Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e39342e35382e302f32342d3332203d3e203531313637.roa
File: 34352e39342e35382e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: J0Zzm39RumpPLAAOwqgP9/b9yGw6KqRUP38S3TfNars=
Subject key identifier: 6B:03:8B:6F:F3:1D:7B:50:D9:A0:89:09:E2:21:47:0C:A5:EE:88:75
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4FBE42564F574376655CBF808C8F8622A229C8AE
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e39342e35382e302f32342d3332203d3e203531313637.roa
Signing time: Thu 01 Aug 2024 15:04:31 +0000
ROA not before: Thu 01 Aug 2024 14:59:31 +0000
ROA not after: Thu 31 Jul 2025 15:04:31 +0000
asID: 51167
IP address blocks: 45.94.58.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:be:42:56:4f:57:43:76:65:5c:bf:80:8c:8f:86:22:a2:29:c8:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 1 14:59:31 2024 GMT
Not After : Jul 31 15:04:31 2025 GMT
Subject: CN=6B038B6FF31D7B50D9A08909E221470CA5EE8875
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:01:98:02:aa:b7:68:4f:82:12:0c:1b:27:2a:
d2:72:de:fe:97:73:e6:81:36:5b:5f:4f:c1:55:b5:
ae:36:87:c5:61:4d:fc:8f:73:df:e0:87:02:74:7c:
87:73:45:26:55:3c:e4:7b:19:7c:b1:7e:0d:4c:ff:
a8:af:f0:be:09:55:f4:e4:6c:bc:c9:78:65:20:76:
6d:b0:16:1b:73:e3:96:ed:0e:b9:73:e3:5d:b2:28:
bc:7f:e0:48:93:96:7e:eb:e8:c9:70:96:b3:ac:d6:
54:ca:cd:cc:3c:3d:c2:92:7b:a3:c6:30:bf:ec:9a:
c9:06:83:eb:10:e8:0b:a4:e6:d5:77:04:93:c6:5e:
1b:f2:80:5c:40:14:1e:01:f2:10:de:c0:a4:06:e8:
60:a0:67:81:cb:26:ef:6a:f1:ce:25:ae:49:5d:0b:
ea:3c:46:37:99:70:a6:85:6e:c0:75:21:f4:ba:da:
f8:f9:c3:33:fd:10:64:68:ff:75:15:df:83:b6:8b:
e6:1b:d5:27:f9:8b:d2:d1:06:e2:79:ae:21:9a:02:
5a:f6:61:f7:3a:49:8a:70:0f:f3:2f:16:dc:40:c1:
7b:a5:d4:c8:d5:08:fa:af:bd:02:12:90:69:1c:70:
a6:8a:d2:73:31:69:3b:0a:96:61:12:ca:3a:fc:cb:
d7:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:03:8B:6F:F3:1D:7B:50:D9:A0:89:09:E2:21:47:0C:A5:EE:88:75
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e39342e35382e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.58.0/24
Signature Algorithm: sha256WithRSAEncryption
72:24:d0:14:f6:5e:a4:f2:60:4d:20:d8:f8:06:2a:ca:e2:74:
5a:01:5b:ec:41:ce:e1:09:aa:a9:9f:94:f6:d4:78:07:34:d6:
73:41:55:25:e0:5e:d9:28:07:c6:ff:40:f1:93:71:6d:a4:95:
d8:1b:80:31:23:12:c0:6b:1a:27:24:38:15:3c:82:0f:c0:f7:
71:03:55:a1:a5:26:a1:7c:7f:78:da:63:15:69:6d:e9:ad:98:
6f:03:64:83:ca:8a:a9:93:c5:91:3b:8c:17:eb:9e:bb:a6:a1:
c4:d1:22:9d:b5:3a:d7:f4:61:69:7d:46:ad:80:3a:91:9d:5e:
af:3b:dc:0d:98:9d:6f:61:74:39:85:24:5d:56:c2:3b:c8:42:
b5:27:0e:44:d5:34:91:28:cc:e9:e2:41:1d:e8:30:8d:d9:a4:
b1:2f:32:79:8b:c0:c4:0f:d8:a0:e2:cd:0b:77:83:76:58:1c:
fb:b6:e9:f5:a3:69:a9:f1:bb:b7:fb:c6:59:9d:77:58:c7:f2:
7a:81:70:0b:fb:4c:7b:c1:f5:1e:a1:2c:eb:96:7d:09:df:5e:
e3:2f:c1:e5:84:6d:13:bc:ce:34:e3:80:50:1b:55:96:79:f4:
02:cb:25:67:a7:2a:2e:9b:42:e4:50:7d:25:eb:be:15:9f:79:
4f:cd:d0:5d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUT75CVk9XQ3ZlXL+AjI+GIqIpyK4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA4MDExNDU5MzFaFw0yNTA3MzExNTA0MzFaMDMxMTAvBgNV
BAMTKDZCMDM4QjZGRjMxRDdCNTBEOUEwODkwOUUyMjE0NzBDQTVFRTg4NzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/AZgCqrdoT4ISDBsnKtJy3v6X
c+aBNltfT8FVta42h8VhTfyPc9/ghwJ0fIdzRSZVPOR7GXyxfg1M/6iv8L4JVfTk
bLzJeGUgdm2wFhtz45btDrlz412yKLx/4EiTln7r6MlwlrOs1lTKzcw8PcKSe6PG
ML/smskGg+sQ6Auk5tV3BJPGXhvygFxAFB4B8hDewKQG6GCgZ4HLJu9q8c4lrkld
C+o8RjeZcKaFbsB1IfS62vj5wzP9EGRo/3UV34O2i+Yb1Sf5i9LRBuJ5riGaAlr2
Yfc6SYpwD/MvFtxAwXul1MjVCPqvvQISkGkccKaK0nMxaTsKlmESyjr8y9fzAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUawOLb/Mde1DZoIkJ4iFHDKXuiHUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzkzNDJlMzUzODJl
MzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtXjow
DQYJKoZIhvcNAQELBQADggEBAHIk0BT2XqTyYE0g2PgGKsridFoBW+xBzuEJqqmf
lPbUeAc01nNBVSXgXtkoB8b/QPGTcW2kldgbgDEjEsBrGickOBU8gg/A93EDVaGl
JqF8f3jaYxVpbemtmG8DZIPKiqmTxZE7jBfrnrumocTRIp21Otf0YWl9Rq2AOpGd
Xq873A2YnW9hdDmFJF1WwjvIQrUnDkTVNJEozOniQR3oMI3ZpLEvMnmLwMQP2KDi
zQt3g3ZYHPu26fWjaanxu7f7xlmdd1jH8nqBcAv7THvB9R6hLOuWfQnfXuMvweWE
bRO8zjTjgFAbVZZ59ALLJWenKi6bQuRQfSXrvhWfeU/N0F0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org