Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3133322e3135362e302f32342d3234203d3e20313336373837.roa
File: 34352e3133322e3135362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 0iJEHaSn+XAn9N64ZtGA2Ke/s46nTZNp/+1JLE8Jm7E=
Subject key identifier: D4:4A:9B:45:DE:1A:2C:4B:08:6E:B0:C0:A0:B4:55:EF:E4:46:B9:86
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 3188F51A27017077D80BFC3A49A81A740A76365E
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3133322e3135362e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:52:57 +0000
ROA not before: Mon 26 Feb 2024 08:47:57 +0000
ROA not after: Mon 24 Feb 2025 08:52:57 +0000
asID: 136787
IP address blocks: 45.132.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:88:f5:1a:27:01:70:77:d8:0b:fc:3a:49:a8:1a:74:0a:76:36:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:57 2024 GMT
Not After : Feb 24 08:52:57 2025 GMT
Subject: CN=D44A9B45DE1A2C4B086EB0C0A0B455EFE446B986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:84:4e:5a:52:6d:c2:09:38:7d:1c:7c:d0:5e:
a3:8d:c1:1c:75:ee:e7:c5:78:5a:ee:fc:b7:17:e2:
d0:04:90:f5:ac:3a:35:58:b9:95:07:49:ca:95:cc:
d3:5f:90:72:ef:74:37:ca:44:df:fa:93:cd:bc:45:
e8:4f:f9:70:23:31:ef:e3:57:a8:59:6a:0e:42:19:
ef:7f:b8:4e:b6:bb:ca:7a:64:d4:10:a9:52:48:b1:
a0:1c:1e:c9:10:73:c9:75:4a:1d:b3:2f:1a:79:49:
c9:44:5c:d2:d7:54:61:b4:6e:03:ef:c3:ca:b6:20:
be:5b:f0:ed:92:4c:72:23:e5:3c:a2:7a:7b:0e:2a:
38:b4:51:b0:9a:4b:85:a1:ae:da:88:44:3f:63:1c:
80:92:c7:7f:17:c6:46:f3:ab:1b:43:de:13:80:87:
da:60:4b:ef:88:09:76:af:6b:41:01:9e:66:ae:d6:
38:f1:23:a1:2a:ad:63:81:23:99:19:78:87:f3:cf:
4b:d3:f9:d8:fc:4f:06:04:65:00:27:d2:d8:7a:0d:
d2:be:d7:4c:6b:32:1c:f0:ee:c3:fc:d0:b8:66:1d:
f6:32:bb:b0:bd:65:dd:67:31:2b:cf:d9:93:9e:ed:
dc:64:6e:7a:23:19:1a:3a:93:64:42:ee:06:5b:d7:
77:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:4A:9B:45:DE:1A:2C:4B:08:6E:B0:C0:A0:B4:55:EF:E4:46:B9:86
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3133322e3135362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.156.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:95:6f:7a:d9:d2:42:60:37:a7:78:0e:46:63:9b:90:4a:88:
1d:2d:a6:3b:c9:87:7b:80:97:a0:99:e6:88:40:5f:54:f9:82:
e2:0f:7c:14:e1:bc:1f:c2:ec:0d:d0:79:bc:db:17:54:47:1c:
90:a2:d0:1b:b5:28:e2:2a:63:85:9c:ee:b3:1d:37:af:64:73:
64:04:95:84:e5:18:f5:43:f4:64:18:24:03:b2:77:06:0b:57:
fe:12:8f:6c:76:cb:52:6c:49:d1:8e:7b:b9:7f:53:a2:92:90:
67:ba:99:28:28:45:c3:e0:0f:fb:64:9a:e6:06:43:50:a4:20:
59:d7:40:86:aa:95:30:68:91:55:ed:14:07:ca:01:f6:b4:1b:
63:cc:b4:6b:02:87:c9:38:16:dd:23:cc:15:14:07:59:f0:f4:
d0:8b:79:8f:54:00:70:ba:ad:f3:5c:38:e3:3d:67:cf:b3:09:
0e:72:d1:30:32:9d:22:6a:5d:32:a8:4f:6b:7b:c5:6e:6f:d5:
fb:8e:f9:5b:64:f6:22:71:3e:55:c6:0e:f9:05:60:99:f5:9e:
2d:4d:38:16:b7:f3:f7:cb:30:85:3a:05:6d:bf:d6:e2:a0:c4:
f0:71:29:88:06:fa:81:d1:e7:d7:cc:34:f7:58:de:ac:45:c8:
a4:15:a3:d5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMYj1GicBcHfYC/w6SagadAp2Nl4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NTdaFw0yNTAyMjQwODUyNTdaMDMxMTAvBgNV
BAMTKEQ0NEE5QjQ1REUxQTJDNEIwODZFQjBDMEEwQjQ1NUVGRTQ0NkI5ODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3hE5aUm3CCTh9HHzQXqONwRx1
7ufFeFru/LcX4tAEkPWsOjVYuZUHScqVzNNfkHLvdDfKRN/6k828RehP+XAjMe/j
V6hZag5CGe9/uE62u8p6ZNQQqVJIsaAcHskQc8l1Sh2zLxp5SclEXNLXVGG0bgPv
w8q2IL5b8O2STHIj5TyiensOKji0UbCaS4WhrtqIRD9jHICSx38XxkbzqxtD3hOA
h9pgS++ICXava0EBnmau1jjxI6EqrWOBI5kZeIfzz0vT+dj8TwYEZQAn0th6DdK+
10xrMhzw7sP80LhmHfYyu7C9Zd1nMSvP2ZOe7dxkbnojGRo6k2RC7gZb13ePAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU1EqbRd4aLEsIbrDAoLRV7+RGuYYwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzQzNTJlMzEzMzMyMmUzMTM1
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAthJwwDQYJKoZIhvcNAQELBQADggEBAI2Vb3rZ0kJgN6d4DkZjm5BKiB0tpjvJ
h3uAl6CZ5ohAX1T5guIPfBThvB/C7A3QebzbF1RHHJCi0Bu1KOIqY4Wc7rMdN69k
c2QElYTlGPVD9GQYJAOydwYLV/4Sj2x2y1JsSdGOe7l/U6KSkGe6mSgoRcPgD/tk
muYGQ1CkIFnXQIaqlTBokVXtFAfKAfa0G2PMtGsCh8k4Ft0jzBUUB1nw9NCLeY9U
AHC6rfNcOOM9Z8+zCQ5y0TAynSJqXTKoT2t7xW5v1fuO+Vtk9iJxPlXGDvkFYJn1
ni1NOBa38/fLMIU6BW2/1uKgxPBxKYgG+oHR59fMNPdY3qxFyKQVo9U=
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:57 2024 by rpki-client on console-ams.rpki-client.org