Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133382e3230342e302f32322d3234203d3e20323033303631.roa
File: 34352e3133382e3230342e302f32322d3234203d3e20323033303631.roa (raw, json)
Hash identifier: AmVzqHM2hl5NUirPrM0VNat4qOu4giWW8ab9ohDEilM=
Subject key identifier: D4:55:81:C0:36:D8:B7:E2:E0:D3:D6:80:EE:5F:3C:45:11:AB:7A:66
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 07FDA78C76017D0B4B0C699333D91090999BB1D0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133382e3230342e302f32322d3234203d3e20323033303631.roa
Signing time: Wed 27 Sep 2023 13:40:11 +0000
ROA not before: Wed 27 Sep 2023 13:35:11 +0000
ROA not after: Wed 25 Sep 2024 13:40:11 +0000
asID: 203061
IP address blocks: 45.138.204.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:fd:a7:8c:76:01:7d:0b:4b:0c:69:93:33:d9:10:90:99:9b:b1:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 27 13:35:11 2023 GMT
Not After : Sep 25 13:40:11 2024 GMT
Subject: CN=D45581C036D8B7E2E0D3D680EE5F3C4511AB7A66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7f:c2:94:f5:49:12:f6:b5:71:6e:ac:b0:2f:
6e:2a:b9:19:43:9c:28:c4:4d:ff:4d:48:08:14:27:
d4:1c:43:98:98:6c:64:8f:14:94:91:78:67:1a:b0:
35:8d:d2:c8:23:74:80:1a:6d:7d:24:2f:ea:df:ac:
2a:3e:ca:28:99:b8:91:0a:db:df:63:ae:f1:46:5c:
20:73:3c:86:1f:35:4d:36:d8:8e:97:23:fb:4b:44:
29:bc:a3:3f:1d:e4:cc:37:f4:21:a6:a3:d9:ad:3a:
46:bb:82:6d:87:f2:e9:38:f6:1e:53:23:6a:db:64:
78:08:f0:9a:76:9a:59:77:47:7c:19:07:12:f9:d9:
db:f6:a8:3b:d5:78:8c:5f:f2:24:3b:a3:2e:a5:be:
1b:9d:b8:3e:c8:c3:2e:6e:2d:92:66:c4:5c:86:19:
64:5b:fc:79:b8:2b:7a:ac:37:9b:31:ea:4d:45:87:
d3:6c:4c:d9:8e:9c:d3:41:f9:cf:27:63:ba:ac:11:
c4:3d:3f:39:ed:4e:cf:7b:17:e1:b3:56:47:50:86:
36:f1:c2:46:6e:5f:40:d1:98:d6:af:b4:94:4f:4e:
eb:77:de:ac:87:dc:61:58:de:d7:46:16:b3:79:49:
c0:83:25:36:44:b0:26:fa:fb:d0:f8:42:f7:b5:12:
69:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:55:81:C0:36:D8:B7:E2:E0:D3:D6:80:EE:5F:3C:45:11:AB:7A:66
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133382e3230342e302f32322d3234203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.204.0/22
Signature Algorithm: sha256WithRSAEncryption
03:20:29:08:c6:92:ef:7f:a1:3a:16:1c:42:41:c3:d9:21:87:
f9:36:68:e4:66:b4:69:c1:49:f2:68:89:0f:6a:fa:f5:e1:2e:
4f:3d:8f:ce:0f:a1:5e:e4:2f:b8:ab:d2:94:1d:d0:7e:76:4b:
d0:4a:cc:06:26:f8:00:4e:c1:cf:a5:6c:6b:fa:3d:9d:03:91:
d2:50:34:18:b6:1c:81:6e:d7:87:99:b9:b9:78:c6:ac:66:be:
2c:39:46:6c:65:4e:73:b5:e9:df:54:87:44:fa:01:c9:48:1e:
d3:b9:8b:e2:6f:0e:91:bc:c0:a5:a9:90:d9:62:c7:72:7b:26:
4d:27:cf:c0:1c:68:cc:e3:4c:71:2d:9f:2c:f5:ee:5e:f2:ed:
0c:8d:c0:44:9d:4c:75:55:ba:ba:9e:bc:8a:0c:c5:38:63:6b:
80:d3:f9:29:c3:82:bc:e4:2c:e0:3d:72:29:5c:42:01:9b:cf:
1f:6d:8d:ed:6a:0d:1d:ba:b5:ad:77:8d:ab:63:e5:90:fd:36:
df:09:88:a0:a4:67:65:de:e2:da:a2:97:48:f5:04:8a:1f:08:
6f:7f:a0:11:2e:0a:fb:bf:5a:00:8c:d3:e8:d7:18:89:01:b7:
32:37:d4:39:c7:4e:bf:a0:09:79:98:78:34:98:a0:87:a2:4c:
52:87:a3:ed
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUB/2njHYBfQtLDGmTM9kQkJmbsdAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA5MjcxMzM1MTFaFw0yNDA5MjUxMzQwMTFaMDMxMTAvBgNV
BAMTKEQ0NTU4MUMwMzZEOEI3RTJFMEQzRDY4MEVFNUYzQzQ1MTFBQjdBNjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCff8KU9UkS9rVxbqywL24quRlD
nCjETf9NSAgUJ9QcQ5iYbGSPFJSReGcasDWN0sgjdIAabX0kL+rfrCo+yiiZuJEK
299jrvFGXCBzPIYfNU022I6XI/tLRCm8oz8d5Mw39CGmo9mtOka7gm2H8uk49h5T
I2rbZHgI8Jp2mll3R3wZBxL52dv2qDvVeIxf8iQ7oy6lvhuduD7Iwy5uLZJmxFyG
GWRb/Hm4K3qsN5sx6k1Fh9NsTNmOnNNB+c8nY7qsEcQ9PzntTs97F+GzVkdQhjbx
wkZuX0DRmNavtJRPTut33qyH3GFY3tdGFrN5ScCDJTZEsCb6+9D4Qve1EmkBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU1FWBwDbYt+Lg09aA7l88RRGremYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzMzM4MmUzMjMw
MzQyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMwMzMzMDM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAItiswwDQYJKoZIhvcNAQELBQADggEBAAMgKQjGku9/oToWHEJBw9khh/k2aORm
tGnBSfJoiQ9q+vXhLk89j84PoV7kL7ir0pQd0H52S9BKzAYm+ABOwc+lbGv6PZ0D
kdJQNBi2HIFu14eZubl4xqxmviw5RmxlTnO16d9Uh0T6AclIHtO5i+JvDpG8wKWp
kNlix3J7Jk0nz8AcaMzjTHEtnyz17l7y7QyNwESdTHVVurqevIoMxThja4DT+SnD
grzkLOA9cilcQgGbzx9tje1qDR26ta13jatj5ZD9Nt8JiKCkZ2Xe4tqil0j1BIof
CG9/oBEuCvu/WgCM0+jXGIkBtzI31DnHTr+gCXmYeDSYoIeiTFKHo+0=
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:50 2024 by rpki-client on console-ams.rpki-client.org