Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3134382e3133392e302f32342d3234203d3e20313336373837.roa
File: 34352e3134382e3133392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Reh0n1NXpL9I0I4HBIy/EIhrFCRFQOnUTIrlc81UG3U=
Subject key identifier: 68:05:88:C9:D2:83:2A:F0:6D:26:C4:A0:CA:E5:19:63:69:1D:95:B9
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 4F474467F97F30642CE5D903ED6C11855C6CC99C
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3134382e3133392e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 07 Feb 2024 12:33:33 +0000
ROA not before: Wed 07 Feb 2024 12:28:33 +0000
ROA not after: Wed 05 Feb 2025 12:33:33 +0000
asID: 136787
IP address blocks: 45.148.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:47:44:67:f9:7f:30:64:2c:e5:d9:03:ed:6c:11:85:5c:6c:c9:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 7 12:28:33 2024 GMT
Not After : Feb 5 12:33:33 2025 GMT
Subject: CN=680588C9D2832AF06D26C4A0CAE51963691D95B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ca:12:8c:c9:c5:a7:b0:d1:2b:42:aa:67:24:
63:d1:f2:3c:ce:4a:c5:f5:cd:c8:a6:a2:59:c1:a4:
16:53:1b:db:40:ae:f9:38:e3:13:91:d3:8a:b2:72:
f8:58:d2:4c:e2:48:66:bc:8f:3d:af:5d:08:c9:c7:
ec:17:ad:e2:98:0f:72:94:a8:7a:e6:2b:27:54:be:
ae:ca:05:e0:39:0f:b5:af:0f:4b:15:e3:16:4d:11:
12:3b:6b:76:c8:07:3b:13:bf:4c:ea:b6:02:5d:e1:
3c:d8:1d:9e:d3:fb:e6:f4:5d:65:b3:2a:55:aa:0b:
3b:b2:ac:5d:49:ec:d1:73:2b:1f:59:e8:a8:7b:31:
48:8a:6d:fc:23:ee:24:3f:cb:70:f7:4c:39:1e:7f:
a1:fc:fa:0f:a6:39:c8:b2:19:ce:1d:b9:b1:08:6a:
82:d0:12:8c:93:5b:c1:91:a0:64:ac:ad:32:ff:b8:
ee:c3:af:a6:33:89:c3:0f:83:47:2c:87:7a:cc:59:
c2:1e:02:07:5f:1f:15:90:d6:26:6e:ba:34:9d:6f:
c0:d3:6c:83:e7:47:f9:74:56:67:3a:57:e5:16:39:
6c:52:67:af:df:54:7b:df:50:57:b0:67:1a:a3:4d:
f2:8c:18:3a:b5:78:cb:60:bf:8c:a5:37:ba:df:bf:
84:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:05:88:C9:D2:83:2A:F0:6D:26:C4:A0:CA:E5:19:63:69:1D:95:B9
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3134382e3133392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.139.0/24
Signature Algorithm: sha256WithRSAEncryption
07:5b:1c:b6:f3:a0:51:27:e8:7b:a1:6e:0e:f5:72:02:7e:17:
64:87:b9:86:7d:0e:04:ae:0c:2c:b8:02:3d:75:2d:9d:4e:f8:
6e:a5:36:16:06:f1:06:a3:ba:ca:e0:79:78:71:fc:14:d8:7f:
f3:46:f2:8b:97:3a:37:83:a8:46:1b:44:8d:64:a7:93:b6:00:
67:27:f4:c4:60:06:34:1f:15:3c:26:ab:46:d9:cd:b8:01:d1:
bb:6b:73:0e:91:3b:b1:ff:b2:c1:43:37:5a:ab:92:bc:fe:74:
8e:0c:ce:5d:3c:61:3d:57:61:db:de:fd:b0:1f:1e:1e:76:f6:
2e:55:1c:d7:9d:c4:4c:0f:aa:e9:42:d3:f9:ed:37:e1:f2:05:
1d:e6:36:90:38:9a:dd:6c:66:e5:b8:4c:96:fd:71:5c:0c:ee:
e7:08:87:33:fb:24:90:46:b4:e1:a7:9a:80:42:30:00:d9:a1:
12:d9:81:07:d8:d1:db:10:78:f0:89:24:b0:df:ba:c1:b3:e7:
09:54:67:55:9f:64:d2:a9:29:68:ae:e7:fb:47:47:cf:e4:16:
6c:a5:20:e8:e4:97:c1:36:62:fa:ad:e5:1b:6f:b3:d6:2b:4e:
cb:7e:21:27:1b:95:ad:46:c6:1f:96:c2:52:c5:b6:3d:f4:8b:
66:59:94:1c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUT0dEZ/l/MGQs5dkD7WwRhVxsyZwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMDcxMjI4MzNaFw0yNTAyMDUxMjMzMzNaMDMxMTAvBgNV
BAMTKDY4MDU4OEM5RDI4MzJBRjA2RDI2QzRBMENBRTUxOTYzNjkxRDk1QjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6yhKMycWnsNErQqpnJGPR8jzO
SsX1zcimolnBpBZTG9tArvk44xOR04qycvhY0kziSGa8jz2vXQjJx+wXreKYD3KU
qHrmKydUvq7KBeA5D7WvD0sV4xZNERI7a3bIBzsTv0zqtgJd4TzYHZ7T++b0XWWz
KlWqCzuyrF1J7NFzKx9Z6Kh7MUiKbfwj7iQ/y3D3TDkef6H8+g+mOciyGc4dubEI
aoLQEoyTW8GRoGSsrTL/uO7Dr6YzicMPg0csh3rMWcIeAgdfHxWQ1iZuujSdb8DT
bIPnR/l0Vmc6V+UWOWxSZ6/fVHvfUFewZxqjTfKMGDq1eMtgv4ylN7rfv4RfAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUaAWIydKDKvBtJsSgyuUZY2kdlbkwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzQzNTJlMzEzNDM4MmUzMTMz
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtlIswDQYJKoZIhvcNAQELBQADggEBAAdbHLbzoFEn6Huhbg71cgJ+F2SHuYZ9
DgSuDCy4Aj11LZ1O+G6lNhYG8QajusrgeXhx/BTYf/NG8ouXOjeDqEYbRI1kp5O2
AGcn9MRgBjQfFTwmq0bZzbgB0btrcw6RO7H/ssFDN1qrkrz+dI4Mzl08YT1XYdve
/bAfHh529i5VHNedxEwPqulC0/ntN+HyBR3mNpA4mt1sZuW4TJb9cVwM7ucIhzP7
JJBGtOGnmoBCMADZoRLZgQfY0dsQePCJJLDfusGz5wlUZ1WfZNKpKWiu5/tHR8/k
FmylIOjkl8E2Yvqt5Rtvs9YrTst+IScbla1Gxh+WwlLFtj30i2ZZlBw=
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:44:10 2024 by rpki-client on console-fra.rpki-client.org