Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3133322e3135382e302f32342d3332203d3e203531313637.roa
File: 34352e3133322e3135382e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: 26NkwwkguZ+nG+BV45jWG09QbK1ZIY9noAURL358RyU=
Subject key identifier: 08:FE:6C:19:10:D6:4D:A3:2E:B3:7A:58:DE:CB:76:10:56:7A:65:4C
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 3894AFE344E1E19C89217D81998C86797E11E318
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3133322e3135382e302f32342d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:52:47 +0000
ROA not before: Mon 26 Feb 2024 08:47:47 +0000
ROA not after: Mon 24 Feb 2025 08:52:47 +0000
asID: 51167
IP address blocks: 45.132.158.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:94:af:e3:44:e1:e1:9c:89:21:7d:81:99:8c:86:79:7e:11:e3:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:47 2024 GMT
Not After : Feb 24 08:52:47 2025 GMT
Subject: CN=08FE6C1910D64DA32EB37A58DECB7610567A654C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:50:d3:dd:1a:f0:d6:3a:a3:46:19:3a:90:e0:
e3:f2:88:7c:f7:4f:06:9d:58:0b:06:53:43:85:ad:
0f:02:25:8f:66:b1:ab:08:fe:53:23:a9:4f:47:9e:
c9:5a:e9:dd:bb:1c:cb:f5:69:c5:d6:c9:28:f4:19:
6e:a0:5c:25:39:c2:dc:dc:37:f9:31:c0:c2:38:c0:
a1:89:89:fe:2b:c0:53:bf:f8:63:3a:bb:38:53:0c:
50:0c:f0:22:14:8a:5b:77:d0:9c:43:79:f8:47:6c:
7e:ef:bc:a0:5d:da:ad:c6:50:bb:ad:3d:11:d0:dc:
5d:72:9c:b0:16:12:75:b9:e7:2c:08:98:82:81:f2:
75:78:5f:b0:63:c1:b8:c8:a4:bd:1b:f2:7b:60:78:
12:17:b5:87:cc:50:64:88:57:b7:6b:4e:27:05:eb:
bc:bd:79:40:c6:4c:e7:14:a8:1e:46:dc:87:82:a6:
6f:18:49:ce:5d:ea:31:25:4e:71:b1:49:2e:39:cb:
c6:74:7f:c7:95:b7:91:d2:af:2f:e0:ce:9f:c5:de:
23:3f:22:7f:10:92:ad:16:76:35:c2:41:18:b5:32:
ac:d9:43:b1:f0:fd:9e:ef:1a:e6:f9:9c:f4:eb:14:
55:53:c4:36:e4:02:c7:6c:58:1d:6d:d0:c3:24:23:
50:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:FE:6C:19:10:D6:4D:A3:2E:B3:7A:58:DE:CB:76:10:56:7A:65:4C
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3133322e3135382e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.158.0/24
Signature Algorithm: sha256WithRSAEncryption
58:53:72:5d:c8:cf:ed:fc:0b:40:db:4a:e3:7e:84:f4:20:0a:
9e:dc:14:0d:51:98:5f:d1:38:24:2c:9d:8a:c8:b4:54:5e:78:
22:ef:8d:8e:18:50:93:96:57:4b:8e:a3:47:9e:de:18:1e:78:
3a:07:4e:39:e7:8b:18:0d:40:db:ad:a9:51:a1:42:2e:5d:2b:
b5:30:ad:47:72:ac:3f:88:55:1a:01:3f:0e:a6:19:2d:35:5c:
b8:cb:dc:aa:65:56:18:b1:f2:22:70:8f:af:b5:a3:41:58:a4:
12:f2:37:1e:d6:55:85:b0:78:c3:52:fb:61:95:0d:4e:f9:73:
2c:53:e2:91:f5:68:81:6c:2d:b1:f1:5d:aa:c4:9d:3a:8c:2d:
05:29:43:56:a7:09:07:36:9d:b6:1f:be:99:e1:d6:6d:ba:0d:
b9:a9:94:72:63:b3:32:64:c1:bb:15:76:a1:ae:5f:c3:a7:be:
94:8d:bd:bf:19:b8:da:a5:46:c9:e2:0c:d6:a4:7c:2d:4a:77:
15:dd:15:8a:fe:9a:48:6f:c9:da:6b:e0:38:05:2e:a1:fb:bc:
e4:81:90:dc:1d:fb:82:28:05:63:d8:fa:50:f2:03:80:e1:08:
2a:b1:da:31:e5:ae:b5:13:33:87:25:00:d0:20:47:69:12:44:
7c:86:2e:ea
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOJSv40Th4ZyJIX2BmYyGeX4R4xgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NDdaFw0yNTAyMjQwODUyNDdaMDMxMTAvBgNV
BAMTKDA4RkU2QzE5MTBENjREQTMyRUIzN0E1OERFQ0I3NjEwNTY3QTY1NEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9UNPdGvDWOqNGGTqQ4OPyiHz3
TwadWAsGU0OFrQ8CJY9msasI/lMjqU9Hnsla6d27HMv1acXWySj0GW6gXCU5wtzc
N/kxwMI4wKGJif4rwFO/+GM6uzhTDFAM8CIUilt30JxDefhHbH7vvKBd2q3GULut
PRHQ3F1ynLAWEnW55ywImIKB8nV4X7BjwbjIpL0b8ntgeBIXtYfMUGSIV7drTicF
67y9eUDGTOcUqB5G3IeCpm8YSc5d6jElTnGxSS45y8Z0f8eVt5HSry/gzp/F3iM/
In8Qkq0WdjXCQRi1MqzZQ7Hw/Z7vGub5nPTrFFVTxDbkAsdsWB1t0MMkI1BbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUCP5sGRDWTaMus3pY3st2EFZ6ZUwwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzQzNTJlMzEzMzMyMmUzMTM1
MzgyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYSeMA0GCSqGSIb3DQEBCwUAA4IBAQBYU3JdyM/t/AtA20rjfoT0IAqe3BQNUZhf
0TgkLJ2KyLRUXngi742OGFCTlldLjqNHnt4YHng6B04554sYDUDbralRoUIuXSu1
MK1Hcqw/iFUaAT8OphktNVy4y9yqZVYYsfIicI+vtaNBWKQS8jce1lWFsHjDUvth
lQ1O+XMsU+KR9WiBbC2x8V2qxJ06jC0FKUNWpwkHNp22H76Z4dZtug25qZRyY7My
ZMG7FXahrl/Dp76Ujb2/GbjapUbJ4gzWpHwtSncV3RWK/ppIb8naa+A4BS6h+7zk
gZDcHfuCKAVj2PpQ8gOA4Qgqsdox5a61EzOHJQDQIEdpEkR8hi7q
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org