Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3134372e3137332e302f32342d3234203d3e20313336373837.roa
File: 34352e3134372e3137332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: /h81lqY75eXOerklnPPBPjbc/jJhQj5/tKbr2E/qJGI=
Subject key identifier: 88:75:0E:42:7D:8A:8D:90:F7:92:75:19:46:3F:AE:70:F9:5E:86:51
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 0C72BFBA0F2B6E8E2EA4FF625A77D06574710E22
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3134372e3137332e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 07 Feb 2024 12:33:36 +0000
ROA not before: Wed 07 Feb 2024 12:28:36 +0000
ROA not after: Wed 05 Feb 2025 12:33:36 +0000
asID: 136787
IP address blocks: 45.147.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:72:bf:ba:0f:2b:6e:8e:2e:a4:ff:62:5a:77:d0:65:74:71:0e:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 7 12:28:36 2024 GMT
Not After : Feb 5 12:33:36 2025 GMT
Subject: CN=88750E427D8A8D90F7927519463FAE70F95E8651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:b5:c4:a9:a4:41:ee:ac:34:28:69:73:9d:75:
dd:8f:b5:84:c9:37:28:3a:8e:98:90:7c:ff:c7:0f:
dd:b6:2d:5c:45:b1:ff:cb:53:40:37:d6:f1:9c:c8:
8b:c1:52:c4:bc:f0:4c:75:bb:6a:cd:41:71:e9:1b:
54:f7:cd:f3:f7:81:c3:67:04:19:7c:0a:cf:73:e1:
0c:a0:da:8e:99:1e:46:8e:c9:b7:b2:46:02:9c:fe:
4f:17:ac:45:e1:35:6e:d4:fa:9f:d1:7e:1d:df:0d:
7e:a7:ec:43:bc:c1:ee:6e:7b:6d:5c:d4:eb:e1:83:
74:c9:e0:8a:20:a2:44:c6:46:01:39:98:1d:ff:08:
e2:f8:59:92:70:32:a0:7d:2a:d7:e0:7e:35:93:57:
e4:fc:d3:72:74:ef:1c:3b:fe:7f:7b:a2:42:50:62:
ed:67:d0:2f:fc:f8:24:ba:f2:3b:d2:dc:95:15:9d:
fc:f5:51:ba:d9:ad:85:2f:5e:16:d8:e7:f0:cf:2d:
8e:e6:82:8c:0e:2f:ad:57:b1:64:b2:72:70:51:6b:
4c:5d:ce:1c:cd:03:8e:b6:01:04:49:19:6d:f8:b1:
30:02:68:8b:f2:d2:f8:ad:74:58:62:b3:92:34:bf:
f5:2b:df:ff:c6:be:55:57:22:a1:96:2a:64:25:03:
b2:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:75:0E:42:7D:8A:8D:90:F7:92:75:19:46:3F:AE:70:F9:5E:86:51
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3134372e3137332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.173.0/24
Signature Algorithm: sha256WithRSAEncryption
95:f9:e8:e0:d5:d7:95:cd:53:a1:36:1c:48:e6:39:95:81:a1:
55:ab:ed:66:4c:fd:29:67:64:f2:99:df:e5:1e:05:fc:94:21:
08:4f:8a:24:79:c6:9c:58:a4:63:95:26:c5:7c:70:cd:97:89:
7f:8f:dc:0a:b8:79:17:b0:b2:21:13:23:53:2a:85:24:1e:26:
81:a2:ff:90:61:6a:b0:03:16:96:df:dc:a1:71:59:71:b2:fa:
37:e5:3c:6d:d5:1f:28:8b:ad:b6:ee:c1:a4:1c:9d:cc:17:7c:
42:8d:7b:b5:41:b0:dd:7e:66:72:b1:91:e4:78:15:67:c6:df:
1e:59:10:5f:1b:21:39:c9:42:6c:a4:a7:fa:10:cd:94:92:78:
59:dc:c6:d4:fd:e5:6d:52:6c:83:5e:dc:39:74:f8:67:8b:56:
f0:2f:60:83:0b:d6:35:e7:33:55:f5:a8:cb:36:f3:e3:2e:f2:
33:d3:bf:f5:cd:f0:7e:81:12:7c:be:6e:e8:85:9b:30:b6:d5:
be:3c:e5:7c:d1:f5:c3:65:e5:45:a5:bf:66:4a:05:16:c7:ca:
b0:bd:e1:ac:e2:f7:a8:4e:f2:00:f4:49:20:80:f3:04:c2:20:
bb:07:96:3a:ad:d8:e2:a3:50:ed:bd:c7:8c:4f:b1:0b:e8:81:
57:42:ec:85
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDHK/ug8rbo4upP9iWnfQZXRxDiIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMDcxMjI4MzZaFw0yNTAyMDUxMjMzMzZaMDMxMTAvBgNV
BAMTKDg4NzUwRTQyN0Q4QThEOTBGNzkyNzUxOTQ2M0ZBRTcwRjk1RTg2NTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDutcSppEHurDQoaXOddd2PtYTJ
Nyg6jpiQfP/HD922LVxFsf/LU0A31vGcyIvBUsS88Ex1u2rNQXHpG1T3zfP3gcNn
BBl8Cs9z4Qyg2o6ZHkaOybeyRgKc/k8XrEXhNW7U+p/Rfh3fDX6n7EO8we5ue21c
1Ovhg3TJ4IogokTGRgE5mB3/COL4WZJwMqB9KtfgfjWTV+T803J07xw7/n97okJQ
Yu1n0C/8+CS68jvS3JUVnfz1UbrZrYUvXhbY5/DPLY7mgowOL61XsWSycnBRa0xd
zhzNA462AQRJGW34sTACaIvy0vitdFhis5I0v/Ur3//GvlVXIqGWKmQlA7I5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUiHUOQn2KjZD3knUZRj+ucPlehlEwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzQzNTJlMzEzNDM3MmUzMTM3
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtk60wDQYJKoZIhvcNAQELBQADggEBAJX56ODV15XNU6E2HEjmOZWBoVWr7WZM
/SlnZPKZ3+UeBfyUIQhPiiR5xpxYpGOVJsV8cM2XiX+P3Aq4eRewsiETI1MqhSQe
JoGi/5BharADFpbf3KFxWXGy+jflPG3VHyiLrbbuwaQcncwXfEKNe7VBsN1+ZnKx
keR4FWfG3x5ZEF8bITnJQmykp/oQzZSSeFncxtT95W1SbINe3Dl0+GeLVvAvYIML
1jXnM1X1qMs28+Mu8jPTv/XN8H6BEny+buiFmzC21b485XzR9cNl5UWlv2ZKBRbH
yrC94azi96hO8gD0SSCA8wTCILsHljqt2OKjUO29x4xPsQvogVdC7IU=
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:24 2024 by rpki-client on console-fra.rpki-client.org