Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3133372e3139352e302f32342d3234203d3e20323037373837.roa
File: 34352e3133372e3139352e302f32342d3234203d3e20323037373837.roa (raw, json)
Hash identifier: cdBwKi/pdUgQrT7ZX4AiF+h1Wm2FwfOvzW928M3acDw=
Subject key identifier: 23:DF:E1:52:78:EE:F8:ED:3B:DB:33:18:F9:1D:D9:5A:42:AB:2E:66
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 18777C7D30F36FAAEC1B2442D5C501140D9A4F00
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3133372e3139352e302f32342d3234203d3e20323037373837.roa
Signing time: Mon 26 Feb 2024 08:52:56 +0000
ROA not before: Mon 26 Feb 2024 08:47:56 +0000
ROA not after: Mon 24 Feb 2025 08:52:56 +0000
asID: 207787
IP address blocks: 45.137.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:77:7c:7d:30:f3:6f:aa:ec:1b:24:42:d5:c5:01:14:0d:9a:4f:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:56 2024 GMT
Not After : Feb 24 08:52:56 2025 GMT
Subject: CN=23DFE15278EEF8ED3BDB3318F91DD95A42AB2E66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ce:9f:8b:02:a2:c7:ce:09:fe:8d:de:87:c8:
da:d9:da:33:59:69:1d:eb:c6:c8:9d:bd:41:d5:db:
d3:89:0c:b6:24:21:5a:ba:79:fe:2b:ae:53:00:1c:
e1:c9:54:03:c6:c6:b8:ce:65:4a:f7:4e:b8:4b:ed:
04:14:36:73:fc:68:e8:53:0c:01:36:62:b5:77:94:
4b:37:78:28:7d:3b:cc:51:df:58:3b:0e:59:5b:a1:
80:d3:62:2f:60:0c:9e:52:8e:ce:7d:94:b6:ce:3a:
55:7c:13:7b:fe:fe:13:dc:3f:09:9b:e6:64:f4:7c:
46:36:89:05:c5:cf:2c:22:41:17:8b:33:3c:9d:a5:
b4:8f:a9:8d:aa:4f:89:8b:0d:20:41:b1:1b:eb:7d:
95:63:10:64:6c:e3:ce:ae:91:85:d0:9c:12:51:52:
c2:82:68:93:f1:f9:0a:32:f1:eb:1d:dd:3c:f0:d7:
4f:20:f0:88:8a:31:c2:d8:9f:46:ab:a0:82:7f:f6:
4d:e3:c9:11:2b:4f:e3:4c:16:07:81:a7:a4:ae:e9:
b0:33:81:91:60:52:72:5d:bf:7c:a1:71:37:90:92:
71:0d:23:43:0c:0d:67:5e:ca:d2:ba:89:f9:74:6b:
0f:a2:f1:27:77:01:fe:13:1c:e8:00:09:84:1c:5b:
e9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:DF:E1:52:78:EE:F8:ED:3B:DB:33:18:F9:1D:D9:5A:42:AB:2E:66
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3133372e3139352e302f32342d3234203d3e20323037373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.195.0/24
Signature Algorithm: sha256WithRSAEncryption
76:01:16:33:e9:07:a3:ec:96:1c:b4:32:9c:9d:98:79:d7:3e:
9a:a5:ee:61:52:1b:1a:60:4b:86:9c:31:d4:0c:26:0e:54:24:
af:7e:be:b8:ab:6e:c6:4a:e7:00:87:88:ac:29:f3:0d:78:e3:
38:1a:06:d5:e7:a3:b9:21:d2:ef:c9:24:d5:60:00:0d:b9:7f:
2a:ea:aa:4c:72:20:58:6b:bf:e8:70:b5:f0:21:dd:70:76:11:
15:01:e1:fb:61:10:4d:21:cc:9b:ba:1d:df:13:c7:6a:af:f4:
70:5d:0a:7f:8a:e8:40:ed:dc:ea:a6:6a:17:ee:21:16:c4:66:
05:17:ff:88:bd:f0:89:9b:8b:80:4f:3b:2e:00:ad:35:42:55:
41:ec:2e:d9:19:3c:49:51:bc:9d:15:2e:df:4e:b5:af:28:c9:
27:39:14:5a:cb:3e:5e:9b:84:e2:b3:18:dd:be:6a:98:d8:10:
b9:ba:00:e9:59:63:52:f8:4d:2b:9d:a5:1d:db:c9:7e:ad:e2:
04:e6:78:c5:0f:06:cc:7a:ba:fd:7a:b5:fb:f4:80:88:7c:58:
4c:ff:28:f5:1a:98:e3:4c:5a:d4:5f:f3:68:79:6e:87:85:ce:
1d:66:4f:f8:a2:02:16:05:ab:1f:90:d8:16:39:19:2b:f2:6c:
04:03:62:7c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGHd8fTDzb6rsGyRC1cUBFA2aTwAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NTZaFw0yNTAyMjQwODUyNTZaMDMxMTAvBgNV
BAMTKDIzREZFMTUyNzhFRUY4RUQzQkRCMzMxOEY5MUREOTVBNDJBQjJFNjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjzp+LAqLHzgn+jd6HyNrZ2jNZ
aR3rxsidvUHV29OJDLYkIVq6ef4rrlMAHOHJVAPGxrjOZUr3TrhL7QQUNnP8aOhT
DAE2YrV3lEs3eCh9O8xR31g7DllboYDTYi9gDJ5Sjs59lLbOOlV8E3v+/hPcPwmb
5mT0fEY2iQXFzywiQReLMzydpbSPqY2qT4mLDSBBsRvrfZVjEGRs486ukYXQnBJR
UsKCaJPx+Qoy8esd3Tzw108g8IiKMcLYn0aroIJ/9k3jyRErT+NMFgeBp6Su6bAz
gZFgUnJdv3yhcTeQknENI0MMDWdeytK6ifl0aw+i8Sd3Af4THOgACYQcW+kzAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUI9/hUnju+O072zMY+R3ZWkKrLmYwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzQzNTJlMzEzMzM3MmUzMTM5
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAticMwDQYJKoZIhvcNAQELBQADggEBAHYBFjPpB6Pslhy0MpydmHnXPpql7mFS
GxpgS4acMdQMJg5UJK9+vrirbsZK5wCHiKwp8w144zgaBtXno7kh0u/JJNVgAA25
fyrqqkxyIFhrv+hwtfAh3XB2ERUB4fthEE0hzJu6Hd8Tx2qv9HBdCn+K6EDt3Oqm
ahfuIRbEZgUX/4i98Imbi4BPOy4ArTVCVUHsLtkZPElRvJ0VLt9Ota8oySc5FFrL
Pl6bhOKzGN2+apjYELm6AOlZY1L4TSudpR3byX6t4gTmeMUPBsx6uv16tfv0gIh8
WEz/KPUamONMWtRf82h5boeFzh1mT/iiAhYFqx+Q2BY5GSvybAQDYnw=
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:44 2024 by rpki-client on console-ams.rpki-client.org