 +0000
ROA not before: Mon 26 Feb 2024 08:47:51 +0000
ROA not after: Mon 24 Feb 2025 08:52:51 +0000
asID: 206804
IP address blocks: 45.129.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:db:dd:d4:ef:f5:8f:d5:9f:9b:f8:fa:e4:15:de:23:e9:fb:33:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:51 2024 GMT
Not After : Feb 24 08:52:51 2025 GMT
Subject: CN=FCDAA6940A091A721B2280057D59EFA0242DAE36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f4:e3:4a:ca:4c:57:5d:97:79:68:81:15:85:
c4:68:9a:f6:3d:5e:ec:58:80:22:d5:76:97:2b:d1:
dc:95:e1:66:79:ad:ac:96:c1:3f:90:30:50:6f:50:
cf:cd:cb:84:c7:94:65:6e:79:78:02:34:d7:05:88:
c0:01:57:05:f7:48:6f:d9:90:d5:3d:4b:cf:b5:b3:
4f:3f:6e:71:d3:88:6e:9c:81:0e:1f:72:27:26:96:
c0:ea:37:ac:55:03:dd:80:cf:ed:d3:9b:7e:41:ac:
fa:89:a6:f6:f1:02:96:00:bb:42:20:8d:1f:1b:1b:
7d:e3:01:08:14:94:5a:62:39:4b:66:ac:9d:4a:94:
6b:b0:99:c7:61:f1:51:34:cf:fe:fa:6d:46:96:e5:
31:a4:5a:7c:c8:e3:fb:7e:df:cf:5b:ae:4a:10:98:
78:b5:b4:a0:9c:48:48:8c:73:09:0d:a9:1a:ac:40:
6e:a6:42:62:25:65:09:e9:c4:63:4e:86:5c:43:7d:
6a:0c:8b:e5:4c:cd:04:05:d3:48:bf:31:73:ca:68:
00:0a:6b:57:04:dd:c7:15:f4:ad:c0:82:d9:d1:0c:
60:47:ab:d3:37:12:6c:3a:41:4c:17:6c:27:d9:b5:
28:15:c9:9a:64:bb:3f:61:78:e7:6a:ba:1c:6b:c4:
7e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:DA:A6:94:0A:09:1A:72:1B:22:80:05:7D:59:EF:A0:24:2D:AE:36
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3132392e33332e302f32342d3234203d3e20323036383034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.33.0/24
Signature Algorithm: sha256WithRSAEncryption
90:79:6d:48:18:d9:76:a5:96:24:8b:eb:79:d4:2f:cc:9d:1c:
a0:ee:4a:f5:c6:bf:1f:41:cb:d2:b8:86:71:05:02:bf:b4:00:
32:3f:9c:58:1a:7a:b3:ef:e5:3a:70:f5:3b:ea:4c:80:77:8d:
b2:15:dd:1f:31:89:fe:5d:c3:ca:a5:96:61:1e:12:45:1d:c3:
b8:ae:67:c4:e4:62:ff:83:11:d2:91:b0:55:bd:c8:e5:8c:08:
45:72:a5:fa:50:77:ee:73:2b:7a:e7:10:d1:0a:73:30:08:3e:
80:15:cd:87:f3:b5:ee:db:08:55:d3:cb:98:3b:b1:f7:2b:69:
e1:5a:40:0f:56:68:84:41:7c:fe:02:a0:bf:f6:37:07:d0:d1:
8d:4f:48:58:9a:5a:a2:c6:65:84:65:b0:21:b3:d4:ee:96:f6:
3e:33:8b:80:45:21:d8:90:2e:eb:03:74:76:98:5a:f4:46:64:
ce:75:e4:63:09:94:b6:b6:32:7f:5b:36:1d:16:57:80:6d:f4:
36:f0:22:d1:98:6f:16:b4:a6:0d:34:b0:66:d8:5b:2b:50:58:
b7:3a:80:5f:7c:53:61:ee:75:fb:01:68:7e:76:dc:25:9d:26:
f4:e5:cb:89:3e:27:d8:a6:ca:41:37:c6:c3:a5:d0:29:45:1c:
f6:b4:b8:6c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURdvd1O/1j9Wfm/j65BXeI+n7M1YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NTFaFw0yNTAyMjQwODUyNTFaMDMxMTAvBgNV
BAMTKEZDREFBNjk0MEEwOTFBNzIxQjIyODAwNTdENTlFRkEwMjQyREFFMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk9ONKykxXXZd5aIEVhcRomvY9
XuxYgCLVdpcr0dyV4WZ5rayWwT+QMFBvUM/Ny4THlGVueXgCNNcFiMABVwX3SG/Z
kNU9S8+1s08/bnHTiG6cgQ4fcicmlsDqN6xVA92Az+3Tm35BrPqJpvbxApYAu0Ig
jR8bG33jAQgUlFpiOUtmrJ1KlGuwmcdh8VE0z/76bUaW5TGkWnzI4/t+389brkoQ
mHi1tKCcSEiMcwkNqRqsQG6mQmIlZQnpxGNOhlxDfWoMi+VMzQQF00i/MXPKaAAK
a1cE3ccV9K3AgtnRDGBHq9M3Emw6QUwXbCfZtSgVyZpkuz9heOdquhxrxH5DAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU/NqmlAoJGnIbIoAFfVnvoCQtrjYwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzQzNTJlMzEzMjM5MmUzMzMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM2MzgzMDM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYEhMA0GCSqGSIb3DQEBCwUAA4IBAQCQeW1IGNl2pZYki+t51C/MnRyg7kr1xr8f
QcvSuIZxBQK/tAAyP5xYGnqz7+U6cPU76kyAd42yFd0fMYn+XcPKpZZhHhJFHcO4
rmfE5GL/gxHSkbBVvcjljAhFcqX6UHfucyt65xDRCnMwCD6AFc2H87Xu2whV08uY
O7H3K2nhWkAPVmiEQXz+AqC/9jcH0NGNT0hYmlqixmWEZbAhs9TulvY+M4uARSHY
kC7rA3R2mFr0RmTOdeRjCZS2tjJ/WzYdFleAbfQ28CLRmG8WtKYNNLBm2FsrUFi3
OoBffFNh7nX7AWh+dtwlnSb05cuJPifYpspBN8bDpdApRRz2tLhs
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:44 2024 by rpki-client on console-ams.rpki-client.org