Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31342e3139352e302f32342d3234203d3e20313431303339.roa
File: 34352e31342e3139352e302f32342d3234203d3e20313431303339.roa (raw, json)
Hash identifier: aivWp1+NEkb1kdnhYaunYd0Q9itizwqjthP7La0YzX0=
Subject key identifier: 7D:3F:7F:7E:E7:1D:32:6B:DB:4B:5C:9A:0B:40:11:C0:91:6D:37:7E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6642E10C7C16ED3A3076F9A83AD5A18E9C30B747
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31342e3139352e302f32342d3234203d3e20313431303339.roa
Signing time: Wed 27 Sep 2023 13:40:10 +0000
ROA not before: Wed 27 Sep 2023 13:35:10 +0000
ROA not after: Wed 25 Sep 2024 13:40:10 +0000
asID: 141039
IP address blocks: 45.14.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:42:e1:0c:7c:16:ed:3a:30:76:f9:a8:3a:d5:a1:8e:9c:30:b7:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 27 13:35:10 2023 GMT
Not After : Sep 25 13:40:10 2024 GMT
Subject: CN=7D3F7F7EE71D326BDB4B5C9A0B4011C0916D377E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9a:bc:b5:8b:5c:a9:35:f8:d2:88:bf:20:90:
6a:6b:67:49:b5:d7:f6:44:6c:f1:59:f0:72:02:46:
c5:0d:13:e4:92:ce:b6:d1:05:de:3f:20:f2:a3:d4:
d9:c8:e2:2b:7e:12:2d:07:6d:69:b4:0e:22:5e:fc:
e7:d5:61:7a:b7:0d:f4:7d:7a:93:15:04:b2:65:01:
e4:d9:ff:ef:1d:5c:bb:00:e6:4e:53:4a:ab:86:59:
e3:2b:a7:65:38:f1:74:42:f8:5d:d3:2a:b0:30:d0:
86:1c:ac:6e:de:30:ba:cc:cc:db:ed:76:c2:5c:f8:
7a:6d:d7:cb:00:30:27:d7:87:16:7b:b9:5d:bc:d2:
c8:72:4c:68:c4:62:f5:a9:cb:7b:5b:40:ba:73:34:
54:c2:ba:41:7d:e7:27:82:53:44:4f:2c:c0:72:dd:
2b:d0:c3:44:76:20:ed:38:f6:54:db:c7:09:28:5c:
5d:7a:8e:f6:41:16:90:49:7e:56:64:1f:06:a3:ee:
a5:34:e6:37:02:4c:cf:34:53:3c:cb:30:16:bd:f6:
cf:e7:a2:75:53:ae:49:d1:12:09:a9:0c:32:6a:f3:
25:a3:67:dd:d0:f8:70:55:a4:83:dd:e9:41:8a:9f:
15:20:67:29:8c:70:c6:7c:a6:bf:17:05:52:2a:aa:
0f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:3F:7F:7E:E7:1D:32:6B:DB:4B:5C:9A:0B:40:11:C0:91:6D:37:7E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31342e3139352e302f32342d3234203d3e20313431303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.195.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:b8:c7:6f:3d:4a:13:07:d3:d6:af:ba:4f:a0:d1:27:40:6d:
91:af:09:37:4c:91:87:fa:1a:e0:bc:88:86:f7:cb:33:f0:6c:
6c:9c:f2:fb:50:a4:97:7a:20:0a:d0:1a:f3:c8:af:03:5a:d1:
26:a5:1d:91:41:2e:0a:e5:4a:dc:95:03:d0:34:1f:7c:94:b6:
d5:43:b4:87:c7:cd:00:a2:47:1d:e9:1a:f8:fe:a3:b9:09:8b:
36:cf:6b:b1:5b:b2:94:a4:0b:00:df:6a:75:83:1d:ce:73:cf:
7f:33:92:7a:ab:fc:dc:68:00:76:bd:12:5f:fa:40:6e:1b:16:
ee:01:46:14:33:0b:88:24:f1:f2:6d:98:e8:f0:9a:46:7a:ac:
b0:76:ed:6f:82:fe:bd:96:06:8c:08:b2:0d:04:17:70:81:4c:
db:9e:10:25:95:3f:e8:ec:cb:9c:96:9c:30:05:13:d0:03:36:
9a:ba:03:0b:99:3f:da:1b:13:78:36:30:2a:79:85:40:51:f5:
db:9b:89:4b:5f:67:9b:95:8c:5b:03:c1:07:65:b2:83:c3:9f:
80:28:4f:1c:41:c6:08:70:1e:0a:83:91:9a:8b:70:d0:66:91:
e0:ec:74:4b:19:5a:27:b2:f4:d7:18:e5:0b:f0:7f:5a:6e:a7:
b5:03:00:21
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZkLhDHwW7TowdvmoOtWhjpwwt0cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA5MjcxMzM1MTBaFw0yNDA5MjUxMzQwMTBaMDMxMTAvBgNV
BAMTKDdEM0Y3RjdFRTcxRDMyNkJEQjRCNUM5QTBCNDAxMUMwOTE2RDM3N0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClmry1i1ypNfjSiL8gkGprZ0m1
1/ZEbPFZ8HICRsUNE+SSzrbRBd4/IPKj1NnI4it+Ei0HbWm0DiJe/OfVYXq3DfR9
epMVBLJlAeTZ/+8dXLsA5k5TSquGWeMrp2U48XRC+F3TKrAw0IYcrG7eMLrMzNvt
dsJc+Hpt18sAMCfXhxZ7uV280shyTGjEYvWpy3tbQLpzNFTCukF95yeCU0RPLMBy
3SvQw0R2IO049lTbxwkoXF16jvZBFpBJflZkHwaj7qU05jcCTM80UzzLMBa99s/n
onVTrknREgmpDDJq8yWjZ93Q+HBVpIPd6UGKnxUgZymMcMZ8pr8XBVIqqg8xAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUfT9/fucdMmvbS1yaC0ARwJFtN34wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzNDJlMzEzOTM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDMxMzAzMzM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LQ7DMA0GCSqGSIb3DQEBCwUAA4IBAQBvuMdvPUoTB9PWr7pPoNEnQG2Rrwk3TJGH
+hrgvIiG98sz8GxsnPL7UKSXeiAK0BrzyK8DWtEmpR2RQS4K5UrclQPQNB98lLbV
Q7SHx80Aokcd6Rr4/qO5CYs2z2uxW7KUpAsA32p1gx3Oc89/M5J6q/zcaAB2vRJf
+kBuGxbuAUYUMwuIJPHybZjo8JpGeqywdu1vgv69lgaMCLINBBdwgUzbnhAllT/o
7MuclpwwBRPQAzaaugMLmT/aGxN4NjAqeYVAUfXbm4lLX2eblYxbA8EHZbKDw5+A
KE8cQcYIcB4Kg5Gai3DQZpHg7HRLGVonsvTXGOUL8H9abqe1AwAh
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:50 2024 by rpki-client on console-ams.rpki-client.org