Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e39342e3136302e302f32322d3234203d3e20323031333431.roa
File: 34352e39342e3136302e302f32322d3234203d3e20323031333431.roa (raw, json)
Hash identifier: g6x+BqV3rYveEpZHprjdf2b9Ee4dtroqJRp57fsViWU=
Subject key identifier: 24:4E:1F:F1:69:2D:65:BF:5D:EA:AE:3E:94:50:6F:1B:72:BD:06:FF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5B2D39AF1BF3F3D5B50C4A92E57C79E57A404470
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e39342e3136302e302f32322d3234203d3e20323031333431.roa
Signing time: Wed 01 May 2024 12:03:33 +0000
ROA not before: Wed 01 May 2024 11:58:33 +0000
ROA not after: Wed 30 Apr 2025 12:03:33 +0000
asID: 201341
IP address blocks: 45.94.160.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:2d:39:af:1b:f3:f3:d5:b5:0c:4a:92:e5:7c:79:e5:7a:40:44:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 1 11:58:33 2024 GMT
Not After : Apr 30 12:03:33 2025 GMT
Subject: CN=244E1FF1692D65BF5DEAAE3E94506F1B72BD06FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2c:bc:59:f2:3c:d3:56:be:ee:27:26:73:3d:
29:db:96:ae:b4:97:13:ba:f0:ed:ec:5e:35:33:55:
3c:9d:52:9b:b0:d9:53:f2:93:bf:ae:f9:08:3a:0d:
fc:3a:71:2a:16:8a:58:a4:93:79:4a:22:ba:35:ae:
33:2a:f0:3b:5c:36:c1:6b:35:6d:0f:a9:69:75:1f:
43:6f:2d:92:2c:a3:68:ce:04:0e:b5:42:00:5a:cc:
ab:01:fa:ad:5c:54:ca:62:1d:27:17:f3:24:d4:92:
42:e6:00:b3:82:7b:ac:06:95:c2:eb:53:bf:82:62:
c9:b0:72:65:fc:72:1c:6a:aa:b9:ef:1f:43:23:0a:
5a:ec:ca:76:b9:b5:16:a8:33:84:71:23:2f:db:9d:
5a:14:2f:b0:3b:69:41:f4:67:a1:54:de:cd:92:0f:
86:2d:a8:35:17:a7:14:b9:a6:28:f9:40:f4:72:52:
a8:ff:00:12:e4:66:4b:a0:e8:a9:f2:19:99:0a:f4:
7a:be:59:6d:78:8c:a0:32:b2:b1:3e:c2:46:44:5c:
c3:5d:39:cb:6d:56:bf:88:3b:40:2d:e7:fb:1d:10:
15:d6:ae:02:73:5b:f5:1f:f1:55:7e:17:6f:87:75:
2f:c9:8f:4b:fe:8b:48:96:23:63:ea:60:f8:49:9a:
df:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:4E:1F:F1:69:2D:65:BF:5D:EA:AE:3E:94:50:6F:1B:72:BD:06:FF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e39342e3136302e302f32322d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.160.0/22
Signature Algorithm: sha256WithRSAEncryption
04:21:51:32:d4:57:08:d1:a2:2d:91:bb:1c:51:2d:11:6a:8d:
6b:c2:21:69:7e:d8:b4:90:e2:bb:cd:90:32:ea:c7:88:f8:60:
90:88:ca:cd:61:1a:c1:21:89:fe:e1:3a:dd:55:f8:91:19:68:
21:db:85:05:c6:ac:e6:0c:2a:61:a3:a4:86:d5:76:46:fb:c2:
e8:b6:14:61:31:c6:f5:25:c1:b0:7e:68:47:66:43:15:95:1f:
86:08:08:fe:cf:d3:b1:1c:ff:06:4a:93:48:58:de:22:c1:e7:
6e:25:74:48:69:9e:8f:b0:bd:8f:c7:c3:88:35:f5:69:25:02:
78:0f:b7:62:19:f9:04:3d:fa:f4:68:15:d4:fe:36:c5:b6:f9:
24:43:78:92:ae:67:ed:43:ff:33:95:5e:d8:e4:b0:83:65:96:
3b:f8:38:98:01:1a:3b:3e:5e:72:09:13:75:56:ed:ae:b1:58:
20:72:2a:14:8a:59:83:4d:43:22:13:a1:0a:0d:c2:1c:82:86:
38:4b:6b:eb:6b:b0:49:90:56:35:21:b8:79:82:a4:14:b8:d9:
66:5e:76:cd:de:65:ab:9c:f0:de:29:0d:1a:ec:a7:3d:4e:59:
f1:8e:97:56:d5:f2:15:e7:12:14:73:40:ce:b9:0e:92:2d:2c:
3d:06:d9:29
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWy05rxvz89W1DEqS5Xx55XpARHAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MDExMTU4MzNaFw0yNTA0MzAxMjAzMzNaMDMxMTAvBgNV
BAMTKDI0NEUxRkYxNjkyRDY1QkY1REVBQUUzRTk0NTA2RjFCNzJCRDA2RkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVLLxZ8jzTVr7uJyZzPSnblq60
lxO68O3sXjUzVTydUpuw2VPyk7+u+Qg6Dfw6cSoWilikk3lKIro1rjMq8DtcNsFr
NW0PqWl1H0NvLZIso2jOBA61QgBazKsB+q1cVMpiHScX8yTUkkLmALOCe6wGlcLr
U7+CYsmwcmX8chxqqrnvH0MjClrsyna5tRaoM4RxIy/bnVoUL7A7aUH0Z6FU3s2S
D4YtqDUXpxS5pij5QPRyUqj/ABLkZkug6KnyGZkK9Hq+WW14jKAysrE+wkZEXMNd
OcttVr+IO0At5/sdEBXWrgJzW/Uf8VV+F2+HdS/Jj0v+i0iWI2PqYPhJmt9rAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUJE4f8WktZb9d6q4+lFBvG3K9Bv8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzkzNDJlMzEzNjMw
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzMDMxMzMzNDMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
LV6gMA0GCSqGSIb3DQEBCwUAA4IBAQAEIVEy1FcI0aItkbscUS0Rao1rwiFpfti0
kOK7zZAy6seI+GCQiMrNYRrBIYn+4TrdVfiRGWgh24UFxqzmDCpho6SG1XZG+8Lo
thRhMcb1JcGwfmhHZkMVlR+GCAj+z9OxHP8GSpNIWN4iweduJXRIaZ6PsL2Px8OI
NfVpJQJ4D7diGfkEPfr0aBXU/jbFtvkkQ3iSrmftQ/8zlV7Y5LCDZZY7+DiYARo7
Pl5yCRN1Vu2usVggcioUilmDTUMiE6EKDcIcgoY4S2vra7BJkFY1Ibh5gqQUuNlm
XnbN3mWrnPDeKQ0a7Kc9TlnxjpdW1fIV5xIUc0DOuQ6SLSw9Btkp
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:45 2024 by rpki-client on console-fra.rpki-client.org