Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31302e3231322e302f32322d3234203d3e20323031333431.roa
File: 34352e31302e3231322e302f32322d3234203d3e20323031333431.roa (raw, json)
Hash identifier: XF2dDorECh4Q28r0HiMqbyPHvU0SX13ngC2RnC3EROM=
Subject key identifier: 1C:78:36:34:90:8E:37:50:29:BB:36:B2:6F:13:1D:D6:99:14:7E:11
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 184889C055EA154312EFC1AD551457219B1F2598
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31302e3231322e302f32322d3234203d3e20323031333431.roa
Signing time: Wed 01 May 2024 12:03:33 +0000
ROA not before: Wed 01 May 2024 11:58:33 +0000
ROA not after: Wed 30 Apr 2025 12:03:33 +0000
asID: 201341
IP address blocks: 45.10.212.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:48:89:c0:55:ea:15:43:12:ef:c1:ad:55:14:57:21:9b:1f:25:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 1 11:58:33 2024 GMT
Not After : Apr 30 12:03:33 2025 GMT
Subject: CN=1C783634908E375029BB36B26F131DD699147E11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:5a:71:35:89:42:5d:f8:fa:25:da:6c:60:61:
71:46:6d:1f:fc:a3:4d:cd:f5:a7:88:a7:e7:08:8b:
89:a5:f6:92:33:08:d8:1c:b1:de:ea:45:d1:46:b5:
be:71:3d:16:bf:26:22:04:e0:4a:00:5a:ae:b5:d9:
6c:be:d0:a8:a3:61:34:b0:aa:2f:2f:52:08:df:b3:
e1:bb:48:ed:61:e3:1f:34:8e:e2:2f:f9:d4:36:82:
99:9b:64:99:42:fa:5b:29:8b:26:d4:6b:bd:48:e2:
ef:16:d6:66:3d:bf:a4:7d:4c:ee:0b:2d:27:f9:7c:
9d:04:18:48:10:d0:1c:fc:ce:40:b2:a2:ba:c8:6b:
4d:91:33:3b:8f:4b:79:ff:43:50:85:fc:c1:28:0e:
19:04:c4:d8:f6:2b:4a:ca:00:f6:e2:d3:6a:a5:b9:
74:64:68:25:aa:16:ae:11:88:a1:a0:e6:a1:3f:da:
f2:b9:f1:e8:3e:f2:3e:58:e9:61:3d:95:2a:f2:5c:
db:40:b3:bf:26:a0:64:3f:d7:b8:e5:61:11:f0:78:
2f:95:d1:f3:63:24:06:e2:98:2a:85:0b:b0:94:a9:
67:a8:b8:fb:16:57:64:08:fb:67:fa:c2:1a:d0:88:
05:5f:8e:84:47:ec:b9:67:05:58:42:4b:83:d8:7f:
41:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:78:36:34:90:8E:37:50:29:BB:36:B2:6F:13:1D:D6:99:14:7E:11
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31302e3231322e302f32322d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.212.0/22
Signature Algorithm: sha256WithRSAEncryption
28:65:b8:b1:b0:52:b7:6b:a3:c9:47:3b:54:29:87:94:5d:dc:
ee:9f:1c:c3:fc:ec:89:22:ca:2f:33:7f:79:7e:5d:0c:bc:db:
de:ed:b4:a5:97:17:11:c4:db:4c:44:c8:29:b0:52:f6:d8:73:
b4:6a:2f:d1:9c:df:03:43:ae:10:3d:d6:a0:f9:38:13:34:3b:
db:e8:d3:1a:1c:91:78:20:3e:d3:6d:66:6d:9e:06:74:f2:94:
3b:5c:b6:ae:dd:b4:81:1e:ee:31:ab:db:5e:ae:9d:eb:59:71:
aa:2d:4d:92:38:56:21:31:cd:a4:a4:69:f7:5d:f7:cc:36:f9:
b9:c9:0b:fe:65:98:44:27:88:02:c2:0d:c4:2b:1a:59:c9:37:
6e:d1:4a:57:4a:ed:60:fe:50:cd:a3:2a:52:5a:f9:5e:f5:17:
1c:05:86:45:53:0b:9a:e4:20:db:b7:2a:c0:3c:01:80:22:4e:
ca:a2:c8:a7:46:c4:ca:ed:a3:bd:90:d6:00:71:e9:a1:ef:0f:
9c:c0:cf:86:6c:12:a8:57:6f:79:d7:54:ed:30:49:34:58:61:
f5:19:8b:26:23:a2:d9:0d:25:97:81:34:94:30:db:cc:75:0d:
ab:58:6c:bf:d7:6b:e3:83:e5:bc:76:01:66:9f:37:11:e2:5b:
ad:71:83:74
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGEiJwFXqFUMS78GtVRRXIZsfJZgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MDExMTU4MzNaFw0yNTA0MzAxMjAzMzNaMDMxMTAvBgNV
BAMTKDFDNzgzNjM0OTA4RTM3NTAyOUJCMzZCMjZGMTMxREQ2OTkxNDdFMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiWnE1iUJd+Pol2mxgYXFGbR/8
o03N9aeIp+cIi4ml9pIzCNgcsd7qRdFGtb5xPRa/JiIE4EoAWq612Wy+0KijYTSw
qi8vUgjfs+G7SO1h4x80juIv+dQ2gpmbZJlC+lspiybUa71I4u8W1mY9v6R9TO4L
LSf5fJ0EGEgQ0Bz8zkCyorrIa02RMzuPS3n/Q1CF/MEoDhkExNj2K0rKAPbi02ql
uXRkaCWqFq4RiKGg5qE/2vK58eg+8j5Y6WE9lSryXNtAs78moGQ/17jlYRHweC+V
0fNjJAbimCqFC7CUqWeouPsWV2QI+2f6whrQiAVfjoRH7LlnBVhCS4PYf0E3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUHHg2NJCON1ApuzaybxMd1pkUfhEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzMDJlMzIzMTMy
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzMDMxMzMzNDMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
LQrUMA0GCSqGSIb3DQEBCwUAA4IBAQAoZbixsFK3a6PJRztUKYeUXdzunxzD/OyJ
IsovM395fl0MvNve7bSllxcRxNtMRMgpsFL22HO0ai/RnN8DQ64QPdag+TgTNDvb
6NMaHJF4ID7TbWZtngZ08pQ7XLau3bSBHu4xq9terp3rWXGqLU2SOFYhMc2kpGn3
XffMNvm5yQv+ZZhEJ4gCwg3EKxpZyTdu0UpXSu1g/lDNoypSWvle9RccBYZFUwua
5CDbtyrAPAGAIk7KosinRsTK7aO9kNYAcemh7w+cwM+GbBKoV29511TtMEk0WGH1
GYsmI6LZDSWXgTSUMNvMdQ2rWGy/12vjg+W8dgFmnzcR4lutcYN0
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:16 2024 by rpki-client on console-fra.rpki-client.org