Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3134372e3137322e302f32342d3234203d3e20313336373837.roa
File: 34352e3134372e3137322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: f4jHiXMW2aYtY/xepivt3se3e3EIbfol93LLDkSD7eE=
Subject key identifier: 10:CA:84:9D:50:53:55:CD:73:D1:86:9F:F5:4A:23:1D:48:73:D2:A7
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 7027F57D452CD5ABBC1AE2370FFECC1A01A47A98
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3134372e3137322e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 07 Feb 2024 12:33:34 +0000
ROA not before: Wed 07 Feb 2024 12:28:34 +0000
ROA not after: Wed 05 Feb 2025 12:33:34 +0000
asID: 136787
IP address blocks: 45.147.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:27:f5:7d:45:2c:d5:ab:bc:1a:e2:37:0f:fe:cc:1a:01:a4:7a:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 7 12:28:34 2024 GMT
Not After : Feb 5 12:33:34 2025 GMT
Subject: CN=10CA849D505355CD73D1869FF54A231D4873D2A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1c:02:a6:96:73:5a:4d:37:ce:ac:33:3f:1b:
bd:88:ff:eb:70:7e:46:77:e7:8c:94:93:b7:6d:df:
67:bc:02:3b:82:7b:60:53:7b:5e:07:25:58:5f:e4:
6a:28:5c:b6:b6:64:30:22:2b:fd:75:11:25:fd:a5:
09:b3:21:6f:3e:40:38:f0:17:4e:a4:d9:0b:29:5e:
35:93:f1:e1:6b:33:23:10:12:78:3d:ec:85:23:e6:
bf:29:cf:81:cf:85:40:a8:b3:8e:3d:3c:7b:c1:c2:
c4:71:7e:2f:7a:b6:e9:a9:b9:0e:29:92:fc:c6:52:
18:24:7f:ad:af:c6:98:5d:c7:e7:14:1c:49:dd:17:
21:4b:d5:a4:d0:f0:d2:23:4a:96:12:eb:e6:5d:30:
95:6b:95:ed:88:77:e1:80:04:19:0e:a7:11:f6:37:
dc:b3:08:ee:7d:e8:c3:e4:5f:c5:b9:c5:a8:cb:7d:
37:37:79:64:e0:5c:b5:34:e0:7d:01:a2:25:e6:ce:
b7:67:4b:35:c6:d1:02:58:a2:98:a7:74:12:d0:40:
36:0a:97:b4:c2:5d:04:ff:72:4f:55:a8:4f:d0:7a:
69:54:fd:18:6e:67:6c:10:07:aa:d9:12:b8:87:6b:
bf:85:d2:78:54:33:43:a0:a1:f7:cc:3d:9a:43:7a:
c2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:CA:84:9D:50:53:55:CD:73:D1:86:9F:F5:4A:23:1D:48:73:D2:A7
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3134372e3137322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.172.0/24
Signature Algorithm: sha256WithRSAEncryption
22:c0:4e:32:16:12:df:df:d9:27:a3:18:92:3d:97:f9:31:52:
b9:0a:c5:5b:e1:2b:25:19:df:37:da:1e:f3:20:c0:fe:49:1c:
c4:61:bb:16:99:0a:d3:74:4c:21:1c:c1:d7:ec:01:22:44:90:
1f:2d:be:ae:e0:26:ef:17:b5:34:0e:f5:36:0e:c1:cd:d8:2d:
07:54:2d:f5:07:e7:fa:62:1c:6a:64:38:da:95:c7:a3:5a:04:
17:e6:be:de:35:71:75:2a:22:42:d5:34:a3:99:7d:46:a4:bb:
0b:e4:63:ab:6e:67:79:3f:ba:ad:56:6d:cb:ef:05:99:c4:7f:
32:2a:7f:f3:42:74:5d:c4:e5:94:a5:45:76:ec:46:6d:90:ea:
e8:b0:03:38:6a:02:9b:e0:4c:e5:1d:7e:3b:bd:d1:03:f6:f7:
21:fb:70:ca:cb:f9:10:55:36:4f:a2:f2:16:21:62:ad:3f:9f:
5d:8a:70:9a:38:50:73:00:5c:d8:6b:ca:dd:ef:c4:a8:8b:ed:
52:67:70:07:41:10:18:6d:d5:da:74:23:d0:eb:9e:fd:05:7c:
b4:66:18:dd:04:9e:75:1c:46:22:b0:a1:c5:94:0b:81:41:de:
9d:ec:25:0c:a0:4a:f3:d9:ea:55:55:3e:fe:bb:1a:af:99:89:
e4:a6:ef:d0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcCf1fUUs1au8GuI3D/7MGgGkepgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMDcxMjI4MzRaFw0yNTAyMDUxMjMzMzRaMDMxMTAvBgNV
BAMTKDEwQ0E4NDlENTA1MzU1Q0Q3M0QxODY5RkY1NEEyMzFENDg3M0QyQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqHAKmlnNaTTfOrDM/G72I/+tw
fkZ354yUk7dt32e8AjuCe2BTe14HJVhf5GooXLa2ZDAiK/11ESX9pQmzIW8+QDjw
F06k2QspXjWT8eFrMyMQEng97IUj5r8pz4HPhUCos449PHvBwsRxfi96tumpuQ4p
kvzGUhgkf62vxphdx+cUHEndFyFL1aTQ8NIjSpYS6+ZdMJVrle2Id+GABBkOpxH2
N9yzCO596MPkX8W5xajLfTc3eWTgXLU04H0BoiXmzrdnSzXG0QJYopindBLQQDYK
l7TCXQT/ck9VqE/QemlU/RhuZ2wQB6rZEriHa7+F0nhUM0OgoffMPZpDesIjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUEMqEnVBTVc1z0Yaf9UojHUhz0qcwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzQzNTJlMzEzNDM3MmUzMTM3
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtk6wwDQYJKoZIhvcNAQELBQADggEBACLATjIWEt/f2SejGJI9l/kxUrkKxVvh
KyUZ3zfaHvMgwP5JHMRhuxaZCtN0TCEcwdfsASJEkB8tvq7gJu8XtTQO9TYOwc3Y
LQdULfUH5/piHGpkONqVx6NaBBfmvt41cXUqIkLVNKOZfUakuwvkY6tuZ3k/uq1W
bcvvBZnEfzIqf/NCdF3E5ZSlRXbsRm2Q6uiwAzhqApvgTOUdfju90QP29yH7cMrL
+RBVNk+i8hYhYq0/n12KcJo4UHMAXNhryt3vxKiL7VJncAdBEBht1dp0I9Drnv0F
fLRmGN0EnnUcRiKwocWUC4FB3p3sJQygSvPZ6lVVPv67Gq+ZieSm79A=
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:22 2024 by rpki-client on console-fra.rpki-client.org