Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133342e3139312e302f32342d3234203d3e20313336373837.roa
File: 34352e3133342e3139312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: DiXeYRSfCjyIN3jcnLPNZW9r2tFTQe6EK0jspDHnD1g=
Subject key identifier: 92:EE:F2:55:D4:7E:40:DC:1D:F7:1C:DD:28:35:0D:20:E1:7C:4B:B2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 52A0393C00A525835414E8B5203CBFC96626530C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133342e3139312e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 19:44:38 +0000
ROA not before: Fri 27 Dec 2024 19:39:38 +0000
ROA not after: Fri 26 Dec 2025 19:44:38 +0000
asID: 136787
IP address blocks: 45.134.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:a0:39:3c:00:a5:25:83:54:14:e8:b5:20:3c:bf:c9:66:26:53:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 27 19:39:38 2024 GMT
Not After : Dec 26 19:44:38 2025 GMT
Subject: CN=92EEF255D47E40DC1DF71CDD28350D20E17C4BB2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d8:8d:8c:4e:e2:aa:f8:75:49:5a:69:10:39:
13:3f:09:93:73:0c:57:94:74:78:28:80:2e:ae:f5:
1f:7f:e6:95:69:c0:b8:bf:63:22:d5:52:9e:25:57:
09:4b:15:b7:8c:e0:04:7a:1d:55:f9:24:0a:b6:37:
56:26:c7:63:79:fc:ea:0e:af:2d:64:7a:cb:b4:12:
e9:a8:d7:64:a5:4f:8e:9e:70:1f:e5:14:34:db:aa:
db:0d:e4:01:cf:e1:85:00:8c:4a:59:ab:06:49:bc:
d3:1f:78:13:ba:60:45:04:9f:c7:3a:72:df:e5:8d:
36:b9:2e:99:9b:98:b7:7d:2c:29:72:04:80:8d:db:
17:cd:c1:56:8d:b1:b5:0d:83:6f:a8:16:65:33:20:
4f:37:df:aa:0a:57:15:04:40:8f:52:be:8b:41:d5:
80:c5:82:03:5e:99:5c:8e:0b:58:e6:76:89:27:06:
2d:b9:38:b1:1f:a3:a0:fb:d4:f2:af:cc:af:fa:d9:
bf:a0:0a:b5:76:1f:06:d6:d9:3f:2a:87:1a:c7:84:
9c:56:eb:82:8f:a7:f5:34:eb:a6:f7:c7:82:e7:26:
0b:e0:30:a3:f8:ee:b4:c2:be:2f:83:f8:dc:7c:5a:
c8:97:77:d6:a7:b9:df:85:0b:31:8a:de:ef:b2:87:
3a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:EE:F2:55:D4:7E:40:DC:1D:F7:1C:DD:28:35:0D:20:E1:7C:4B:B2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133342e3139312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.191.0/24
Signature Algorithm: sha256WithRSAEncryption
24:14:83:ac:d5:f5:97:f3:19:c0:fe:36:0a:a5:59:43:a1:a0:
e4:54:0f:30:de:23:48:ea:47:fa:b1:28:f9:69:c0:ac:1a:be:
42:08:8f:32:f6:ec:6a:c8:e3:2b:89:cb:f1:fa:16:81:9f:46:
df:ce:a1:97:f2:92:8c:52:26:65:c1:58:b0:c5:68:18:0b:3a:
52:de:0c:8b:62:bc:b8:80:72:c9:34:38:e7:0b:9a:4b:8d:19:
1d:21:0a:8e:e6:ee:dc:fb:5f:ec:e0:c3:0b:8e:03:8e:9c:6a:
7d:96:4d:bc:8d:a1:7c:62:b7:ab:e3:00:9a:fa:df:24:dc:37:
1c:1e:78:b4:f4:d1:f7:e2:f2:f2:c1:70:53:95:9d:e8:7c:6d:
c1:8c:31:f3:10:13:e6:2b:ab:86:7d:2f:d1:c6:10:cb:8a:71:
67:e8:aa:3a:53:ef:96:be:1c:71:d3:bd:eb:5d:c5:30:4f:e3:
16:93:78:40:87:f0:f2:47:fe:1c:f3:cf:6c:96:33:01:9a:9e:
20:81:31:a0:b4:8d:28:b1:9c:f1:44:33:fa:31:57:7c:50:6c:
cf:fb:cf:09:a4:0a:74:bc:fc:ee:66:b3:68:fc:60:29:5b:9c:
cf:8b:b1:ea:e0:7a:bd:34:b1:66:b5:6e:d7:d5:a5:04:9d:c6:
ca:cc:b4:52
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUqA5PAClJYNUFOi1IDy/yWYmUwwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMjcxOTM5MzhaFw0yNTEyMjYxOTQ0MzhaMDMxMTAvBgNV
BAMTKDkyRUVGMjU1RDQ3RTQwREMxREY3MUNERDI4MzUwRDIwRTE3QzRCQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN2I2MTuKq+HVJWmkQORM/CZNz
DFeUdHgogC6u9R9/5pVpwLi/YyLVUp4lVwlLFbeM4AR6HVX5JAq2N1Ymx2N5/OoO
ry1kesu0Eumo12SlT46ecB/lFDTbqtsN5AHP4YUAjEpZqwZJvNMfeBO6YEUEn8c6
ct/ljTa5LpmbmLd9LClyBICN2xfNwVaNsbUNg2+oFmUzIE8336oKVxUEQI9SvotB
1YDFggNemVyOC1jmdoknBi25OLEfo6D71PKvzK/62b+gCrV2HwbW2T8qhxrHhJxW
64KPp/U066b3x4LnJgvgMKP47rTCvi+D+Nx8WsiXd9anud+FCzGK3u+yhzopAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUku7yVdR+QNwd9xzdKDUNIOF8S7IwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzMzM0MmUzMTM5
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAthr8wDQYJKoZIhvcNAQELBQADggEBACQUg6zV9ZfzGcD+NgqlWUOhoORUDzDe
I0jqR/qxKPlpwKwavkIIjzL27GrI4yuJy/H6FoGfRt/OoZfykoxSJmXBWLDFaBgL
OlLeDItivLiAcsk0OOcLmkuNGR0hCo7m7tz7X+zgwwuOA46can2WTbyNoXxit6vj
AJr63yTcNxweeLT00ffi8vLBcFOVneh8bcGMMfMQE+Yrq4Z9L9HGEMuKcWfoqjpT
75a+HHHTvetdxTBP4xaTeECH8PJH/hzzz2yWMwGaniCBMaC0jSixnPFEM/oxV3xQ
bM/7zwmkCnS8/O5ms2j8YClbnM+Lserger00sWa1btfVpQSdxsrMtFI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:13:10 2025 by rpki-client