Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e38352e3235302e302f32342d3332203d3e203531313637.roa
File: 34352e38352e3235302e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: 0lBfcEW5cw9/e52xnVAEEk4yN7xknflAvCzPOxSCxTU=
Subject key identifier: C9:A5:33:D2:2A:52:09:FA:09:95:7E:50:88:16:7E:A1:EB:05:2D:E0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6584582AEF6259437FA6B7BA14E6E159801CBA6A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e38352e3235302e302f32342d3332203d3e203531313637.roa
Signing time: Wed 27 Sep 2023 13:40:11 +0000
ROA not before: Wed 27 Sep 2023 13:35:11 +0000
ROA not after: Wed 25 Sep 2024 13:40:11 +0000
asID: 51167
IP address blocks: 45.85.250.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:84:58:2a:ef:62:59:43:7f:a6:b7:ba:14:e6:e1:59:80:1c:ba:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 27 13:35:11 2023 GMT
Not After : Sep 25 13:40:11 2024 GMT
Subject: CN=C9A533D22A5209FA09957E5088167EA1EB052DE0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e6:29:32:77:45:35:70:70:8f:cc:e3:ed:9e:
df:18:21:2f:44:2a:d1:40:8b:cf:95:fa:dd:94:e2:
1d:b4:c2:74:e7:9d:b0:a7:bd:8e:8b:b3:e9:cd:57:
1e:2e:e9:78:ca:ef:fb:4d:a3:13:79:d8:5e:05:97:
e7:13:57:70:1c:04:2e:0b:35:30:f1:70:2c:2c:05:
2b:f3:88:b0:f1:5a:c6:b9:7a:e1:d5:9d:0d:34:6a:
55:5a:6b:3e:29:8c:13:00:56:12:64:bd:9e:b4:e2:
f6:b9:36:5e:9f:ff:0f:18:a6:86:6f:6c:a7:c8:09:
e2:34:07:30:76:e9:31:ef:7d:20:2b:63:f2:af:ae:
a1:d7:bc:1b:1e:3a:41:67:0c:50:de:18:b3:d5:2c:
1b:b8:b8:d7:be:c4:ea:8a:70:b1:ae:28:6b:ad:0c:
14:dd:1a:e0:e3:48:46:9f:57:e2:27:ae:eb:ca:25:
4e:16:16:24:bc:42:4a:e1:57:61:aa:3a:ad:97:92:
93:c8:d6:46:1b:32:33:90:e9:c0:ba:cc:8c:50:df:
21:79:d0:c9:de:df:bc:74:ef:4a:78:99:19:d1:23:
49:d8:bf:81:1c:44:be:29:ac:f9:e7:ed:27:34:81:
35:a9:75:2e:53:fe:f5:57:16:69:c3:93:86:5e:8d:
88:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:A5:33:D2:2A:52:09:FA:09:95:7E:50:88:16:7E:A1:EB:05:2D:E0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e38352e3235302e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.250.0/24
Signature Algorithm: sha256WithRSAEncryption
01:82:65:31:ab:d9:d9:48:b4:74:71:55:b6:af:99:2a:ae:6d:
c9:62:3a:1e:35:0c:24:87:f9:f0:99:cb:41:71:b9:6b:e8:98:
48:d5:be:9b:f4:b4:13:87:5a:b0:ac:07:b5:cd:29:14:d4:94:
48:e5:78:41:a8:54:1d:27:82:5c:e8:f1:50:b2:e3:a5:ab:4f:
52:af:fc:3a:67:c1:74:1a:dd:dd:28:55:77:d8:37:8b:8d:0d:
47:85:e5:50:9e:6e:ad:33:e8:cb:b7:f9:8d:87:35:09:39:31:
7a:ed:aa:e6:0d:ab:d1:cc:31:57:10:db:9c:d0:ef:cd:f7:69:
33:e3:b2:9b:ce:ab:38:80:d6:d8:39:f4:80:cf:ce:f6:4c:5e:
45:12:b0:3d:7d:30:1d:5e:72:8a:c0:80:83:d4:64:39:dd:27:
6f:99:b8:ab:15:da:c9:14:2e:81:d5:0a:59:14:e7:1c:b5:9a:
bc:28:c9:51:12:1a:77:7c:9e:07:3d:89:73:a3:15:0d:14:72:
8c:c2:8d:3c:e0:44:cc:f7:5f:66:16:1e:ed:42:de:e4:c7:82:
fa:17:ff:e5:57:19:72:b7:97:91:1a:3e:2f:6a:d5:10:66:25:
35:03:6b:f8:71:24:30:80:61:c6:ec:d3:94:9a:ff:f0:3a:5f:
7c:d1:a8:15
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUZYRYKu9iWUN/pre6FObhWYAcumowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA5MjcxMzM1MTFaFw0yNDA5MjUxMzQwMTFaMDMxMTAvBgNV
BAMTKEM5QTUzM0QyMkE1MjA5RkEwOTk1N0U1MDg4MTY3RUExRUIwNTJERTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ5ikyd0U1cHCPzOPtnt8YIS9E
KtFAi8+V+t2U4h20wnTnnbCnvY6Ls+nNVx4u6XjK7/tNoxN52F4Fl+cTV3AcBC4L
NTDxcCwsBSvziLDxWsa5euHVnQ00alVaaz4pjBMAVhJkvZ604va5Nl6f/w8YpoZv
bKfICeI0BzB26THvfSArY/KvrqHXvBseOkFnDFDeGLPVLBu4uNe+xOqKcLGuKGut
DBTdGuDjSEafV+InruvKJU4WFiS8QkrhV2GqOq2XkpPI1kYbMjOQ6cC6zIxQ3yF5
0Mne37x070p4mRnRI0nYv4EcRL4prPnn7Sc0gTWpdS5T/vVXFmnDk4ZejYjTAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUyaUz0ipSCfoJlX5QiBZ+oesFLeAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzgzNTJlMzIzNTMw
MmUzMDJmMzIzNDJkMzMzMjIwM2QzZTIwMzUzMTMxMzYzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1V
+jANBgkqhkiG9w0BAQsFAAOCAQEAAYJlMavZ2Ui0dHFVtq+ZKq5tyWI6HjUMJIf5
8JnLQXG5a+iYSNW+m/S0E4dasKwHtc0pFNSUSOV4QahUHSeCXOjxULLjpatPUq/8
OmfBdBrd3ShVd9g3i40NR4XlUJ5urTPoy7f5jYc1CTkxeu2q5g2r0cwxVxDbnNDv
zfdpM+Oym86rOIDW2Dn0gM/O9kxeRRKwPX0wHV5yisCAg9RkOd0nb5m4qxXayRQu
gdUKWRTnHLWavCjJURIad3yeBz2Jc6MVDRRyjMKNPOBEzPdfZhYe7ULe5MeC+hf/
5VcZcreXkRo+L2rVEGYlNQNr+HEkMIBhxuzTlJr/8DpffNGoFQ==
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:45 2024 by rpki-client on console-fra.rpki-client.org