Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133382e3230342e302f32322d3234203d3e20323033303631.roa
File: 34352e3133382e3230342e302f32322d3234203d3e20323033303631.roa (raw, json)
Hash identifier: n8eP9mHHbhKgXolrdX51AHjBsprF+4Z9nyUwosqh+ow=
Subject key identifier: 09:F0:34:72:65:25:A1:2C:A4:A4:EC:31:29:00:E6:2F:6D:A1:DF:C8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 36BBDEB2147B927DC78FC9D9179709553B7EECDB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133382e3230342e302f32322d3234203d3e20323033303631.roa
Signing time: Wed 28 Aug 2024 14:04:44 +0000
ROA not before: Wed 28 Aug 2024 13:59:44 +0000
ROA not after: Wed 27 Aug 2025 14:04:44 +0000
asID: 203061
IP address blocks: 45.138.204.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:bb:de:b2:14:7b:92:7d:c7:8f:c9:d9:17:97:09:55:3b:7e:ec:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 28 13:59:44 2024 GMT
Not After : Aug 27 14:04:44 2025 GMT
Subject: CN=09F034726525A12CA4A4EC312900E62F6DA1DFC8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b3:51:91:23:fe:be:b1:01:ff:ba:df:9e:37:
f3:dd:ad:b5:22:15:25:35:2e:c2:22:57:2c:cc:66:
93:48:2d:e4:c3:96:0d:8b:e7:1b:9b:bb:af:fa:8b:
c0:1d:49:cd:e0:ec:c9:59:c1:e6:da:5d:0e:a0:34:
1b:31:5c:68:41:fc:95:0e:91:93:37:44:0b:54:9d:
77:22:5d:8b:cf:f7:23:d3:47:85:c2:b1:45:9f:90:
ca:f3:6b:f6:e0:d9:46:fd:fc:44:e5:15:2d:1b:57:
26:2f:17:12:43:f6:98:bd:a9:bc:d8:70:b3:97:b1:
74:e8:3d:26:5c:60:76:2c:18:93:fe:09:36:5b:52:
88:4f:9c:5d:a5:65:ef:e6:37:36:3a:b7:d2:84:55:
08:a6:c8:81:fb:74:93:0b:59:8d:d7:aa:85:87:a9:
05:86:ba:5e:9d:fa:88:27:fc:a2:b8:7a:3a:f7:62:
47:c5:f6:22:4f:44:5c:db:19:a2:81:93:3e:97:75:
0b:27:9b:89:7d:b3:ec:68:92:f0:0a:07:0c:68:f8:
15:f6:08:87:89:0c:69:e2:45:79:9e:af:e8:49:cc:
c5:1e:00:5b:f9:7c:59:15:e0:75:71:8c:90:b1:91:
28:87:6e:df:6d:44:81:96:af:74:13:73:07:38:dd:
2e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:F0:34:72:65:25:A1:2C:A4:A4:EC:31:29:00:E6:2F:6D:A1:DF:C8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133382e3230342e302f32322d3234203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.204.0/22
Signature Algorithm: sha256WithRSAEncryption
49:ea:51:d3:ed:c3:3d:bd:3e:70:6f:14:c1:ed:b1:c7:7a:c1:
c9:2d:91:66:e4:7e:15:84:7d:55:30:a8:75:cf:46:48:78:2d:
09:53:9e:9d:cd:9a:57:f4:dd:5a:f1:89:64:8c:d5:1a:81:6d:
5c:bb:a9:61:35:41:08:da:2d:85:71:9e:17:87:a1:e8:2c:9e:
dd:b2:9b:be:d9:07:d8:1a:19:3d:da:c4:62:50:8d:c3:45:39:
6b:13:eb:97:c1:b1:25:af:88:75:82:dd:5b:ab:48:4a:ad:39:
d5:8b:44:49:d1:22:7a:30:0b:a7:c7:18:43:7e:ff:33:5c:59:
e9:01:ef:78:fa:5d:95:80:65:a1:26:3a:54:e7:9a:cb:a1:44:
67:a0:e2:3e:13:4c:65:2c:cb:af:bf:b4:1d:71:ff:eb:1d:75:
3d:cd:3e:ba:3d:d5:ec:b9:c2:c7:af:d6:45:3a:de:d1:20:a5:
c8:2f:f1:00:0c:1e:2d:1a:c7:53:c7:93:91:01:4d:ed:9c:c8:
7a:2a:87:6b:80:00:38:ae:b5:ba:8e:29:3d:e2:e5:2a:91:ad:
d5:4b:10:b4:7b:b7:58:a1:1a:9f:b5:2e:f9:1e:4d:ec:cf:e6:
7a:b9:c9:11:1b:6a:1d:94:d7:c0:31:aa:d0:1b:b7:19:e6:00:
f3:a3:e5:b3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNrveshR7kn3Hj8nZF5cJVTt+7NswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA4MjgxMzU5NDRaFw0yNTA4MjcxNDA0NDRaMDMxMTAvBgNV
BAMTKDA5RjAzNDcyNjUyNUExMkNBNEE0RUMzMTI5MDBFNjJGNkRBMURGQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJs1GRI/6+sQH/ut+eN/PdrbUi
FSU1LsIiVyzMZpNILeTDlg2L5xubu6/6i8AdSc3g7MlZwebaXQ6gNBsxXGhB/JUO
kZM3RAtUnXciXYvP9yPTR4XCsUWfkMrza/bg2Ub9/ETlFS0bVyYvFxJD9pi9qbzY
cLOXsXToPSZcYHYsGJP+CTZbUohPnF2lZe/mNzY6t9KEVQimyIH7dJMLWY3XqoWH
qQWGul6d+ogn/KK4ejr3YkfF9iJPRFzbGaKBkz6XdQsnm4l9s+xokvAKBwxo+BX2
CIeJDGniRXmer+hJzMUeAFv5fFkV4HVxjJCxkSiHbt9tRIGWr3QTcwc43S4vAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUCfA0cmUloSykpOwxKQDmL22h38gwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzMzM4MmUzMjMw
MzQyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMwMzMzMDM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAItiswwDQYJKoZIhvcNAQELBQADggEBAEnqUdPtwz29PnBvFMHtscd6wcktkWbk
fhWEfVUwqHXPRkh4LQlTnp3Nmlf03VrxiWSM1RqBbVy7qWE1QQjaLYVxnheHoegs
nt2ym77ZB9gaGT3axGJQjcNFOWsT65fBsSWviHWC3VurSEqtOdWLREnRInowC6fH
GEN+/zNcWekB73j6XZWAZaEmOlTnmsuhRGeg4j4TTGUsy6+/tB1x/+sddT3NPro9
1ey5wsev1kU63tEgpcgv8QAMHi0ax1PHk5EBTe2cyHoqh2uAADiutbqOKT3i5SqR
rdVLELR7t1ihGp+1LvkeTezP5nq5yREbah2U18AxqtAbtxnmAPOj5bM=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:14 2024 by rpki-client on console-ams.rpki-client.org