Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3134382e3139342e302f32342d3234203d3e20313938303930.roa
File: 34352e3134382e3139342e302f32342d3234203d3e20313938303930.roa (raw, json)
Hash identifier: XIaPuLYaIhu4W7nBdu+HSToZaSllJrVVtN5II1mtT10=
Subject key identifier: 00:2F:91:B4:56:E5:78:D5:12:50:2A:F8:1A:23:93:0E:15:E2:83:7A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 466302C805270EDA7BFFFA5C3EA44AB76AB67F85
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3134382e3139342e302f32342d3234203d3e20313938303930.roa
Signing time: Thu 31 Aug 2023 14:08:14 +0000
ROA not before: Thu 31 Aug 2023 14:03:14 +0000
ROA not after: Thu 29 Aug 2024 14:08:14 +0000
asID: 198090
IP address blocks: 45.148.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:63:02:c8:05:27:0e:da:7b:ff:fa:5c:3e:a4:4a:b7:6a:b6:7f:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 31 14:03:14 2023 GMT
Not After : Aug 29 14:08:14 2024 GMT
Subject: CN=002F91B456E578D512502AF81A23930E15E2837A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:46:f3:84:6f:22:61:85:ea:a2:55:38:fb:2a:
dd:98:c3:17:5a:8a:2e:c9:05:7b:2c:6e:2c:c3:00:
16:1b:97:7e:e7:9d:b5:db:b4:e9:12:40:e1:63:e7:
47:63:ea:72:19:30:7e:6f:2e:ba:6f:0d:73:56:e4:
bf:dc:c7:03:25:b5:8c:6d:52:48:35:9b:b7:30:d7:
ff:7a:56:39:bf:12:7b:40:bd:5f:20:c8:e6:6c:c2:
ca:f6:e8:56:0d:57:5d:2e:1c:ac:3d:6e:66:07:17:
b4:03:2f:a0:3c:0a:42:2f:55:0a:bf:f2:31:8b:23:
f0:16:a2:1c:42:5e:49:4e:24:e7:d2:0b:19:99:82:
6d:86:72:25:34:80:1a:c2:c8:00:a4:db:0a:cb:b9:
ba:57:d0:55:89:34:60:d1:5d:3b:92:4e:9c:29:67:
0c:08:3f:cf:f4:5a:99:2f:a5:a6:63:7e:b0:6f:f3:
c7:38:c9:c9:c9:8d:f9:b9:92:7f:74:15:1d:66:2e:
2a:f5:96:65:8b:1e:93:41:10:8a:8c:0d:16:4c:d8:
86:0e:c4:77:62:22:92:0c:0c:c6:cd:77:9d:a2:64:
c2:fe:a7:04:a4:56:69:9d:ec:8c:e9:d1:87:48:d6:
00:f3:87:5d:ed:d7:bc:43:8b:98:95:e3:05:5b:c6:
46:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:2F:91:B4:56:E5:78:D5:12:50:2A:F8:1A:23:93:0E:15:E2:83:7A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3134382e3139342e302f32342d3234203d3e20313938303930.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.194.0/24
Signature Algorithm: sha256WithRSAEncryption
45:26:82:ee:0b:22:63:aa:42:c4:37:a5:0a:92:5a:c5:7c:50:
5e:5e:a1:2e:48:d5:a5:40:31:54:17:fd:c4:9a:fb:9a:87:d0:
35:16:7b:57:f3:7c:f1:92:46:5f:f7:2c:83:4a:cb:54:cc:96:
07:03:4e:99:78:4f:83:31:16:84:c9:f7:0e:3b:0d:27:57:59:
89:63:f3:c8:8d:39:a4:23:21:3b:49:27:1b:17:39:00:52:ee:
c7:36:2d:42:84:6e:6b:99:6f:c5:2f:e4:b3:ba:cc:a3:f0:af:
84:16:23:93:0e:cf:73:d0:d4:c0:99:87:d0:e5:c0:ce:76:70:
22:e5:2d:fd:2b:02:89:99:7d:fe:3a:ca:0c:53:6a:d3:2d:b3:
de:8c:25:79:5a:c2:1f:20:8b:32:b3:05:cc:89:b3:6f:23:7e:
3c:84:dd:86:7b:d8:c3:e8:68:ac:72:a7:ca:07:67:88:8a:e0:
97:4a:7f:07:bd:f8:8e:0d:56:5d:4f:7d:65:04:05:08:d1:4d:
e0:31:85:80:bf:bf:65:7b:31:52:ab:26:33:ca:db:7b:79:fe:
1d:41:10:72:6d:af:ae:6e:0e:43:db:3a:57:00:15:d7:ed:b6:
5d:af:b2:f9:8e:1a:d3:dd:21:4f:70:85:c6:fe:7a:29:0a:13:
ff:d9:b1:ea
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURmMCyAUnDtp7//pcPqRKt2q2f4UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA4MzExNDAzMTRaFw0yNDA4MjkxNDA4MTRaMDMxMTAvBgNV
BAMTKDAwMkY5MUI0NTZFNTc4RDUxMjUwMkFGODFBMjM5MzBFMTVFMjgzN0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4RvOEbyJhheqiVTj7Kt2Ywxda
ii7JBXssbizDABYbl37nnbXbtOkSQOFj50dj6nIZMH5vLrpvDXNW5L/cxwMltYxt
Ukg1m7cw1/96Vjm/EntAvV8gyOZswsr26FYNV10uHKw9bmYHF7QDL6A8CkIvVQq/
8jGLI/AWohxCXklOJOfSCxmZgm2GciU0gBrCyACk2wrLubpX0FWJNGDRXTuSTpwp
ZwwIP8/0WpkvpaZjfrBv88c4ycnJjfm5kn90FR1mLir1lmWLHpNBEIqMDRZM2IYO
xHdiIpIMDMbNd52iZML+pwSkVmmd7Izp0YdI1gDzh13t17xDi5iV4wVbxkbDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUAC+RtFbleNUSUCr4GiOTDhXig3owHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzNDM4MmUzMTM5
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzMDM5MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtlMIwDQYJKoZIhvcNAQELBQADggEBAEUmgu4LImOqQsQ3pQqSWsV8UF5eoS5I
1aVAMVQX/cSa+5qH0DUWe1fzfPGSRl/3LINKy1TMlgcDTpl4T4MxFoTJ9w47DSdX
WYlj88iNOaQjITtJJxsXOQBS7sc2LUKEbmuZb8Uv5LO6zKPwr4QWI5MOz3PQ1MCZ
h9DlwM52cCLlLf0rAomZff46ygxTatMts96MJXlawh8gizKzBcyJs28jfjyE3YZ7
2MPoaKxyp8oHZ4iK4JdKfwe9+I4NVl1PfWUEBQjRTeAxhYC/v2V7MVKrJjPK23t5
/h1BEHJtr65uDkPbOlcAFdfttl2vsvmOGtPdIU9whcb+eikKE//Zseo=
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:45 2024 by rpki-client on console-fra.rpki-client.org