Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e39352e3136302e302f32342d3234203d3e20313336373837.roa
File: 34352e39352e3136302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: I2wgzDOLj1c/xRKo/CFHCu+JZ4xkpuiucjfyBrp45Kw=
Subject key identifier: AF:DC:D6:9B:F3:7C:31:49:7A:18:9D:68:69:6D:77:B9:FB:1F:95:E8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 39C0E4D69AB59BA0CF27F1A976FBE4F2EF63E204
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e39352e3136302e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 19:44:37 +0000
ROA not before: Fri 27 Dec 2024 19:39:37 +0000
ROA not after: Fri 26 Dec 2025 19:44:37 +0000
asID: 136787
IP address blocks: 45.95.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:c0:e4:d6:9a:b5:9b:a0:cf:27:f1:a9:76:fb:e4:f2:ef:63:e2:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 27 19:39:37 2024 GMT
Not After : Dec 26 19:44:37 2025 GMT
Subject: CN=AFDCD69BF37C31497A189D68696D77B9FB1F95E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fd:a1:a7:6d:63:2e:6b:36:00:4f:47:70:8e:
e3:df:7d:af:52:d9:0d:e8:d6:23:86:6e:b7:71:5f:
13:fb:d6:42:01:7b:a1:3b:f2:c9:36:65:00:d4:ed:
28:43:c7:e6:04:5d:5a:2a:7c:6d:c1:7b:e4:c0:9b:
cc:3c:ab:99:af:fe:28:8c:ae:2b:31:a5:45:fb:03:
9d:71:e0:7d:d6:53:39:52:60:90:d3:0b:c2:cc:26:
76:e5:6d:08:e6:c8:93:50:35:a7:55:20:8b:e0:a5:
1b:fa:79:c3:3b:c6:86:8d:48:53:79:5d:8e:05:a2:
60:8e:d2:e3:82:0e:98:34:f8:8c:24:01:94:5a:35:
d3:87:8f:15:fb:f5:2d:c2:d0:6a:0d:1b:a1:91:08:
66:05:15:82:47:f5:9b:ae:a8:de:83:28:f1:1a:52:
8d:cd:1a:dd:75:c6:ab:cd:93:aa:3e:11:d4:f3:87:
ea:27:be:94:52:fc:71:dd:ad:23:1a:17:82:bf:03:
bb:24:0d:1a:f8:2d:61:a5:d5:5f:9b:01:af:cb:6e:
9f:a9:d5:0b:2d:84:fb:27:a9:fe:79:78:06:b0:7f:
5e:80:66:4a:44:2f:a3:9b:b5:48:83:d0:4f:fc:7d:
a5:c2:87:54:6c:02:b5:b8:b7:83:a3:77:e8:de:be:
85:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:DC:D6:9B:F3:7C:31:49:7A:18:9D:68:69:6D:77:B9:FB:1F:95:E8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e39352e3136302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.160.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:f9:15:2e:ea:24:89:72:99:7c:77:a5:36:c8:65:98:9f:ae:
61:5c:dc:a7:22:c0:c2:ae:e0:5d:2f:5f:6f:08:26:34:53:43:
02:b9:6a:49:6f:10:12:ed:e4:b2:14:6d:a3:2e:be:6b:c0:ec:
14:9a:ad:25:13:26:79:03:3a:74:a5:ac:ab:bc:d9:d2:36:f7:
c1:04:66:54:8e:8a:a5:2b:e4:39:ae:a6:16:f3:48:ee:5f:40:
0f:f8:25:ba:27:1b:3f:bf:41:f8:37:16:11:9c:20:86:c7:4a:
fb:a9:9b:db:24:70:48:52:59:a8:e6:f5:e9:6c:e3:df:4d:a9:
a9:95:29:ad:da:7a:e2:0d:35:1d:b6:00:ae:15:4e:3f:b4:43:
18:ff:f1:76:6c:76:80:7e:09:7d:37:e3:b2:70:51:58:de:d6:
4a:b8:be:e8:c2:98:64:0e:2e:5d:83:a4:ae:3a:57:e3:18:93:
5e:29:6f:12:06:2a:f6:62:15:4a:e2:4e:ec:13:05:af:94:19:
9a:24:0f:38:df:75:49:ac:5b:12:30:bb:22:14:6b:c7:aa:ad:
4c:62:81:6e:1e:f6:23:66:a1:78:1c:5f:ad:b4:94:36:c7:40:
28:a1:90:ef:50:8b:8b:91:d6:d2:34:4b:88:f4:53:8c:a4:d2:
af:c6:94:79
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOcDk1pq1m6DPJ/Gpdvvk8u9j4gQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMjcxOTM5MzdaFw0yNTEyMjYxOTQ0MzdaMDMxMTAvBgNV
BAMTKEFGRENENjlCRjM3QzMxNDk3QTE4OUQ2ODY5NkQ3N0I5RkIxRjk1RTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv/aGnbWMuazYAT0dwjuPffa9S
2Q3o1iOGbrdxXxP71kIBe6E78sk2ZQDU7ShDx+YEXVoqfG3Be+TAm8w8q5mv/iiM
risxpUX7A51x4H3WUzlSYJDTC8LMJnblbQjmyJNQNadVIIvgpRv6ecM7xoaNSFN5
XY4FomCO0uOCDpg0+IwkAZRaNdOHjxX79S3C0GoNG6GRCGYFFYJH9ZuuqN6DKPEa
Uo3NGt11xqvNk6o+EdTzh+onvpRS/HHdrSMaF4K/A7skDRr4LWGl1V+bAa/Lbp+p
1QsthPsnqf55eAawf16AZkpEL6ObtUiD0E/8faXCh1RsArW4t4Ojd+jevoUTAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUr9zWm/N8MUl6GJ1oaW13ufsflegwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzkzNTJlMzEzNjMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LV+gMA0GCSqGSIb3DQEBCwUAA4IBAQB9+RUu6iSJcpl8d6U2yGWYn65hXNynIsDC
ruBdL19vCCY0U0MCuWpJbxAS7eSyFG2jLr5rwOwUmq0lEyZ5Azp0payrvNnSNvfB
BGZUjoqlK+Q5rqYW80juX0AP+CW6Jxs/v0H4NxYRnCCGx0r7qZvbJHBIUlmo5vXp
bOPfTamplSmt2nriDTUdtgCuFU4/tEMY//F2bHaAfgl9N+OycFFY3tZKuL7owphk
Di5dg6SuOlfjGJNeKW8SBir2YhVK4k7sEwWvlBmaJA8433VJrFsSMLsiFGvHqq1M
YoFuHvYjZqF4HF+ttJQ2x0AooZDvUIuLkdbSNEuI9FOMpNKvxpR5
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:05:59 2025 by rpki-client