Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e38372e382e302f32322d3234203d3e20323031333431.roa
File: 34352e38372e382e302f32322d3234203d3e20323031333431.roa (raw, json)
Hash identifier: 9gB9LCCFJJGmfCbYaFSOV9O/lEyw7eBjhCJPU96ZsFY=
Subject key identifier: BF:8E:78:8B:1D:C2:FD:81:2F:D8:AE:AD:CC:DB:4F:B3:63:F2:4E:AD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5A86B21B9424A6D5A1A2F8D6112919B4A5366DD6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e38372e382e302f32322d3234203d3e20323031333431.roa
Signing time: Thu 31 Aug 2023 14:08:13 +0000
ROA not before: Thu 31 Aug 2023 14:03:13 +0000
ROA not after: Thu 29 Aug 2024 14:08:13 +0000
asID: 201341
IP address blocks: 45.87.8.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:86:b2:1b:94:24:a6:d5:a1:a2:f8:d6:11:29:19:b4:a5:36:6d:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 31 14:03:13 2023 GMT
Not After : Aug 29 14:08:13 2024 GMT
Subject: CN=BF8E788B1DC2FD812FD8AEADCCDB4FB363F24EAD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:57:65:7d:a8:68:a3:91:a3:bc:73:c9:77:94:
3e:c6:90:44:29:a8:9e:38:fe:96:0f:a2:cf:11:ac:
a3:79:00:7a:ae:76:3c:2d:eb:1f:f5:70:ed:83:a1:
da:24:22:f4:b8:be:cb:8d:37:8a:66:27:2e:78:5d:
8b:2f:04:9a:12:01:fc:55:0e:f7:00:c2:25:fe:66:
7e:63:7f:2b:b4:7b:46:e3:e0:c5:7e:8b:3c:5b:96:
4e:63:4c:50:dd:69:68:ce:e1:d1:ed:5e:32:22:dc:
3b:19:cb:88:0a:53:3b:42:1f:47:6c:8e:8d:b2:b0:
36:f5:e6:7d:48:a4:fb:ff:6b:97:31:5d:20:ff:eb:
c7:1f:38:4a:74:d0:23:10:f5:b9:49:ec:b6:0c:4d:
01:5e:2a:86:9b:26:dc:ed:07:70:bb:f9:39:dc:c4:
44:41:9e:47:df:1c:a1:fc:fe:a0:eb:15:e2:6d:86:
f6:6d:38:68:44:f2:a6:26:29:9f:30:85:0c:4d:7c:
73:cf:1b:19:d7:d6:5f:cc:34:d7:4f:93:0b:21:0b:
16:f8:98:e6:eb:f9:24:fe:09:6b:bb:87:1b:f0:18:
28:cb:e5:35:55:46:31:41:41:0b:6d:86:1f:b5:5c:
41:3c:4c:84:53:71:0c:1a:a1:99:fe:e8:d8:97:07:
15:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:8E:78:8B:1D:C2:FD:81:2F:D8:AE:AD:CC:DB:4F:B3:63:F2:4E:AD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e38372e382e302f32322d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.8.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:84:00:00:68:4e:ba:33:83:da:25:65:35:10:0e:d7:a2:3a:
0e:ee:be:a7:ca:6a:01:a9:43:a0:fe:19:82:8b:83:c4:aa:42:
e7:71:ed:5d:f5:06:e8:74:05:9e:ac:3f:53:d7:db:66:43:ec:
b8:70:8d:96:94:f5:b9:29:ad:ae:89:bb:cb:20:80:df:21:a3:
b6:f9:24:bf:ef:c8:30:97:8e:47:9e:b1:96:f7:7f:2b:8a:bf:
52:d4:b9:97:c8:98:91:e2:1b:ce:ff:a7:ff:59:5a:e6:e6:7d:
c4:9a:59:4e:ff:40:3d:70:74:f6:b4:6c:88:07:53:75:16:fa:
4e:09:cf:45:38:77:e7:33:45:d3:fe:82:fc:ed:78:3b:d1:c2:
85:0b:7c:dc:89:fd:f2:a3:ff:2d:e3:3c:ae:00:16:9e:39:51:
57:df:ce:30:7f:af:fc:bd:9b:31:3e:e4:a6:25:46:1d:56:75:
56:d0:5f:4e:3d:38:35:e1:37:bf:db:55:4e:4d:e2:96:08:f7:
83:4f:49:86:40:29:a4:5f:61:24:e8:27:ec:26:6e:64:1d:5c:
7d:d8:6d:a5:15:f9:98:92:17:b6:00:b0:8a:15:5b:36:b6:89:
69:a7:a2:54:af:eb:dc:8a:ef:0b:52:36:ff:f6:15:e1:1b:17:
bb:1d:db:d3
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUWoayG5QkptWhovjWESkZtKU2bdYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA4MzExNDAzMTNaFw0yNDA4MjkxNDA4MTNaMDMxMTAvBgNV
BAMTKEJGOEU3ODhCMURDMkZEODEyRkQ4QUVBRENDREI0RkIzNjNGMjRFQUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4V2V9qGijkaO8c8l3lD7GkEQp
qJ44/pYPos8RrKN5AHqudjwt6x/1cO2DodokIvS4vsuNN4pmJy54XYsvBJoSAfxV
DvcAwiX+Zn5jfyu0e0bj4MV+izxblk5jTFDdaWjO4dHtXjIi3DsZy4gKUztCH0ds
jo2ysDb15n1IpPv/a5cxXSD/68cfOEp00CMQ9blJ7LYMTQFeKoabJtztB3C7+Tnc
xERBnkffHKH8/qDrFeJthvZtOGhE8qYmKZ8whQxNfHPPGxnX1l/MNNdPkwshCxb4
mObr+ST+CWu7hxvwGCjL5TVVRjFBQQtthh+1XEE8TIRTcQwaoZn+6NiXBxWDAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUv454ix3C/YEv2K6tzNtPs2PyTq0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzgzNzJlMzgyZTMw
MmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAItVwgw
DQYJKoZIhvcNAQELBQADggEBAC+EAABoTrozg9olZTUQDteiOg7uvqfKagGpQ6D+
GYKLg8SqQudx7V31Buh0BZ6sP1PX22ZD7LhwjZaU9bkpra6Ju8sggN8ho7b5JL/v
yDCXjkeesZb3fyuKv1LUuZfImJHiG87/p/9ZWubmfcSaWU7/QD1wdPa0bIgHU3UW
+k4Jz0U4d+czRdP+gvzteDvRwoULfNyJ/fKj/y3jPK4AFp45UVffzjB/r/y9mzE+
5KYlRh1WdVbQX049ODXhN7/bVU5N4pYI94NPSYZAKaRfYSToJ+wmbmQdXH3YbaUV
+ZiSF7YAsIoVWza2iWmnolSv69yK7wtSNv/2FeEbF7sd29M=
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:50 2024 by rpki-client on console-ams.rpki-client.org