Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133302e3131322e302f32322d3234203d3e20323033303631.roa
File: 34352e3133302e3131322e302f32322d3234203d3e20323033303631.roa (raw, json)
Hash identifier: blqqF6yfHXUUh+GDioc6Tg1jh/RQghXt/KwU8wZVJZo=
Subject key identifier: 5C:8F:8C:1A:5F:14:3E:2C:37:73:88:0A:A5:AD:CC:9C:E8:35:C6:C9
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 0267CA4150257D8428FC00D8344EEC004B20F527
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133302e3131322e302f32322d3234203d3e20323033303631.roa
Signing time: Mon 26 Feb 2024 08:52:44 +0000
ROA not before: Mon 26 Feb 2024 08:47:44 +0000
ROA not after: Mon 24 Feb 2025 08:52:44 +0000
asID: 203061
IP address blocks: 45.130.112.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:67:ca:41:50:25:7d:84:28:fc:00:d8:34:4e:ec:00:4b:20:f5:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 26 08:47:44 2024 GMT
Not After : Feb 24 08:52:44 2025 GMT
Subject: CN=5C8F8C1A5F143E2C3773880AA5ADCC9CE835C6C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b8:d5:df:34:77:59:40:c6:38:48:61:e1:69:
e1:e7:79:83:98:23:0f:1c:ed:51:cc:d7:76:c9:fe:
30:21:fa:37:c1:01:27:a9:e5:fd:1d:10:37:c2:fc:
d5:6f:06:4b:3f:1e:ba:1e:32:8c:af:66:86:5d:ec:
45:b4:7b:81:dc:2b:ae:16:ab:be:8a:a8:0a:7b:78:
89:4b:53:3e:df:9e:46:a1:13:f6:04:6e:b2:00:c1:
e2:a2:31:a6:5b:ed:cd:04:07:4b:b3:2f:a0:d9:cd:
d8:f1:ef:39:7c:ad:1f:a2:d0:11:c6:42:43:a6:02:
2c:fa:2a:0d:35:73:23:ff:8e:5d:0e:45:b2:a1:d1:
34:d3:ce:b9:71:ac:23:80:8f:9e:6a:69:81:a8:ed:
f1:2d:8b:15:34:2f:1f:72:e0:40:ca:b7:0b:ad:92:
db:25:4c:96:3c:19:5c:38:dc:b3:1d:a4:75:92:e5:
02:5f:43:1a:b6:fc:69:4b:9d:49:13:67:86:40:73:
83:1e:da:bf:64:fa:fe:91:2e:b2:30:b3:42:37:fb:
9a:6d:3e:93:5d:eb:c7:d6:6b:57:5f:2b:81:e4:a7:
d7:2f:58:40:c3:98:9d:92:45:4e:c8:c8:6d:67:93:
c6:21:de:67:e5:c9:3e:5e:07:b4:c7:40:31:69:ec:
46:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:8F:8C:1A:5F:14:3E:2C:37:73:88:0A:A5:AD:CC:9C:E8:35:C6:C9
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133302e3131322e302f32322d3234203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.112.0/22
Signature Algorithm: sha256WithRSAEncryption
29:45:43:e8:d2:e4:61:ed:e7:3b:9e:b9:2e:7c:a3:a9:7d:cb:
41:ac:4f:e9:74:0e:9d:af:9e:51:cd:77:7d:aa:f2:b9:c2:69:
b3:10:89:83:38:2d:66:b4:af:e6:0b:04:ed:5a:4e:11:ff:af:
19:33:3b:43:82:0a:1d:5f:15:b8:9e:b8:22:f2:08:e5:d3:49:
0f:cd:e5:b5:d4:d0:87:72:11:4e:41:06:42:ec:89:ce:08:07:
cb:4d:a3:9c:9f:b4:cd:79:e3:00:e6:96:70:86:29:3d:8f:98:
41:9c:83:f9:6c:fc:85:93:ac:8d:49:32:ce:1e:0d:e0:fe:87:
3f:8c:63:93:b9:2f:8c:d3:86:64:3a:71:64:90:2f:fd:75:59:
f0:46:59:46:66:40:d1:31:be:5f:da:d4:15:c0:1d:ac:bf:0e:
15:23:d0:ed:fc:6f:a0:67:7b:30:30:70:fc:7d:a5:af:2a:e6:
28:c5:05:64:1b:0c:84:62:af:46:cd:08:e9:03:e2:98:d9:fb:
2d:e8:d3:9a:ac:bf:7b:83:0d:aa:95:de:49:22:db:3c:09:7f:
eb:d2:b8:e5:2f:df:29:7d:cb:48:92:47:58:d3:03:2e:bc:ac:
b6:58:8b:ac:97:07:2b:fc:78:35:99:59:77:36:1b:21:64:24:
cd:d9:3e:7e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUAmfKQVAlfYQo/ADYNE7sAEsg9ScwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDAyMjYwODQ3NDRaFw0yNTAyMjQwODUyNDRaMDMxMTAvBgNV
BAMTKDVDOEY4QzFBNUYxNDNFMkMzNzczODgwQUE1QURDQzlDRTgzNUM2QzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+uNXfNHdZQMY4SGHhaeHneYOY
Iw8c7VHM13bJ/jAh+jfBASep5f0dEDfC/NVvBks/HroeMoyvZoZd7EW0e4HcK64W
q76KqAp7eIlLUz7fnkahE/YEbrIAweKiMaZb7c0EB0uzL6DZzdjx7zl8rR+i0BHG
QkOmAiz6Kg01cyP/jl0ORbKh0TTTzrlxrCOAj55qaYGo7fEtixU0Lx9y4EDKtwut
ktslTJY8GVw43LMdpHWS5QJfQxq2/GlLnUkTZ4ZAc4Me2r9k+v6RLrIws0I3+5pt
PpNd68fWa1dfK4Hkp9cvWEDDmJ2SRU7IyG1nk8Yh3mflyT5eB7THQDFp7EbfAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUXI+MGl8UPiw3c4gKpa3MnOg1xskwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzMzMwMmUzMTMx
MzIyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMwMzMzMDM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAItgnAwDQYJKoZIhvcNAQELBQADggEBAClFQ+jS5GHt5zueuS58o6l9y0GsT+l0
Dp2vnlHNd32q8rnCabMQiYM4LWa0r+YLBO1aThH/rxkzO0OCCh1fFbieuCLyCOXT
SQ/N5bXU0IdyEU5BBkLsic4IB8tNo5yftM154wDmlnCGKT2PmEGcg/ls/IWTrI1J
Ms4eDeD+hz+MY5O5L4zThmQ6cWSQL/11WfBGWUZmQNExvl/a1BXAHay/DhUj0O38
b6BnezAwcPx9pa8q5ijFBWQbDIRir0bNCOkD4pjZ+y3o05qsv3uDDaqV3kki2zwJ
f+vSuOUv3yl9y0iSR1jTAy68rLZYi6yXByv8eDWZWXc2GyFkJM3ZPn4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:05 2024 by rpki-client on console-fra.rpki-client.org