Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e38382e3232312e302f32342d3234203d3e20313336373837.roa
File: 34352e38382e3232312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 2WeZLx/5jcfshVUhXIe7VPH9TbxKz8eD0PrF6+J3sK0=
Subject key identifier: B4:D9:BF:76:28:F3:BF:D4:11:BA:C0:A6:10:7C:4F:4F:C6:63:11:24
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4AB9D0B5F727228AA272EFF77D67930DCB6C404B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e38382e3232312e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 28 Aug 2024 14:04:44 +0000
ROA not before: Wed 28 Aug 2024 13:59:44 +0000
ROA not after: Wed 27 Aug 2025 14:04:44 +0000
asID: 136787
IP address blocks: 45.88.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:b9:d0:b5:f7:27:22:8a:a2:72:ef:f7:7d:67:93:0d:cb:6c:40:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 28 13:59:44 2024 GMT
Not After : Aug 27 14:04:44 2025 GMT
Subject: CN=B4D9BF7628F3BFD411BAC0A6107C4F4FC6631124
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:bf:aa:4d:e3:cc:c8:1a:b2:2d:8b:e3:3c:44:
f7:91:06:ef:f2:22:0c:3e:9c:7f:a9:e3:97:85:b2:
88:a3:6b:1f:a5:23:fa:eb:a9:94:70:00:c4:14:4a:
eb:32:26:be:9b:8d:99:dc:06:0c:31:a4:4d:88:b8:
d9:06:37:69:c2:aa:73:68:bd:56:81:57:42:0b:30:
24:bd:ef:03:d8:17:6d:ac:da:a7:a3:cd:48:fd:c4:
42:8a:3d:ac:53:fa:09:cc:12:77:50:9a:a1:5f:28:
36:d7:07:f1:6a:16:ab:7f:83:80:8c:64:b8:0e:08:
be:de:90:c2:3a:c1:6d:07:eb:cd:0b:ec:a3:22:bb:
29:ff:46:51:18:c4:d8:65:6b:a3:78:08:4f:fd:96:
cc:d7:f2:1e:1a:27:12:c9:1d:a6:f7:e3:8c:88:2a:
91:5a:20:0f:0b:c8:9b:5b:93:b3:fb:51:f0:ad:d2:
b5:5a:7a:0f:16:10:db:d8:7b:e3:b9:ce:97:ba:66:
5a:6b:d4:c5:bb:0b:44:7e:84:c3:4c:86:05:73:c6:
1d:2b:b7:9f:64:f7:bc:77:fe:86:f3:f5:c7:a1:0f:
56:d8:15:d8:1c:04:fa:6e:73:b1:9e:ba:9b:dd:4c:
b8:26:45:9d:41:be:cb:86:3b:e8:18:a2:a5:0b:ac:
9c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:D9:BF:76:28:F3:BF:D4:11:BA:C0:A6:10:7C:4F:4F:C6:63:11:24
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e38382e3232312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.221.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:15:70:f9:c4:d0:96:08:ec:bb:6e:ff:9a:9e:b8:2e:70:f8:
6c:60:e2:bb:39:5f:49:99:bb:41:97:75:47:07:de:a3:84:02:
07:7e:d5:95:eb:83:3d:00:29:59:ab:f8:4c:30:67:40:ee:f6:
16:d9:c6:95:ec:42:98:61:df:d8:9c:ba:ca:ef:29:73:ab:79:
8e:b4:9f:e7:b6:81:09:40:36:ed:d8:cf:63:7e:ca:00:60:d1:
bf:95:e1:75:b4:6e:a0:33:db:97:9f:5f:70:1e:72:8f:0c:1d:
20:9a:c6:e7:4a:a8:37:5c:3a:97:c2:1b:42:ea:7d:eb:df:c1:
af:53:53:49:c6:72:23:1f:cf:03:52:da:16:c4:0d:65:dc:97:
d3:dd:5a:c7:38:b9:b8:a5:a3:93:34:d6:e2:ed:b4:dd:0f:40:
f0:1a:4b:3a:f1:b0:81:8d:c2:2d:c3:95:73:87:3e:56:54:78:
7e:99:63:bc:70:d9:62:c6:af:f6:35:c2:73:0f:e8:96:f8:59:
e8:bd:c2:ad:08:ee:38:56:36:de:7a:b0:36:b2:79:0c:e1:78:
52:d5:25:76:2b:63:9e:70:9b:66:fd:bb:80:34:6d:45:f3:72:
c8:3f:fd:18:c7:be:d0:5a:51:5a:ff:95:ce:b1:00:93:28:b2:
f8:24:84:3c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSrnQtfcnIoqicu/3fWeTDctsQEswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA4MjgxMzU5NDRaFw0yNTA4MjcxNDA0NDRaMDMxMTAvBgNV
BAMTKEI0RDlCRjc2MjhGM0JGRDQxMUJBQzBBNjEwN0M0RjRGQzY2MzExMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbv6pN48zIGrIti+M8RPeRBu/y
Igw+nH+p45eFsoijax+lI/rrqZRwAMQUSusyJr6bjZncBgwxpE2IuNkGN2nCqnNo
vVaBV0ILMCS97wPYF22s2qejzUj9xEKKPaxT+gnMEndQmqFfKDbXB/FqFqt/g4CM
ZLgOCL7ekMI6wW0H680L7KMiuyn/RlEYxNhla6N4CE/9lszX8h4aJxLJHab344yI
KpFaIA8LyJtbk7P7UfCt0rVaeg8WENvYe+O5zpe6Zlpr1MW7C0R+hMNMhgVzxh0r
t59k97x3/obz9cehD1bYFdgcBPpuc7GeupvdTLgmRZ1BvsuGO+gYoqULrJwXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUtNm/dijzv9QRusCmEHxPT8ZjESQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzgzODJlMzIzMjMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVjdMA0GCSqGSIb3DQEBCwUAA4IBAQCKFXD5xNCWCOy7bv+anrgucPhsYOK7OV9J
mbtBl3VHB96jhAIHftWV64M9AClZq/hMMGdA7vYW2caV7EKYYd/YnLrK7ylzq3mO
tJ/ntoEJQDbt2M9jfsoAYNG/leF1tG6gM9uXn19wHnKPDB0gmsbnSqg3XDqXwhtC
6n3r38GvU1NJxnIjH88DUtoWxA1l3JfT3VrHOLm4paOTNNbi7bTdD0DwGks68bCB
jcItw5Vzhz5WVHh+mWO8cNlixq/2NcJzD+iW+FnovcKtCO44VjbeerA2snkM4XhS
1SV2K2OecJtm/buANG1F83LIP/0Yx77QWlFa/5XOsQCTKLL4JIQ8
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org