Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3134382e3139342e302f32342d3234203d3e20313938303930.roa
File: 34352e3134382e3139342e302f32342d3234203d3e20313938303930.roa (raw, json)
Hash identifier: K9ufwhbtBD6Z9xuU47/ipPBAib7Hxda3aC/airovM0o=
Subject key identifier: 44:1C:71:3D:70:1E:BE:3E:6B:7F:CD:6F:29:DE:7C:C4:03:D1:DE:F0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 25D97453E86D172FBD4F54BA21F7C31006FB1BED
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3134382e3139342e302f32342d3234203d3e20313938303930.roa
Signing time: Thu 01 Aug 2024 15:04:31 +0000
ROA not before: Thu 01 Aug 2024 14:59:31 +0000
ROA not after: Thu 31 Jul 2025 15:04:31 +0000
asID: 198090
IP address blocks: 45.148.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:d9:74:53:e8:6d:17:2f:bd:4f:54:ba:21:f7:c3:10:06:fb:1b:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 1 14:59:31 2024 GMT
Not After : Jul 31 15:04:31 2025 GMT
Subject: CN=441C713D701EBE3E6B7FCD6F29DE7CC403D1DEF0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6f:46:87:76:79:e4:6a:27:cc:97:c2:24:50:
03:5f:94:cc:92:06:3b:d3:2d:84:52:38:78:05:36:
ea:fc:6d:4a:15:6c:81:48:9e:8d:0e:bf:3a:6f:a6:
98:b3:b5:7e:87:66:1c:19:2b:40:ef:25:c8:af:66:
40:5e:02:00:51:99:ea:bb:cc:70:8d:ab:31:16:07:
0e:65:1e:1f:2c:d1:20:80:ae:d7:34:1b:7c:7c:eb:
37:6d:a4:16:6a:3f:4c:c8:7a:6a:26:d4:a5:2d:6d:
90:f6:75:72:7a:3f:5e:10:3d:6e:b9:4f:54:24:81:
5a:61:cc:2c:10:5f:37:8a:9f:2d:a1:57:cb:0d:9b:
b6:85:4e:92:cb:49:6a:26:1c:9c:96:ca:b8:8f:43:
37:70:16:47:1f:0c:a9:32:03:9d:c3:6a:de:61:36:
e0:b1:dd:bd:26:87:53:a7:5e:1c:fd:4c:b0:b3:fe:
b2:c7:dc:3d:82:2f:84:c6:07:14:22:d1:d6:ca:19:
f1:d7:a1:7c:bd:81:c0:b5:44:68:fb:ba:fb:c5:fb:
1f:92:8e:07:ac:b8:bc:92:bc:60:e5:f7:db:2c:9c:
47:ad:15:01:e1:d5:fa:b9:7f:e1:18:d1:26:30:22:
66:5c:f4:20:99:68:fe:87:ca:21:a7:26:5c:a8:85:
d2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:1C:71:3D:70:1E:BE:3E:6B:7F:CD:6F:29:DE:7C:C4:03:D1:DE:F0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3134382e3139342e302f32342d3234203d3e20313938303930.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.194.0/24
Signature Algorithm: sha256WithRSAEncryption
26:94:54:ae:a6:d0:ef:27:3d:56:55:19:7d:8b:cb:50:72:c4:
db:ba:58:78:71:31:d4:b0:72:19:e0:cc:b3:2c:0f:9c:7a:25:
18:2a:65:08:9b:81:c6:1b:1f:d5:70:23:41:4a:ff:5f:2a:b6:
50:af:87:2b:5f:e2:ad:fb:2f:d2:af:ae:12:70:e4:57:de:7e:
11:6a:2e:c2:32:ed:98:49:2b:bb:43:0d:a0:1c:13:d2:dd:4e:
9d:7d:04:01:bd:02:86:ec:74:25:95:1e:c1:d0:f3:0c:35:6e:
37:67:28:8f:6c:a5:65:8b:99:31:20:cc:5b:02:0e:91:d4:19:
92:20:d1:04:e1:30:b6:fa:71:55:88:58:63:ef:3b:9d:06:1d:
f6:3e:7a:49:f4:00:ce:4a:00:54:27:53:10:96:e2:26:10:99:
45:b9:b5:65:85:ac:0a:ff:62:80:ca:5d:64:cb:75:8d:05:f9:
e5:05:18:55:a0:d5:83:c7:49:e9:24:60:3d:4a:a8:79:24:ba:
8b:c8:d4:2c:78:aa:6a:71:9d:22:a1:48:48:0f:21:1b:f1:5c:
15:e4:cd:2a:65:b0:af:2e:91:21:4f:12:2a:13:58:48:16:21:
78:57:03:93:ee:5a:0f:f5:e1:a2:1a:14:f3:25:7c:cc:9d:b9:
e3:fd:b0:b6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJdl0U+htFy+9T1S6IffDEAb7G+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA4MDExNDU5MzFaFw0yNTA3MzExNTA0MzFaMDMxMTAvBgNV
BAMTKDQ0MUM3MTNENzAxRUJFM0U2QjdGQ0Q2RjI5REU3Q0M0MDNEMURFRjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdb0aHdnnkaifMl8IkUANflMyS
BjvTLYRSOHgFNur8bUoVbIFIno0OvzpvppiztX6HZhwZK0DvJcivZkBeAgBRmeq7
zHCNqzEWBw5lHh8s0SCArtc0G3x86zdtpBZqP0zIemom1KUtbZD2dXJ6P14QPW65
T1QkgVphzCwQXzeKny2hV8sNm7aFTpLLSWomHJyWyriPQzdwFkcfDKkyA53Dat5h
NuCx3b0mh1OnXhz9TLCz/rLH3D2CL4TGBxQi0dbKGfHXoXy9gcC1RGj7uvvF+x+S
jgesuLySvGDl99ssnEetFQHh1fq5f+EY0SYwImZc9CCZaP6HyiGnJlyohdLbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQURBxxPXAevj5rf81vKd58xAPR3vAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzNDM4MmUzMTM5
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzMDM5MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtlMIwDQYJKoZIhvcNAQELBQADggEBACaUVK6m0O8nPVZVGX2Ly1ByxNu6WHhx
MdSwchngzLMsD5x6JRgqZQibgcYbH9VwI0FK/18qtlCvhytf4q37L9KvrhJw5Ffe
fhFqLsIy7ZhJK7tDDaAcE9LdTp19BAG9AobsdCWVHsHQ8ww1bjdnKI9spWWLmTEg
zFsCDpHUGZIg0QThMLb6cVWIWGPvO50GHfY+ekn0AM5KAFQnUxCW4iYQmUW5tWWF
rAr/YoDKXWTLdY0F+eUFGFWg1YPHSekkYD1KqHkkuovI1Cx4qmpxnSKhSEgPIRvx
XBXkzSplsK8ukSFPEioTWEgWIXhXA5PuWg/14aIaFPMlfMydueP9sLY=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:58 2024 by rpki-client on console-fra.rpki-client.org