Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31342e3139332e302f32342d3234203d3e20323037313337.roa
File: 34352e31342e3139332e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: CKnCBPtC/X2e5HTH5Hx5WSY03sXESvBhG07c+dCAE4k=
Subject key identifier: 7A:F5:0B:C4:EC:9B:87:9F:65:34:90:35:DE:EA:8C:C1:2B:4B:33:B6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 200F6E08D040A7C80F87FADF7275FC9AFF39AB7E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31342e3139332e302f32342d3234203d3e20323037313337.roa
Signing time: Wed 28 Aug 2024 14:04:43 +0000
ROA not before: Wed 28 Aug 2024 13:59:43 +0000
ROA not after: Wed 27 Aug 2025 14:04:43 +0000
asID: 207137
IP address blocks: 45.14.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:0f:6e:08:d0:40:a7:c8:0f:87:fa:df:72:75:fc:9a:ff:39:ab:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 28 13:59:43 2024 GMT
Not After : Aug 27 14:04:43 2025 GMT
Subject: CN=7AF50BC4EC9B879F65349035DEEA8CC12B4B33B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a4:b8:f7:b7:7e:d6:ad:a2:d4:b2:6e:b6:f7:
d8:da:37:ee:d6:7d:6b:4e:87:ac:05:e3:35:f4:90:
c5:f5:9d:72:c1:f4:26:f4:91:a0:64:ff:73:34:0f:
10:c1:86:33:1f:a4:36:d7:c3:07:ce:6d:b3:85:3a:
5d:cf:c3:57:a6:d4:05:93:4b:8b:42:13:a9:c2:5f:
92:16:93:cc:62:73:a9:ac:be:8c:cb:76:d1:99:43:
f8:fc:6c:39:d0:eb:b4:8f:45:5d:6a:a1:10:34:2b:
c7:26:d4:0c:70:b1:fe:03:c8:ee:09:36:a6:c9:32:
17:0d:52:2d:9f:af:22:91:6e:e9:c1:a8:36:93:9a:
e3:ab:33:4e:ba:e8:4d:15:e8:21:29:7e:28:30:bc:
70:2a:f0:9b:f1:fe:fe:38:c9:c4:af:65:d9:b4:af:
7d:ce:ec:f6:a1:fb:9b:91:b5:ee:d3:b9:91:c6:b7:
71:87:ea:f5:ab:79:fb:ab:65:a6:0f:2c:6e:c5:b3:
ef:6d:52:8c:23:66:98:7c:0e:8a:d9:52:d5:e9:a5:
43:f0:50:fc:97:34:e0:bb:ab:ab:81:8c:70:25:5e:
b0:31:da:73:30:de:0c:4d:3f:b8:1d:cf:4f:60:98:
0a:4d:3d:5d:9e:d9:d6:45:0b:08:a5:a6:2f:e6:a4:
d4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:F5:0B:C4:EC:9B:87:9F:65:34:90:35:DE:EA:8C:C1:2B:4B:33:B6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31342e3139332e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.193.0/24
Signature Algorithm: sha256WithRSAEncryption
59:50:c8:c0:46:58:2b:97:86:6b:5f:c3:14:eb:34:63:1d:2c:
5b:bb:86:70:26:c3:24:c7:61:14:5e:17:31:a5:67:2c:14:75:
b9:51:fe:c0:6d:ab:1c:1e:ca:c9:5d:e4:89:d1:22:cc:cf:b3:
f0:b4:29:9f:a1:94:6c:02:a0:19:a8:5b:01:be:2f:65:49:80:
01:86:44:ba:9c:ff:50:32:00:44:0b:7d:74:67:7e:37:9e:c7:
52:50:78:0d:79:6b:74:bb:5b:19:c1:5f:0d:78:f6:9d:a4:07:
44:15:50:67:c1:bf:95:41:3f:e7:40:61:94:0c:20:fd:64:30:
6c:6c:36:0d:95:1b:71:29:11:30:98:63:d5:25:a2:35:99:b9:
5a:55:b7:25:b8:34:23:bd:2a:ff:ce:89:d5:b2:46:bc:3f:5f:
e9:8e:19:9b:06:3c:f1:df:e0:62:55:ad:bc:04:76:72:84:43:
3a:51:c9:4f:d7:70:2e:fb:9b:32:f3:48:50:cc:a9:00:18:63:
0e:45:f8:a6:c6:d5:74:fa:42:86:c2:17:9a:f7:e4:3a:1f:13:
bb:e6:c7:41:27:32:f8:e1:00:02:37:87:80:27:ac:38:b1:fe:
4e:71:a3:10:7a:47:3d:51:43:af:c3:a8:50:06:3f:3a:b0:de:
2c:44:58:d6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIA9uCNBAp8gPh/rfcnX8mv85q34wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA4MjgxMzU5NDNaFw0yNTA4MjcxNDA0NDNaMDMxMTAvBgNV
BAMTKDdBRjUwQkM0RUM5Qjg3OUY2NTM0OTAzNURFRUE4Q0MxMkI0QjMzQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUpLj3t37WraLUsm6299jaN+7W
fWtOh6wF4zX0kMX1nXLB9Cb0kaBk/3M0DxDBhjMfpDbXwwfObbOFOl3Pw1em1AWT
S4tCE6nCX5IWk8xic6msvozLdtGZQ/j8bDnQ67SPRV1qoRA0K8cm1Axwsf4DyO4J
NqbJMhcNUi2fryKRbunBqDaTmuOrM0666E0V6CEpfigwvHAq8Jvx/v44ycSvZdm0
r33O7Pah+5uRte7TuZHGt3GH6vWrefurZaYPLG7Fs+9tUowjZph8DorZUtXppUPw
UPyXNOC7q6uBjHAlXrAx2nMw3gxNP7gdz09gmApNPV2e2dZFCwilpi/mpNQjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUevULxOybh59lNJA13uqMwStLM7YwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzNDJlMzEzOTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM3MzEzMzM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LQ7BMA0GCSqGSIb3DQEBCwUAA4IBAQBZUMjARlgrl4ZrX8MU6zRjHSxbu4ZwJsMk
x2EUXhcxpWcsFHW5Uf7AbascHsrJXeSJ0SLMz7PwtCmfoZRsAqAZqFsBvi9lSYAB
hkS6nP9QMgBEC310Z343nsdSUHgNeWt0u1sZwV8NePadpAdEFVBnwb+VQT/nQGGU
DCD9ZDBsbDYNlRtxKREwmGPVJaI1mblaVbcluDQjvSr/zonVska8P1/pjhmbBjzx
3+BiVa28BHZyhEM6UclP13Au+5sy80hQzKkAGGMORfimxtV0+kKGwhea9+Q6HxO7
5sdBJzL44QACN4eAJ6w4sf5OcaMQekc9UUOvw6hQBj86sN4sRFjW
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:58 2024 by rpki-client on console-fra.rpki-client.org