Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e38302e33302e302f32342d3332203d3e203531313637.roa
File: 34352e38302e33302e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: 5Eyjybj6zyj71sA1DyXPcYIgbz6Q3q3W5RDs1MD6IVc=
Subject key identifier: 62:CA:62:69:F0:11:1C:FC:AB:39:16:2E:F3:A3:88:EC:C0:F2:CC:F1
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 23EDF6EA554F413FEA4467B56A7A9580D017B1AC
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e38302e33302e302f32342d3332203d3e203531313637.roa
Signing time: Wed 09 Oct 2024 11:48:15 +0000
ROA not before: Wed 09 Oct 2024 11:43:15 +0000
ROA not after: Wed 08 Oct 2025 11:48:15 +0000
asID: 51167
IP address blocks: 45.80.30.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:ed:f6:ea:55:4f:41:3f:ea:44:67:b5:6a:7a:95:80:d0:17:b1:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 9 11:43:15 2024 GMT
Not After : Oct 8 11:48:15 2025 GMT
Subject: CN=62CA6269F0111CFCAB39162EF3A388ECC0F2CCF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:53:f5:0b:2e:d2:88:5c:1e:37:e2:76:07:4e:
a8:62:2a:d0:6f:d6:8a:07:d9:e9:d2:83:6f:73:87:
f1:15:2e:36:2d:b6:44:22:30:28:6c:08:82:cf:ab:
cd:f1:8b:38:3a:af:77:96:f4:f5:1d:d4:b6:68:1e:
7e:0f:16:43:1c:41:9a:34:78:78:1c:4f:ea:e8:31:
0b:8f:3a:98:0d:ea:de:b9:16:ff:58:37:64:ee:1b:
4b:72:b8:12:25:21:38:66:65:d2:b0:46:2a:c1:bb:
5d:3d:f5:c4:d6:a2:ee:e1:bc:1b:f8:0b:68:ba:8d:
ff:1c:51:ff:f7:ce:99:42:a9:2d:f6:72:af:6f:8c:
24:19:06:7a:6a:4c:cf:d6:1c:33:ac:99:8f:48:ad:
ab:b9:36:74:40:5f:96:e5:46:dc:e0:9e:be:50:9b:
d2:0b:3f:b2:e7:8c:65:1d:8e:e3:26:8d:8d:1e:ec:
18:40:e8:11:f6:a4:35:7a:8e:24:89:61:0f:d5:89:
65:df:51:db:42:0a:e0:18:16:6d:b2:5c:71:06:cd:
1b:25:dd:51:bf:f0:bf:6c:1b:59:6c:e7:cd:a9:2c:
ca:3c:93:a7:dc:03:de:62:f0:ae:12:8c:8c:6f:bc:
c9:22:51:63:83:0b:5a:b2:93:3d:ba:9e:b1:1f:cb:
1c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:CA:62:69:F0:11:1C:FC:AB:39:16:2E:F3:A3:88:EC:C0:F2:CC:F1
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e38302e33302e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.30.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:5b:32:a4:9e:83:62:42:b0:92:cb:04:8b:ee:5e:9b:45:7d:
23:47:e1:22:76:39:8c:83:3e:61:3e:47:96:43:9e:fb:07:43:
1f:ab:fd:20:bd:0c:b5:47:aa:4d:91:c1:e8:7c:ac:38:ad:e1:
28:03:ed:d7:24:ea:83:06:85:dd:24:82:f8:a6:e2:2d:8a:ed:
61:c9:3a:ca:99:f2:77:f6:5d:ad:79:c6:54:1b:c7:c9:bb:e9:
80:eb:e1:08:2a:c3:25:63:d9:e3:00:03:c4:e8:f5:36:ab:7c:
a7:9a:36:8d:a4:bf:8b:95:1e:33:26:a2:84:7a:c0:c9:38:9f:
57:be:3f:5d:8f:08:11:a9:d4:52:65:79:ab:06:24:1c:20:f0:
9e:ad:80:33:11:82:ea:ea:d2:b3:0b:20:db:1e:c6:c4:81:e0:
9b:35:b3:dc:5a:5a:25:30:b0:f0:f7:70:a0:51:72:5a:67:f0:
72:03:10:95:d1:04:be:ff:43:a2:5e:d5:bf:cc:31:83:a2:83:
63:0a:10:35:9f:b9:68:83:d2:3e:0c:cc:85:b5:41:0f:09:77:
fe:30:b9:5d:96:4c:b5:dc:66:c0:1f:18:f5:8b:99:ea:13:d1:
e3:79:06:ca:28:0c:0a:fb:03:13:2e:d0:28:61:cb:fe:0a:17:
82:6e:d4:71
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUI+326lVPQT/qRGe1anqVgNAXsawwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMDkxMTQzMTVaFw0yNTEwMDgxMTQ4MTVaMDMxMTAvBgNV
BAMTKDYyQ0E2MjY5RjAxMTFDRkNBQjM5MTYyRUYzQTM4OEVDQzBGMkNDRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7U/ULLtKIXB434nYHTqhiKtBv
1ooH2enSg29zh/EVLjYttkQiMChsCILPq83xizg6r3eW9PUd1LZoHn4PFkMcQZo0
eHgcT+roMQuPOpgN6t65Fv9YN2TuG0tyuBIlIThmZdKwRirBu1099cTWou7hvBv4
C2i6jf8cUf/3zplCqS32cq9vjCQZBnpqTM/WHDOsmY9Irau5NnRAX5blRtzgnr5Q
m9ILP7LnjGUdjuMmjY0e7BhA6BH2pDV6jiSJYQ/ViWXfUdtCCuAYFm2yXHEGzRsl
3VG/8L9sG1ls582pLMo8k6fcA95i8K4SjIxvvMkiUWODC1qykz26nrEfyxw9AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUYspiafARHPyrORYu86OI7MDyzPEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzgzMDJlMzMzMDJl
MzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtUB4w
DQYJKoZIhvcNAQELBQADggEBAB9bMqSeg2JCsJLLBIvuXptFfSNH4SJ2OYyDPmE+
R5ZDnvsHQx+r/SC9DLVHqk2Rweh8rDit4SgD7dck6oMGhd0kgvim4i2K7WHJOsqZ
8nf2Xa15xlQbx8m76YDr4QgqwyVj2eMAA8To9TarfKeaNo2kv4uVHjMmooR6wMk4
n1e+P12PCBGp1FJleasGJBwg8J6tgDMRgurq0rMLINsexsSB4Js1s9xaWiUwsPD3
cKBRclpn8HIDEJXRBL7/Q6Je1b/MMYOig2MKEDWfuWiD0j4MzIW1QQ8Jd/4wuV2W
TLXcZsAfGPWLmeoT0eN5BsooDAr7AxMu0Chhy/4KF4Ju1HE=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:58 2024 by rpki-client on console-fra.rpki-client.org