Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133342e3139312e302f32342d3234203d3e20313336373837.roa
File: 34352e3133342e3139312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: xduj7n7k+hrFPjUOCDHI3Q9IZ4abTMocTr8eef79yE4=
Subject key identifier: 5A:1A:BA:67:F1:53:17:67:F8:EF:BA:79:50:1A:62:46:74:8A:6B:BF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 49BF514CC8ED78484E97945527CAD6E349691A11
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133342e3139312e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 26 Jan 2024 19:02:10 +0000
ROA not before: Fri 26 Jan 2024 18:57:10 +0000
ROA not after: Fri 24 Jan 2025 19:02:10 +0000
asID: 136787
IP address blocks: 45.134.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:bf:51:4c:c8:ed:78:48:4e:97:94:55:27:ca:d6:e3:49:69:1a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 26 18:57:10 2024 GMT
Not After : Jan 24 19:02:10 2025 GMT
Subject: CN=5A1ABA67F1531767F8EFBA79501A6246748A6BBF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:22:95:e0:9b:6b:6c:3f:80:1f:89:0a:b0:44:
c5:c1:e7:51:c7:a9:99:cc:08:c2:ba:72:2b:8b:7e:
71:68:ad:ab:b5:6e:64:f9:0d:d0:29:7e:ac:c2:05:
de:fc:bb:51:5d:67:38:86:76:35:00:44:4c:7b:d8:
0f:7e:e9:b0:88:7b:0a:54:5a:a5:52:41:81:ea:34:
a4:7b:69:43:49:7e:f3:5e:25:5a:6b:a7:dd:33:a4:
d8:46:4c:46:04:4b:ef:df:3e:00:89:e0:13:1a:17:
7a:99:20:b5:73:f5:c5:43:40:9b:0d:bb:f8:83:28:
ce:be:d2:e7:15:ab:02:20:80:2e:b0:3b:f5:80:f3:
79:37:79:fa:49:cc:db:0a:76:f4:5e:df:05:dd:6b:
cc:25:89:44:c6:6d:86:21:df:e7:0e:e0:6d:fb:a6:
3b:51:59:e1:97:e9:b3:a8:42:32:d9:58:68:4b:4f:
81:54:24:b7:05:69:4b:6e:da:39:0b:dc:c1:ca:c9:
6a:31:7d:da:26:fb:95:43:05:7e:c4:88:66:f4:49:
a9:c5:af:f4:6b:f2:cc:1a:ac:74:d3:16:5c:4e:c0:
82:61:66:f3:99:69:65:03:c1:5c:78:26:b8:51:68:
d0:d2:f2:90:9f:8d:2d:ec:52:a5:c4:69:7a:c2:d1:
6c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:1A:BA:67:F1:53:17:67:F8:EF:BA:79:50:1A:62:46:74:8A:6B:BF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133342e3139312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.191.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:48:ea:f6:7f:de:d0:28:44:fa:79:e6:5e:ec:17:89:03:78:
a0:ee:04:eb:fb:6d:ff:fb:b5:ae:bd:b5:50:17:b4:5d:86:f6:
f7:9b:5b:4b:58:ba:9d:4c:29:0a:5a:04:22:57:d6:e5:07:e3:
0d:60:db:b5:de:68:1a:74:65:70:56:cb:df:49:5f:cd:ab:d2:
56:3f:24:70:3b:12:ac:80:b0:bc:18:49:a6:dd:22:5e:94:61:
cb:56:6f:34:25:80:28:1a:f1:7c:7d:76:08:3e:9f:dd:e5:49:
69:71:8e:9d:10:92:1d:2d:e2:de:07:d6:1c:15:f8:6d:71:90:
39:bb:4a:56:cb:84:6c:85:63:06:ac:5e:c0:3b:50:35:27:1c:
1a:c5:02:95:46:8c:c4:65:3f:16:34:a6:24:4f:3e:21:86:6e:
32:02:a8:22:eb:ac:aa:79:09:18:74:b3:5c:5b:5e:ec:01:69:
92:5c:51:58:d7:36:30:01:3a:20:0c:4f:a7:ae:82:4d:6d:b9:
f1:43:29:3b:67:43:ea:b4:a3:1c:77:30:52:09:d6:49:b7:33:
18:2d:a7:af:b3:4f:f0:a8:90:b8:cb:ef:dc:b2:fe:0e:ea:56:
38:24:97:cd:ad:c3:6a:f8:ca:a3:94:75:0a:b2:92:4f:b3:b2:
3b:6d:01:7c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSb9RTMjteEhOl5RVJ8rW40lpGhEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMjYxODU3MTBaFw0yNTAxMjQxOTAyMTBaMDMxMTAvBgNV
BAMTKDVBMUFCQTY3RjE1MzE3NjdGOEVGQkE3OTUwMUE2MjQ2NzQ4QTZCQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeIpXgm2tsP4AfiQqwRMXB51HH
qZnMCMK6ciuLfnForau1bmT5DdApfqzCBd78u1FdZziGdjUAREx72A9+6bCIewpU
WqVSQYHqNKR7aUNJfvNeJVprp90zpNhGTEYES+/fPgCJ4BMaF3qZILVz9cVDQJsN
u/iDKM6+0ucVqwIggC6wO/WA83k3efpJzNsKdvRe3wXda8wliUTGbYYh3+cO4G37
pjtRWeGX6bOoQjLZWGhLT4FUJLcFaUtu2jkL3MHKyWoxfdom+5VDBX7EiGb0SanF
r/Rr8swarHTTFlxOwIJhZvOZaWUDwVx4JrhRaNDS8pCfjS3sUqXEaXrC0Wy5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUWhq6Z/FTF2f477p5UBpiRnSKa78wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzMzM0MmUzMTM5
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAthr8wDQYJKoZIhvcNAQELBQADggEBAF9I6vZ/3tAoRPp55l7sF4kDeKDuBOv7
bf/7ta69tVAXtF2G9vebW0tYup1MKQpaBCJX1uUH4w1g27XeaBp0ZXBWy99JX82r
0lY/JHA7EqyAsLwYSabdIl6UYctWbzQlgCga8Xx9dgg+n93lSWlxjp0Qkh0t4t4H
1hwV+G1xkDm7SlbLhGyFYwasXsA7UDUnHBrFApVGjMRlPxY0piRPPiGGbjICqCLr
rKp5CRh0s1xbXuwBaZJcUVjXNjABOiAMT6eugk1tufFDKTtnQ+q0oxx3MFIJ1km3
Mxgtp6+zT/CokLjL79yy/g7qVjgkl82tw2r4yqOUdQqykk+zsjttAXw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:04 2024 by rpki-client on console-fra.rpki-client.org