Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e38352e3235312e302f32342d3234203d3e20313336373837.roa
File: 34352e38352e3235312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: gi7BHtxmi/xWogE2lEhUO5qWVXNyET/laBl8MzVRiUQ=
Subject key identifier: CC:D7:5E:19:A7:40:E1:B2:82:E0:6F:24:F7:33:DF:43:57:16:6D:51
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 176840544754AE7420324647279C273A06AADBEB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e38352e3235312e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 28 Aug 2024 14:04:43 +0000
ROA not before: Wed 28 Aug 2024 13:59:43 +0000
ROA not after: Wed 27 Aug 2025 14:04:43 +0000
asID: 136787
IP address blocks: 45.85.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:68:40:54:47:54:ae:74:20:32:46:47:27:9c:27:3a:06:aa:db:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 28 13:59:43 2024 GMT
Not After : Aug 27 14:04:43 2025 GMT
Subject: CN=CCD75E19A740E1B282E06F24F733DF4357166D51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a4:ca:f4:96:ea:76:45:96:8a:45:57:f9:f3:
e4:bf:b8:fc:f3:ce:65:45:1e:35:9d:90:35:23:95:
96:0f:75:0e:f7:d8:00:5d:de:1e:51:3d:96:96:d1:
fb:69:82:1a:0c:16:1d:1e:4a:ff:66:b4:4b:6d:19:
05:b6:15:ff:d3:85:f2:96:a9:68:1d:e8:ad:e5:10:
bd:5c:e4:7e:b1:2c:ae:c1:21:e1:c3:14:33:85:9b:
9b:a5:76:51:70:6b:44:45:8c:da:84:38:3d:dd:37:
15:5f:8d:d7:2f:38:6c:0d:48:7b:77:de:a8:16:ca:
d8:3f:4f:a4:2b:72:75:0e:b4:67:5d:d3:e5:eb:f7:
d0:3b:a5:9b:b8:54:02:44:1f:e5:37:08:71:cb:ee:
4a:fd:fb:49:e1:95:51:54:89:ee:29:86:d2:c8:6e:
55:8c:b2:8c:ab:71:70:52:dc:36:48:ac:b6:29:49:
f8:ec:39:df:37:61:ac:5a:e2:7c:cc:05:d0:76:47:
11:2f:60:54:b6:91:c2:28:e5:ce:19:97:06:67:90:
ac:db:ab:7c:e3:21:74:f4:09:38:21:5b:76:d8:1f:
26:fb:ff:10:c7:79:73:4d:36:f3:04:6f:30:16:99:
da:b4:d2:89:05:68:6a:df:2c:40:6f:67:13:44:7f:
a5:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:D7:5E:19:A7:40:E1:B2:82:E0:6F:24:F7:33:DF:43:57:16:6D:51
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e38352e3235312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.251.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:26:65:ce:7c:df:c4:0c:b4:3b:19:1a:81:17:56:09:a1:52:
2a:2b:df:e4:33:65:8d:6c:c1:98:ad:15:0a:f7:32:f4:bd:bf:
46:f7:23:01:60:fe:fd:e3:d5:9d:1b:d4:58:f1:47:b1:24:fb:
a1:23:36:cf:b8:0d:c6:81:8d:57:ad:a0:9e:da:1c:d3:ed:8b:
61:6a:d0:64:2d:3f:85:31:29:e1:f6:b8:38:91:8e:30:8f:7a:
a9:3e:7c:64:50:a6:4c:9a:0b:3c:5e:3d:d2:01:12:32:5a:9a:
7c:b0:4e:7e:0a:d6:83:6c:7f:fa:7f:f6:4b:6a:21:6a:b6:13:
6c:31:a3:f1:13:a2:67:78:ff:ad:8b:f6:db:ea:35:76:6d:65:
29:26:e7:17:f0:7e:cc:10:99:01:bb:05:fa:f2:38:89:1a:ad:
44:5a:f9:9f:2b:11:44:3d:c1:54:ce:25:08:28:8f:3d:45:dc:
57:ef:b2:d9:76:7f:9b:da:e9:4b:27:53:1d:49:61:96:29:dd:
95:af:03:2e:b6:7b:ed:3c:05:07:ca:f6:c1:86:82:f4:21:db:
b3:83:de:59:3c:a9:07:5b:48:59:8a:53:9c:ec:2a:04:80:4c:
d6:f2:1c:dd:99:e8:0d:4f:4d:59:f0:5e:88:cc:0b:c7:99:42:
6a:9c:af:f1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUF2hAVEdUrnQgMkZHJ5wnOgaq2+swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA4MjgxMzU5NDNaFw0yNTA4MjcxNDA0NDNaMDMxMTAvBgNV
BAMTKENDRDc1RTE5QTc0MEUxQjI4MkUwNkYyNEY3MzNERjQzNTcxNjZENTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIpMr0lup2RZaKRVf58+S/uPzz
zmVFHjWdkDUjlZYPdQ732ABd3h5RPZaW0ftpghoMFh0eSv9mtEttGQW2Ff/ThfKW
qWgd6K3lEL1c5H6xLK7BIeHDFDOFm5uldlFwa0RFjNqEOD3dNxVfjdcvOGwNSHt3
3qgWytg/T6QrcnUOtGdd0+Xr99A7pZu4VAJEH+U3CHHL7kr9+0nhlVFUie4phtLI
blWMsoyrcXBS3DZIrLYpSfjsOd83Yaxa4nzMBdB2RxEvYFS2kcIo5c4ZlwZnkKzb
q3zjIXT0CTghW3bYHyb7/xDHeXNNNvMEbzAWmdq00okFaGrfLEBvZxNEf6WdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUzNdeGadA4bKC4G8k9zPfQ1cWbVEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzgzNTJlMzIzNTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVX7MA0GCSqGSIb3DQEBCwUAA4IBAQA7JmXOfN/EDLQ7GRqBF1YJoVIqK9/kM2WN
bMGYrRUK9zL0vb9G9yMBYP7949WdG9RY8UexJPuhIzbPuA3GgY1XraCe2hzT7Yth
atBkLT+FMSnh9rg4kY4wj3qpPnxkUKZMmgs8Xj3SARIyWpp8sE5+CtaDbH/6f/ZL
aiFqthNsMaPxE6JneP+ti/bb6jV2bWUpJucX8H7MEJkBuwX68jiJGq1EWvmfKxFE
PcFUziUIKI89RdxX77LZdn+b2ulLJ1MdSWGWKd2VrwMutnvtPAUHyvbBhoL0Iduz
g95ZPKkHW0hZilOc7CoEgEzW8hzdmegNT01Z8F6IzAvHmUJqnK/x
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:14 2024 by rpki-client on console-ams.rpki-client.org