Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133322e37322e302f32342d3234203d3e203633343733.roa
File: 34352e3133322e37322e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: 6ACwNviETjKDbK4zraH6f0yxiGswplh12FOrJbZmhNI=
Subject key identifier: 0E:08:69:89:D0:2F:A5:94:32:9F:12:73:8F:13:BA:8E:FB:C1:EE:75
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7E057AE4B5AE9A896E5D806B4A837F31242CD601
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133322e37322e302f32342d3234203d3e203633343733.roa
Signing time: Mon 04 Dec 2023 09:27:30 +0000
ROA not before: Mon 04 Dec 2023 09:22:30 +0000
ROA not after: Mon 02 Dec 2024 09:27:30 +0000
asID: 63473
IP address blocks: 45.132.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:05:7a:e4:b5:ae:9a:89:6e:5d:80:6b:4a:83:7f:31:24:2c:d6:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 4 09:22:30 2023 GMT
Not After : Dec 2 09:27:30 2024 GMT
Subject: CN=0E086989D02FA594329F12738F13BA8EFBC1EE75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:dd:62:08:57:42:c2:5a:60:ae:c4:1c:72:9d:
d5:2f:f6:d6:01:9b:27:77:be:d7:cf:ec:db:45:bd:
35:4d:e5:0b:80:28:40:bd:b5:47:31:92:b5:ad:13:
da:7b:b0:12:ef:62:bb:02:62:dd:7d:47:1b:d1:9b:
04:00:0d:99:0b:a5:b6:93:02:6b:d9:d8:a8:a1:24:
6f:10:85:92:03:bf:18:c7:85:6a:1a:63:c1:56:9a:
04:95:6b:62:0c:a0:74:07:09:5b:a9:92:9d:92:57:
2c:9d:ce:98:e0:6e:4a:ef:62:90:f6:ef:8d:68:df:
c0:34:6a:49:fd:2f:d2:00:ef:2d:4c:e6:d0:ea:ad:
bb:4c:70:83:19:42:0f:3e:9a:77:69:28:83:41:9d:
80:db:41:e5:70:54:6f:f3:bc:8e:ea:dc:20:67:78:
b5:64:7c:bf:ec:26:e2:cf:dc:b6:1c:39:87:56:57:
d5:ad:0c:e0:6e:cf:c8:08:7b:7d:89:6b:ce:9a:9a:
af:5b:4c:d1:5e:cf:ca:2a:b6:a3:38:6a:c0:8a:7d:
a4:f5:8a:e5:f3:88:ef:db:02:39:8b:45:9e:f3:86:
c2:52:34:2e:66:78:16:c0:f6:37:02:1d:0b:48:86:
d4:4d:0b:7d:94:8f:1d:55:18:2d:0e:ca:e0:da:9b:
c5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:08:69:89:D0:2F:A5:94:32:9F:12:73:8F:13:BA:8E:FB:C1:EE:75
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133322e37322e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.72.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:3b:5e:6e:ec:ca:b5:d9:9e:d7:99:86:e1:d3:d4:cd:c6:bf:
9f:72:c8:6f:5d:da:76:7e:c8:b0:6c:ab:50:3f:0a:1c:8c:f6:
cb:64:4c:68:df:99:d2:86:ec:09:c4:9a:94:1c:f4:be:62:a6:
4f:73:b9:0e:6e:12:a1:0f:96:8a:d8:e9:35:06:86:6e:cb:d1:
82:0b:8b:52:48:eb:dd:87:67:f6:63:0f:98:2a:96:4c:b7:a2:
9e:3f:bf:9b:73:8d:8c:d6:ff:5e:3c:e8:8d:79:90:3d:38:cd:
3c:01:5b:1e:4f:75:ff:59:f2:f2:21:6a:16:3d:6e:70:0f:01:
ba:dd:79:1b:5b:d4:2f:07:19:55:56:f5:62:b3:b3:ec:34:c4:
1b:0d:06:8d:b5:c7:d9:c6:ca:a9:18:cf:95:19:d6:de:95:11:
dc:ef:63:ec:bb:6c:2f:80:64:1d:39:28:03:bb:1e:12:41:72:
44:23:fe:e6:40:d3:be:46:46:3f:4b:ce:7c:b8:41:d1:88:e1:
8b:61:c4:b3:21:2e:2c:e4:c0:16:97:dd:58:c6:c8:f2:4d:ba:
d6:1d:b0:f7:47:95:c8:dd:c2:8f:ff:01:ad:73:e3:aa:9d:27:
4e:fe:20:22:fa:06:c2:84:32:43:75:8d:98:8f:f8:60:2b:67:
cf:cf:23:8c
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUfgV65LWumoluXYBrSoN/MSQs1gEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEyMDQwOTIyMzBaFw0yNDEyMDIwOTI3MzBaMDMxMTAvBgNV
BAMTKDBFMDg2OTg5RDAyRkE1OTQzMjlGMTI3MzhGMTNCQThFRkJDMUVFNzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDs3WIIV0LCWmCuxBxyndUv9tYB
myd3vtfP7NtFvTVN5QuAKEC9tUcxkrWtE9p7sBLvYrsCYt19RxvRmwQADZkLpbaT
AmvZ2KihJG8QhZIDvxjHhWoaY8FWmgSVa2IMoHQHCVupkp2SVyydzpjgbkrvYpD2
741o38A0akn9L9IA7y1M5tDqrbtMcIMZQg8+mndpKINBnYDbQeVwVG/zvI7q3CBn
eLVkfL/sJuLP3LYcOYdWV9WtDOBuz8gIe32Ja86amq9bTNFez8oqtqM4asCKfaT1
iuXziO/bAjmLRZ7zhsJSNC5meBbA9jcCHQtIhtRNC32Ujx1VGC0OyuDam8UXAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUDghpidAvpZQynxJzjxO6jvvB7nUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzMzMyMmUzNzMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMzM0MzczMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2E
SDANBgkqhkiG9w0BAQsFAAOCAQEAoTtebuzKtdme15mG4dPUzca/n3LIb13adn7I
sGyrUD8KHIz2y2RMaN+Z0obsCcSalBz0vmKmT3O5Dm4SoQ+WitjpNQaGbsvRgguL
Ukjr3Ydn9mMPmCqWTLeinj+/m3ONjNb/XjzojXmQPTjNPAFbHk91/1ny8iFqFj1u
cA8But15G1vULwcZVVb1YrOz7DTEGw0GjbXH2cbKqRjPlRnW3pUR3O9j7LtsL4Bk
HTkoA7seEkFyRCP+5kDTvkZGP0vOfLhB0Yjhi2HEsyEuLOTAFpfdWMbI8k261h2w
90eVyN3Cj/8BrXPjqp0nTv4gIvoGwoQyQ3WNmI/4YCtnz88jjA==
-----END CERTIFICATE-----
Generated at Tue May 21 21:12:36 2024 by rpki-client on console-fra.rpki-client.org