Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133342e3139302e302f32342d3234203d3e20313336373837.roa
File: 34352e3133342e3139302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: F20l10dcu0bj6gZVpfxtc49F0/mcxbd5T11ViS5fQ2s=
Subject key identifier: AA:94:79:51:FC:C5:50:61:10:43:9D:5B:44:16:FE:C5:CB:4E:6E:EA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3ED4812268B62D3BD60995E247D23417328EFEA5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133342e3139302e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 19:44:38 +0000
ROA not before: Fri 27 Dec 2024 19:39:38 +0000
ROA not after: Fri 26 Dec 2025 19:44:38 +0000
asID: 136787
IP address blocks: 45.134.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:d4:81:22:68:b6:2d:3b:d6:09:95:e2:47:d2:34:17:32:8e:fe:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 27 19:39:38 2024 GMT
Not After : Dec 26 19:44:38 2025 GMT
Subject: CN=AA947951FCC5506110439D5B4416FEC5CB4E6EEA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:c2:3b:77:86:14:e7:44:fe:83:c7:ad:03:78:
36:9a:b4:78:16:c9:bd:25:d6:f3:a2:0e:47:2d:6d:
14:a2:ae:5c:b1:be:5e:65:59:b1:5d:a5:56:00:c9:
9f:1e:8c:60:c1:1b:6f:d2:10:ec:39:ac:85:02:31:
b6:50:d8:24:d0:ce:b9:31:e0:a8:c0:b8:35:4b:50:
40:b0:52:50:90:fd:2d:68:95:f3:7e:e6:46:9c:06:
16:c2:ca:95:13:99:48:db:8a:91:2b:2b:a5:5d:39:
06:34:e5:29:bd:e2:d4:0b:63:1e:a5:af:62:f5:90:
9a:8f:b7:35:84:ea:b7:8e:76:36:f0:ea:3c:5c:1a:
c8:67:2e:06:27:f0:31:69:f0:4a:5e:ed:48:13:d4:
c4:8e:e3:a0:be:f9:8d:41:7a:a0:7b:3c:ae:c3:fa:
e0:37:d7:b6:0f:56:bf:95:2c:a0:dd:5b:e0:57:b9:
54:36:7c:92:69:fb:44:6d:23:51:54:a2:37:13:c3:
9d:cc:69:0d:32:2d:7f:5b:69:1f:74:26:a7:d4:27:
c0:c3:fa:41:ef:55:a9:5f:f5:ca:73:ac:71:e5:72:
d5:66:a1:1c:e7:fe:03:b2:11:29:db:95:14:04:db:
b0:8c:d9:f1:e8:dc:a4:d9:f9:be:b8:3e:52:6a:65:
fb:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:94:79:51:FC:C5:50:61:10:43:9D:5B:44:16:FE:C5:CB:4E:6E:EA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133342e3139302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.190.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:c3:42:0f:46:d8:47:e0:f1:e1:21:b3:c8:03:50:6f:ab:d4:
45:95:64:9b:41:82:f0:18:77:0c:5b:a2:a9:90:b4:32:a5:40:
92:f1:a2:e9:1d:f9:8c:52:44:79:4d:ac:4e:4f:4b:72:3a:ab:
d7:80:5e:1e:72:56:a9:19:88:12:8e:b5:32:fa:63:2e:05:00:
c4:0a:57:80:89:8f:5c:c0:4a:38:43:df:55:b2:ef:33:0d:be:
75:a2:7e:b1:cf:64:df:b2:3d:a9:2b:38:b0:ad:78:b5:4f:76:
ea:ed:05:fb:84:08:61:51:8c:f2:39:8b:7f:bf:29:32:f6:44:
39:60:3a:14:3c:fc:92:62:08:d3:c7:10:f9:fd:61:d7:45:87:
d2:e9:b4:e4:36:f8:40:ae:62:d0:b2:76:69:c2:81:0b:8b:bb:
21:5b:34:76:e5:43:1c:2a:29:09:aa:62:b7:d2:a3:43:fc:83:
10:d2:55:a6:ae:56:df:3f:c7:60:3e:3b:ea:82:6f:7f:f7:91:
94:13:bc:b1:44:ad:eb:7e:86:67:c0:54:7b:bb:9b:0e:d9:4f:
3b:f3:21:84:52:d0:e2:5f:4e:5b:ca:25:6b:79:8e:e4:03:82:
44:f2:97:3c:c2:45:71:15:53:17:fc:1a:38:c1:48:3a:e2:16:
0d:82:5a:ed
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPtSBImi2LTvWCZXiR9I0FzKO/qUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMjcxOTM5MzhaFw0yNTEyMjYxOTQ0MzhaMDMxMTAvBgNV
BAMTKEFBOTQ3OTUxRkNDNTUwNjExMDQzOUQ1QjQ0MTZGRUM1Q0I0RTZFRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD4wjt3hhTnRP6Dx60DeDaatHgW
yb0l1vOiDkctbRSirlyxvl5lWbFdpVYAyZ8ejGDBG2/SEOw5rIUCMbZQ2CTQzrkx
4KjAuDVLUECwUlCQ/S1olfN+5kacBhbCypUTmUjbipErK6VdOQY05Sm94tQLYx6l
r2L1kJqPtzWE6reOdjbw6jxcGshnLgYn8DFp8Epe7UgT1MSO46C++Y1BeqB7PK7D
+uA317YPVr+VLKDdW+BXuVQ2fJJp+0RtI1FUojcTw53MaQ0yLX9baR90JqfUJ8DD
+kHvValf9cpzrHHlctVmoRzn/gOyESnblRQE27CM2fHo3KTZ+b64PlJqZfv5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUqpR5UfzFUGEQQ51bRBb+xctObuowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzMzM0MmUzMTM5
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAthr4wDQYJKoZIhvcNAQELBQADggEBAI7DQg9G2Efg8eEhs8gDUG+r1EWVZJtB
gvAYdwxboqmQtDKlQJLxoukd+YxSRHlNrE5PS3I6q9eAXh5yVqkZiBKOtTL6Yy4F
AMQKV4CJj1zASjhD31Wy7zMNvnWifrHPZN+yPakrOLCteLVPdurtBfuECGFRjPI5
i3+/KTL2RDlgOhQ8/JJiCNPHEPn9YddFh9LptOQ2+ECuYtCydmnCgQuLuyFbNHbl
QxwqKQmqYrfSo0P8gxDSVaauVt8/x2A+O+qCb3/3kZQTvLFEret+hmfAVHu7mw7Z
TzvzIYRS0OJfTlvKJWt5juQDgkTylzzCRXEVUxf8GjjBSDriFg2CWu0=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:22:28 2025 by rpki-client