Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3134382e3133362e302f32342d3234203d3e20313336373837.roa
File: 34352e3134382e3133362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: lsuu5NDeammkDijOZhcky5YBj+m7ZzxDUqxeQo4DCs8=
Subject key identifier: 5E:D4:68:52:C0:86:DC:EC:E7:22:6E:0F:95:8D:5A:D9:72:B5:A3:58
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 48CF0684C7060D4CA46907FE9C0EEDB18656534A
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3134382e3133362e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 07 Feb 2024 12:33:29 +0000
ROA not before: Wed 07 Feb 2024 12:28:29 +0000
ROA not after: Wed 05 Feb 2025 12:33:29 +0000
asID: 136787
IP address blocks: 45.148.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:cf:06:84:c7:06:0d:4c:a4:69:07:fe:9c:0e:ed:b1:86:56:53:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 7 12:28:29 2024 GMT
Not After : Feb 5 12:33:29 2025 GMT
Subject: CN=5ED46852C086DCECE7226E0F958D5AD972B5A358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b4:9a:25:16:2c:68:75:73:d5:b0:26:1d:90:
5e:d5:52:d5:fb:af:41:f9:fe:4a:4a:26:3a:b6:27:
20:d0:ed:a5:08:41:75:72:f3:18:74:07:29:56:1b:
81:31:fa:53:51:a2:ca:f5:e0:b4:76:b6:8d:51:8e:
fc:b3:2b:72:f1:eb:e1:25:d0:b4:af:a5:ea:5a:99:
6d:a1:a4:05:aa:b0:7e:71:5c:4c:b4:7b:98:94:b8:
a4:93:64:05:34:2f:a0:00:fb:a4:1e:45:0b:60:d4:
6c:7e:f6:d6:c5:5d:e0:25:fc:ea:b1:22:88:7e:0d:
42:18:63:5e:5f:6a:ba:3a:a0:22:0a:c1:6b:cb:c0:
4f:1b:ef:bf:a6:87:cd:ed:64:cb:8d:30:0f:45:1b:
2f:17:b1:bd:02:c4:8c:b6:f3:f9:57:58:e0:fc:62:
7c:26:8d:f1:63:c8:b6:83:c5:08:31:60:b6:e9:be:
e5:be:a5:2a:8e:98:38:53:4d:aa:ed:ab:15:b9:96:
12:9d:a7:5a:4e:89:9f:70:57:eb:0f:a5:97:8f:53:
1b:a3:46:f7:a2:92:df:15:55:5a:ab:f7:fe:62:ee:
c7:ac:4c:6e:29:7b:d3:25:66:6d:e6:f1:3a:86:4c:
fd:5f:fa:e6:2b:52:e0:a3:6f:b8:df:55:a5:92:86:
8d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:D4:68:52:C0:86:DC:EC:E7:22:6E:0F:95:8D:5A:D9:72:B5:A3:58
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3134382e3133362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.136.0/24
Signature Algorithm: sha256WithRSAEncryption
26:bc:86:56:2a:72:2b:f5:de:6e:c5:12:11:77:c9:a4:99:18:
05:b3:8b:ca:ed:c2:34:1f:f6:49:83:c7:95:b7:99:83:bb:03:
a5:2c:97:6e:cc:88:02:e2:e9:5c:fe:e1:af:f8:f0:2a:77:fe:
90:18:ca:74:ac:0c:df:35:7b:53:9b:72:1e:0f:cc:02:54:e1:
4f:98:24:b8:4b:6b:52:a8:f7:ad:f5:11:76:65:5d:4d:c4:87:
70:c3:94:9d:40:0c:64:05:53:c3:89:8e:8d:e5:74:85:c8:9d:
a0:b3:11:25:57:db:37:05:7c:f8:73:7c:af:2e:da:93:29:74:
56:3b:13:80:f5:62:a2:03:1a:49:d3:8b:86:b1:53:1e:9f:99:
75:fe:6f:e0:af:ae:6f:71:bb:10:45:15:89:92:46:84:37:77:
8f:a1:e9:d7:57:2c:31:61:b9:13:e3:63:2f:38:bf:a4:82:38:
bf:19:ce:0d:fd:5b:7a:3a:29:e6:ed:20:b7:5b:6e:89:c6:11:
5b:bf:9a:46:57:68:2b:d2:73:cd:80:87:64:7a:ab:d2:41:81:
b6:84:68:70:2e:4a:4f:cb:7c:c4:aa:65:8d:86:9a:6f:dd:8a:
7f:21:cd:33:21:3b:30:63:9c:62:93:7d:f7:6f:b9:b0:24:80:
c7:ce:42:5c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSM8GhMcGDUykaQf+nA7tsYZWU0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMDcxMjI4MjlaFw0yNTAyMDUxMjMzMjlaMDMxMTAvBgNV
BAMTKDVFRDQ2ODUyQzA4NkRDRUNFNzIyNkUwRjk1OEQ1QUQ5NzJCNUEzNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPtJolFixodXPVsCYdkF7VUtX7
r0H5/kpKJjq2JyDQ7aUIQXVy8xh0BylWG4Ex+lNRosr14LR2to1RjvyzK3Lx6+El
0LSvpepamW2hpAWqsH5xXEy0e5iUuKSTZAU0L6AA+6QeRQtg1Gx+9tbFXeAl/Oqx
Ioh+DUIYY15faro6oCIKwWvLwE8b77+mh83tZMuNMA9FGy8Xsb0CxIy28/lXWOD8
YnwmjfFjyLaDxQgxYLbpvuW+pSqOmDhTTartqxW5lhKdp1pOiZ9wV+sPpZePUxuj
Rveikt8VVVqr9/5i7sesTG4pe9MlZm3m8TqGTP1f+uYrUuCjb7jfVaWSho3/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUXtRoUsCG3OznIm4PlY1a2XK1o1gwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzQzNTJlMzEzNDM4MmUzMTMz
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtlIgwDQYJKoZIhvcNAQELBQADggEBACa8hlYqciv13m7FEhF3yaSZGAWzi8rt
wjQf9kmDx5W3mYO7A6Usl27MiALi6Vz+4a/48Cp3/pAYynSsDN81e1Obch4PzAJU
4U+YJLhLa1Ko9631EXZlXU3Eh3DDlJ1ADGQFU8OJjo3ldIXInaCzESVX2zcFfPhz
fK8u2pMpdFY7E4D1YqIDGknTi4axUx6fmXX+b+Cvrm9xuxBFFYmSRoQ3d4+h6ddX
LDFhuRPjYy84v6SCOL8Zzg39W3o6KebtILdbbonGEVu/mkZXaCvSc82Ah2R6q9JB
gbaEaHAuSk/LfMSqZY2Gmm/din8hzTMhOzBjnGKTffdvubAkgMfOQlw=
-----END CERTIFICATE-----
Generated at Tue May 7 21:48:30 2024 by rpki-client on console-fra.rpki-client.org