Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e38382e3232312e302f32342d3234203d3e20313336373837.roa
File: 34352e38382e3232312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: zBniIGzNbce0K0WokHBZe4giMvyOinD6gvSGYn0x2ZE=
Subject key identifier: 03:A1:7C:C9:CA:FC:7B:DF:5E:23:BC:CD:47:A4:2E:1F:28:D8:36:D6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0A7BA5081985A295267801623513BA0778E8E79B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e38382e3232312e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 27 Sep 2023 13:40:11 +0000
ROA not before: Wed 27 Sep 2023 13:35:11 +0000
ROA not after: Wed 25 Sep 2024 13:40:11 +0000
asID: 136787
IP address blocks: 45.88.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:7b:a5:08:19:85:a2:95:26:78:01:62:35:13:ba:07:78:e8:e7:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 27 13:35:11 2023 GMT
Not After : Sep 25 13:40:11 2024 GMT
Subject: CN=03A17CC9CAFC7BDF5E23BCCD47A42E1F28D836D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:10:e6:52:ba:f8:04:09:b6:93:1c:bb:2c:99:
22:19:f0:e5:47:8e:d6:ca:13:cd:0d:f6:68:f4:9f:
8a:24:b8:ef:3c:81:29:55:6d:be:3a:92:2d:af:ba:
95:5c:2e:e5:1d:13:63:6d:7d:fe:a5:82:a3:8d:cd:
f5:e8:92:5a:1f:cc:dc:d6:f6:26:ea:ed:54:50:5d:
b6:04:67:ab:53:41:5f:b4:56:4e:08:30:e0:cd:3e:
a6:ef:a2:1b:52:12:f1:00:4d:db:a8:65:73:e3:96:
4c:40:ae:69:10:b0:b3:8c:03:82:f0:b4:4f:26:51:
78:dc:6a:5f:e5:b0:7b:30:06:30:68:68:39:b3:e6:
0a:4b:c8:f9:89:07:d1:0b:29:8b:65:2b:76:59:f1:
13:c0:12:ae:a7:f1:58:7a:11:c8:f9:02:34:17:42:
47:ea:22:4c:74:c9:6f:e7:6f:5f:15:0b:0f:a0:f9:
64:9b:d8:21:7f:0d:9c:9b:d7:61:41:74:b8:1e:0b:
54:5c:b0:82:07:57:db:bf:8c:94:d6:c0:39:36:e2:
d0:8a:a1:02:83:6a:2d:3c:18:08:a1:e9:d6:99:79:
da:bd:68:75:b7:7c:4c:8b:fd:c8:30:2d:7b:76:89:
30:45:f7:0e:04:d7:82:c6:f8:36:46:8f:2d:86:65:
45:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:A1:7C:C9:CA:FC:7B:DF:5E:23:BC:CD:47:A4:2E:1F:28:D8:36:D6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e38382e3232312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.221.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:37:aa:de:ff:1a:c3:5a:d3:3f:1a:80:c2:9d:6d:e9:82:02:
74:d4:bc:c3:73:20:4b:5d:40:02:cd:eb:d2:b7:75:cd:8a:6f:
15:a1:b1:86:ba:48:f4:17:bb:ea:41:7b:7d:8c:ce:a7:6f:10:
55:2d:a7:4f:4e:39:c7:a2:dc:a9:81:87:d4:f0:79:d2:9c:4f:
de:18:ae:af:c7:02:20:dc:71:28:6a:bf:3f:fb:fc:cd:90:88:
72:bd:79:82:74:04:70:75:d4:a3:9d:ab:7c:fa:51:52:28:97:
e6:0e:27:b3:2f:7f:7e:ed:3f:bd:e2:94:fc:b8:cf:8c:81:f7:
d9:20:73:6d:ad:1d:bc:a2:47:31:06:fe:a1:a4:2f:9a:a5:67:
18:d0:c1:ea:69:06:bd:55:93:72:90:64:8d:57:82:d1:cc:21:
19:a6:16:be:ca:05:ae:79:87:4a:e6:ed:f6:3d:64:f8:f9:df:
ee:4d:75:f7:38:f0:a3:5c:20:77:f6:83:a7:a9:12:ef:bc:f0:
39:ba:ec:74:98:e0:b9:34:fd:22:9c:bf:ef:e5:23:0c:27:6d:
e3:ce:e6:97:0d:86:58:1a:5b:4d:10:1e:fb:5b:bb:46:57:a7:
65:27:c6:c7:01:cc:d0:ba:b7:59:63:d6:85:9c:1b:be:b2:c4:
8c:4c:8d:d6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCnulCBmFopUmeAFiNRO6B3jo55swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA5MjcxMzM1MTFaFw0yNDA5MjUxMzQwMTFaMDMxMTAvBgNV
BAMTKDAzQTE3Q0M5Q0FGQzdCREY1RTIzQkNDRDQ3QTQyRTFGMjhEODM2RDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3EOZSuvgECbaTHLssmSIZ8OVH
jtbKE80N9mj0n4okuO88gSlVbb46ki2vupVcLuUdE2Ntff6lgqONzfXoklofzNzW
9ibq7VRQXbYEZ6tTQV+0Vk4IMODNPqbvohtSEvEATduoZXPjlkxArmkQsLOMA4Lw
tE8mUXjcal/lsHswBjBoaDmz5gpLyPmJB9ELKYtlK3ZZ8RPAEq6n8Vh6Ecj5AjQX
QkfqIkx0yW/nb18VCw+g+WSb2CF/DZyb12FBdLgeC1RcsIIHV9u/jJTWwDk24tCK
oQKDai08GAih6daZedq9aHW3fEyL/cgwLXt2iTBF9w4E14LG+DZGjy2GZUVDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUA6F8ycr8e99eI7zNR6QuHyjYNtYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzgzODJlMzIzMjMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVjdMA0GCSqGSIb3DQEBCwUAA4IBAQBNN6re/xrDWtM/GoDCnW3pggJ01LzDcyBL
XUACzevSt3XNim8VobGGukj0F7vqQXt9jM6nbxBVLadPTjnHotypgYfU8HnSnE/e
GK6vxwIg3HEoar8/+/zNkIhyvXmCdARwddSjnat8+lFSKJfmDiezL39+7T+94pT8
uM+MgffZIHNtrR28okcxBv6hpC+apWcY0MHqaQa9VZNykGSNV4LRzCEZpha+ygWu
eYdK5u32PWT4+d/uTXX3OPCjXCB39oOnqRLvvPA5uux0mOC5NP0inL/v5SMMJ23j
zuaXDYZYGltNEB77W7tGV6dlJ8bHAczQurdZY9aFnBu+ssSMTI3W
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:24 2024 by rpki-client on console-fra.rpki-client.org