Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31342e3139352e302f32342d3234203d3e20313431303339.roa
File: 34352e31342e3139352e302f32342d3234203d3e20313431303339.roa (raw, json)
Hash identifier: m6zHEhro64HIZ+gILu3Z4/f/1nV76/1UcFWjqfhT0Hs=
Subject key identifier: 0A:38:7C:DB:5A:60:70:A7:E2:A7:C2:96:75:B5:50:3D:9C:EF:A6:EB
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 38F556A45B255BBD290BD7C13A265297AD52B53F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31342e3139352e302f32342d3234203d3e20313431303339.roa
Signing time: Wed 28 Aug 2024 14:04:44 +0000
ROA not before: Wed 28 Aug 2024 13:59:44 +0000
ROA not after: Wed 27 Aug 2025 14:04:44 +0000
asID: 141039
IP address blocks: 45.14.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:f5:56:a4:5b:25:5b:bd:29:0b:d7:c1:3a:26:52:97:ad:52:b5:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 28 13:59:44 2024 GMT
Not After : Aug 27 14:04:44 2025 GMT
Subject: CN=0A387CDB5A6070A7E2A7C29675B5503D9CEFA6EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c1:1b:1a:ff:64:ec:e1:48:63:86:50:b4:d6:
ef:19:0b:3b:7e:4b:d0:e2:af:88:d7:c1:3e:8d:a2:
c2:1e:b4:2e:19:a1:71:c3:09:78:46:37:7a:d9:8c:
b4:6f:4e:cd:d6:97:39:30:76:4d:1e:8e:9b:d6:51:
75:4b:86:b9:c3:0c:49:c6:e9:51:66:89:9d:99:3c:
e8:34:90:2a:8e:d5:de:72:8f:6c:77:fb:2b:e9:54:
73:49:ad:49:f1:4e:9a:60:3d:b7:c6:63:0e:28:f4:
14:43:51:d0:8b:b6:f2:47:5f:f2:55:a8:1d:db:bd:
42:8a:42:eb:34:a7:5b:f8:62:11:be:5c:ed:7e:96:
78:f7:db:16:af:60:0f:81:f3:47:dc:ff:27:ec:2f:
d8:48:0f:c9:82:e8:97:ff:30:88:ae:5c:51:f4:24:
70:19:2a:67:c9:ef:93:0f:aa:81:83:d0:74:2a:13:
ad:2f:8d:44:9d:11:81:0c:cb:bd:c3:18:49:c0:ab:
68:85:a0:55:91:c3:34:76:8a:24:34:38:eb:f9:95:
bb:ab:90:23:34:0a:d4:a1:11:33:53:6e:5e:b1:f2:
bc:73:fe:cb:2a:2c:24:26:d8:fd:50:65:97:b1:7b:
a4:13:f8:bc:17:1e:b8:3c:52:dc:6c:72:3c:6a:db:
0c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:38:7C:DB:5A:60:70:A7:E2:A7:C2:96:75:B5:50:3D:9C:EF:A6:EB
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31342e3139352e302f32342d3234203d3e20313431303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.195.0/24
Signature Algorithm: sha256WithRSAEncryption
80:24:38:3b:bb:5e:79:23:bd:b4:2a:b4:82:a1:29:83:28:c5:
97:ff:4c:ff:bf:d1:ad:c0:f4:f6:4f:d6:a5:0c:93:3e:24:05:
0d:a2:65:48:ed:62:db:0d:b2:0c:38:65:e8:65:d3:fd:df:09:
1c:6f:aa:6e:44:84:6c:85:a9:45:78:09:a1:b6:c1:2f:8e:21:
4c:b5:ab:77:8d:7a:eb:b6:f5:21:5a:23:18:fd:5c:e7:3c:65:
1a:e4:58:ad:8c:c5:aa:9b:2d:2c:b7:d0:18:a2:2a:fd:ad:34:
b5:9a:e6:85:94:07:1b:0e:fe:91:d1:9d:e4:ee:81:aa:78:1c:
56:15:2d:20:cc:db:99:55:ff:b0:bf:35:78:35:9e:23:f9:0e:
a7:da:ef:1c:63:3f:1d:61:96:6b:5e:96:70:3e:d9:fe:4f:ef:
0a:9f:29:4d:c7:20:84:3c:8f:ce:13:af:24:9d:91:eb:60:fe:
e8:12:24:cd:8e:e0:4a:7c:a0:ca:47:fb:c4:01:e3:53:6d:5d:
39:f4:50:36:a1:27:61:0a:89:b2:bb:ab:c9:0d:11:4e:d4:e4:
08:20:c8:61:bf:4e:d8:23:30:19:a3:0d:b2:6d:64:cb:1d:26:
f5:83:d3:1d:02:9e:64:f4:dd:7a:d4:d8:60:f9:a0:84:0a:c0:
72:0b:76:09
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOPVWpFslW70pC9fBOiZSl61StT8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA4MjgxMzU5NDRaFw0yNTA4MjcxNDA0NDRaMDMxMTAvBgNV
BAMTKDBBMzg3Q0RCNUE2MDcwQTdFMkE3QzI5Njc1QjU1MDNEOUNFRkE2RUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRwRsa/2Ts4UhjhlC01u8ZCzt+
S9Dir4jXwT6NosIetC4ZoXHDCXhGN3rZjLRvTs3Wlzkwdk0ejpvWUXVLhrnDDEnG
6VFmiZ2ZPOg0kCqO1d5yj2x3+yvpVHNJrUnxTppgPbfGYw4o9BRDUdCLtvJHX/JV
qB3bvUKKQus0p1v4YhG+XO1+lnj32xavYA+B80fc/yfsL9hID8mC6Jf/MIiuXFH0
JHAZKmfJ75MPqoGD0HQqE60vjUSdEYEMy73DGEnAq2iFoFWRwzR2iiQ0OOv5lbur
kCM0CtShETNTbl6x8rxz/ssqLCQm2P1QZZexe6QT+LwXHrg8Utxscjxq2wyPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUCjh821pgcKfip8KWdbVQPZzvpuswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzNDJlMzEzOTM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDMxMzAzMzM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LQ7DMA0GCSqGSIb3DQEBCwUAA4IBAQCAJDg7u155I720KrSCoSmDKMWX/0z/v9Gt
wPT2T9alDJM+JAUNomVI7WLbDbIMOGXoZdP93wkcb6puRIRshalFeAmhtsEvjiFM
tat3jXrrtvUhWiMY/VznPGUa5FitjMWqmy0st9AYoir9rTS1muaFlAcbDv6R0Z3k
7oGqeBxWFS0gzNuZVf+wvzV4NZ4j+Q6n2u8cYz8dYZZrXpZwPtn+T+8KnylNxyCE
PI/OE68knZHrYP7oEiTNjuBKfKDKR/vEAeNTbV059FA2oSdhComyu6vJDRFO1OQI
IMhhv07YIzAZow2ybWTLHSb1g9MdAp5k9N161Nhg+aCECsByC3YJ
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:58 2024 by rpki-client on console-fra.rpki-client.org