Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3133372e3139352e302f32342d3234203d3e203631333137.roa
File: 34352e3133372e3139352e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: bBc4C2FCnxY2brxUu6q2LXnGydVPbH7za5kMLmUSPfE=
Subject key identifier: 42:0F:16:0D:9F:7C:AC:57:4B:10:3A:D6:E8:B4:EB:A3:6E:E1:BC:0C
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 1A46CD15BC981AEFA67D2562F9A4FF936FB86B58
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3133372e3139352e302f32342d3234203d3e203631333137.roa
Signing time: Mon 26 Feb 2024 08:52:49 +0000
ROA not before: Mon 26 Feb 2024 08:47:49 +0000
ROA not after: Mon 24 Feb 2025 08:52:49 +0000
asID: 61317
IP address blocks: 45.137.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:46:cd:15:bc:98:1a:ef:a6:7d:25:62:f9:a4:ff:93:6f:b8:6b:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:49 2024 GMT
Not After : Feb 24 08:52:49 2025 GMT
Subject: CN=420F160D9F7CAC574B103AD6E8B4EBA36EE1BC0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:44:7c:07:83:52:41:c1:9c:fd:06:6b:96:e3:
99:3b:31:c7:ae:d3:dc:a3:9e:9c:63:e4:46:bb:b7:
38:ac:f6:02:18:3b:1a:4d:38:22:86:93:a9:ba:ad:
43:81:60:79:70:ca:72:ee:7c:01:f8:d3:df:58:be:
16:94:49:96:60:89:98:a1:8e:52:ad:a9:eb:b9:cc:
fa:e3:1a:93:c3:01:e0:ea:68:13:f7:7b:83:5d:4b:
ef:d1:ca:df:12:80:16:b5:66:e9:4d:6b:79:c4:32:
d7:91:db:6b:76:0c:a3:9f:e7:3d:0b:57:17:6f:b1:
e3:90:96:3b:d6:44:02:54:cd:95:bd:75:42:9d:4e:
f0:e3:57:4b:45:8a:a1:d2:c9:5e:08:41:36:3e:0d:
e9:ee:e4:38:68:2f:46:a3:03:cb:ff:c3:38:c7:30:
7f:95:c3:11:e6:f3:ea:c2:eb:37:67:48:15:6b:68:
d6:44:d7:00:ee:77:e2:26:16:79:29:d7:65:36:ac:
eb:f4:5d:7c:6f:a0:e5:66:bf:02:69:0a:f7:50:51:
1f:e5:89:c6:93:4e:80:9b:d2:a4:d7:fa:f1:6a:4b:
17:29:62:15:44:19:ee:1e:42:1a:a1:42:07:bb:e9:
1f:5f:c5:f3:78:39:41:53:59:b3:b9:1a:eb:8e:be:
4c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:0F:16:0D:9F:7C:AC:57:4B:10:3A:D6:E8:B4:EB:A3:6E:E1:BC:0C
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3133372e3139352e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.195.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:c2:e9:89:c2:8d:b1:d7:6b:50:b9:10:1e:64:0e:24:8c:e7:
31:bb:3a:0b:26:1d:9a:00:36:71:ab:ca:47:10:a3:b0:03:53:
c1:88:fd:64:35:28:ab:e6:04:26:19:ef:01:86:54:02:07:01:
2a:e3:0a:95:30:6b:22:94:fe:0d:da:84:4c:7d:ba:b1:2c:23:
5c:1e:f0:b2:22:72:d9:18:b0:4c:c5:59:ff:40:a7:3d:4d:74:
0f:68:15:ed:21:2b:58:b7:cc:42:67:55:c6:a0:70:dd:98:7e:
31:40:74:e3:62:88:60:16:02:87:bd:e8:f6:84:ff:77:22:45:
cf:5c:eb:cc:f3:f3:00:8d:e3:6c:56:15:f8:ea:b6:77:5e:e6:
28:b4:44:12:17:18:15:4c:ed:50:b1:43:94:90:af:52:30:dd:
3c:df:c8:03:26:37:9a:b2:de:64:88:ea:42:fb:17:20:29:6e:
b2:4e:cf:d4:28:0a:10:95:63:0f:ba:58:34:9b:ae:01:c0:f4:
95:bb:da:d2:6d:dc:f3:2c:eb:73:e4:35:25:88:d8:ff:6a:60:
92:63:e5:28:f3:57:b9:5d:f1:4b:1f:12:62:52:0e:ef:6b:3d:
80:fd:09:75:f2:0f:6b:f1:93:5c:27:16:37:37:30:5b:ff:c8:
85:72:f0:4f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGkbNFbyYGu+mfSVi+aT/k2+4a1gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NDlaFw0yNTAyMjQwODUyNDlaMDMxMTAvBgNV
BAMTKDQyMEYxNjBEOUY3Q0FDNTc0QjEwM0FENkU4QjRFQkEzNkVFMUJDMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/RHwHg1JBwZz9BmuW45k7Mceu
09yjnpxj5Ea7tzis9gIYOxpNOCKGk6m6rUOBYHlwynLufAH4099YvhaUSZZgiZih
jlKtqeu5zPrjGpPDAeDqaBP3e4NdS+/Ryt8SgBa1ZulNa3nEMteR22t2DKOf5z0L
VxdvseOQljvWRAJUzZW9dUKdTvDjV0tFiqHSyV4IQTY+Denu5DhoL0ajA8v/wzjH
MH+VwxHm8+rC6zdnSBVraNZE1wDud+ImFnkp12U2rOv0XXxvoOVmvwJpCvdQUR/l
icaTToCb0qTX+vFqSxcpYhVEGe4eQhqhQge76R9fxfN4OUFTWbO5GuuOvkwZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUQg8WDZ98rFdLEDrW6LTro27hvAwwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzQzNTJlMzEzMzM3MmUzMTM5
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYnDMA0GCSqGSIb3DQEBCwUAA4IBAQB+wumJwo2x12tQuRAeZA4kjOcxuzoLJh2a
ADZxq8pHEKOwA1PBiP1kNSir5gQmGe8BhlQCBwEq4wqVMGsilP4N2oRMfbqxLCNc
HvCyInLZGLBMxVn/QKc9TXQPaBXtIStYt8xCZ1XGoHDdmH4xQHTjYohgFgKHvej2
hP93IkXPXOvM8/MAjeNsVhX46rZ3XuYotEQSFxgVTO1QsUOUkK9SMN0838gDJjea
st5kiOpC+xcgKW6yTs/UKAoQlWMPulg0m64BwPSVu9rSbdzzLOtz5DUliNj/amCS
Y+Uo81e5XfFLHxJiUg7vaz2A/Ql18g9r8ZNcJxY3NzBb/8iFcvBP
-----END CERTIFICATE-----
Generated at Thu Apr 25 18:15:05 2024 by rpki-client on console-ams.rpki-client.org