Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3134382e3133372e302f32342d3234203d3e20313336373837.roa
File: 34352e3134382e3133372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: kxZmlZuq3OBHx6AfVyHYL9v1b92bnb1Ra7dHIS1Z7jk=
Subject key identifier: 42:82:CA:B5:E8:76:48:50:A4:E7:62:13:A1:1E:2F:42:59:19:E9:5F
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 1C5E2664492597656AD0F5FBE0B6E34BE4D37442
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3134382e3133372e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 07 Feb 2024 12:33:31 +0000
ROA not before: Wed 07 Feb 2024 12:28:31 +0000
ROA not after: Wed 05 Feb 2025 12:33:31 +0000
asID: 136787
IP address blocks: 45.148.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:5e:26:64:49:25:97:65:6a:d0:f5:fb:e0:b6:e3:4b:e4:d3:74:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 7 12:28:31 2024 GMT
Not After : Feb 5 12:33:31 2025 GMT
Subject: CN=4282CAB5E8764850A4E76213A11E2F425919E95F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8f:bf:3b:20:73:a5:dd:cb:8c:3e:07:fc:e9:
93:45:5a:36:28:4b:37:8c:3f:0a:6c:d1:43:e8:96:
cd:05:5f:d0:23:bf:27:8c:53:5b:b7:0a:db:fd:32:
fd:fd:68:10:40:87:7c:56:89:be:39:46:1a:66:a6:
d4:9f:e3:59:b0:ba:a5:a9:ff:5b:52:a2:d9:3a:c7:
0e:33:46:32:15:57:f3:ba:e9:8c:42:fc:c6:98:29:
26:d3:ba:da:f7:40:8b:81:6b:2a:3d:dd:eb:13:fa:
f4:93:2c:75:25:ef:6b:3a:d1:ce:76:72:4d:0e:95:
f8:eb:25:14:38:29:b1:8c:9c:eb:ee:15:32:50:19:
7e:bc:f1:6d:f4:4c:10:41:21:5e:47:0c:79:f9:5f:
53:3a:cb:ea:e6:ad:8b:da:6b:31:d0:24:a9:76:13:
f9:45:70:e1:77:58:dd:a1:27:59:60:d9:93:ce:20:
c1:82:bb:84:11:a7:fb:fe:7b:3e:87:e5:ff:d7:34:
f5:e5:62:f4:51:54:2d:9c:8f:e5:89:85:77:0a:9f:
5c:2e:ab:03:27:d5:d3:20:3f:97:7b:ac:19:73:ae:
2d:60:6f:ac:38:9d:4c:fd:f7:09:1f:dd:bf:56:85:
80:9b:50:98:0b:85:f9:6b:31:1d:b4:cd:f4:1e:e7:
b0:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:82:CA:B5:E8:76:48:50:A4:E7:62:13:A1:1E:2F:42:59:19:E9:5F
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3134382e3133372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.137.0/24
Signature Algorithm: sha256WithRSAEncryption
08:32:88:92:70:c5:18:52:d3:09:74:c2:0d:45:a4:87:50:5d:
ee:e8:2e:c0:aa:1c:09:88:23:c3:53:84:85:13:d5:07:a1:68:
e7:d3:3a:6e:e7:0a:90:a0:c1:52:78:a9:40:36:4d:36:ce:34:
fd:b2:39:35:53:f9:5b:29:a3:88:02:42:ba:9d:32:8f:6c:64:
80:eb:ff:89:06:29:a2:30:d4:8c:ca:45:f6:63:a5:92:29:72:
0c:b4:a8:99:33:cf:fb:39:d2:72:7d:ec:82:f3:da:cf:56:72:
f7:6c:de:63:a6:64:08:e6:2f:10:ad:86:df:ce:bc:05:b0:71:
b5:df:2b:70:f9:05:dd:da:7b:52:7b:92:2e:b9:fe:a2:fd:35:
de:e5:03:f9:aa:d1:12:4d:c0:ad:c4:22:f4:ab:da:21:df:c0:
f6:54:5b:ff:bc:90:a1:9c:de:b2:87:aa:01:5c:ae:3e:52:5b:
49:7a:58:69:42:2b:ad:20:f9:62:15:a2:c9:c5:95:ac:a3:f0:
fc:04:b9:05:d7:7b:4b:76:a9:b5:bf:c8:2b:2e:48:88:48:91:
5f:d1:07:dc:26:37:9e:dd:ff:c1:62:79:4f:f5:30:5b:8f:20:
65:88:a7:b1:6e:01:b9:34:3f:4a:dc:dc:91:13:54:1c:76:24:
32:af:fd:d7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHF4mZEkll2Vq0PX74LbjS+TTdEIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMDcxMjI4MzFaFw0yNTAyMDUxMjMzMzFaMDMxMTAvBgNV
BAMTKDQyODJDQUI1RTg3NjQ4NTBBNEU3NjIxM0ExMUUyRjQyNTkxOUU5NUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8j787IHOl3cuMPgf86ZNFWjYo
SzeMPwps0UPols0FX9AjvyeMU1u3Ctv9Mv39aBBAh3xWib45RhpmptSf41mwuqWp
/1tSotk6xw4zRjIVV/O66YxC/MaYKSbTutr3QIuBayo93esT+vSTLHUl72s60c52
ck0OlfjrJRQ4KbGMnOvuFTJQGX688W30TBBBIV5HDHn5X1M6y+rmrYvaazHQJKl2
E/lFcOF3WN2hJ1lg2ZPOIMGCu4QRp/v+ez6H5f/XNPXlYvRRVC2cj+WJhXcKn1wu
qwMn1dMgP5d7rBlzri1gb6w4nUz99wkf3b9WhYCbUJgLhflrMR20zfQe57DBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUQoLKteh2SFCk52IToR4vQlkZ6V8wHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzQzNTJlMzEzNDM4MmUzMTMz
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtlIkwDQYJKoZIhvcNAQELBQADggEBAAgyiJJwxRhS0wl0wg1FpIdQXe7oLsCq
HAmII8NThIUT1QehaOfTOm7nCpCgwVJ4qUA2TTbONP2yOTVT+Vspo4gCQrqdMo9s
ZIDr/4kGKaIw1IzKRfZjpZIpcgy0qJkzz/s50nJ97ILz2s9Wcvds3mOmZAjmLxCt
ht/OvAWwcbXfK3D5Bd3ae1J7ki65/qL9Nd7lA/mq0RJNwK3EIvSr2iHfwPZUW/+8
kKGc3rKHqgFcrj5SW0l6WGlCK60g+WIVosnFlayj8PwEuQXXe0t2qbW/yCsuSIhI
kV/RB9wmN57d/8FieU/1MFuPIGWIp7FuAbk0P0rc3JETVBx2JDKv/dc=
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:24 2024 by rpki-client on console-fra.rpki-client.org