Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133332e34302e302f32322d3234203d3e20323033303631.roa
File: 34352e3133332e34302e302f32322d3234203d3e20323033303631.roa (raw, json)
Hash identifier: w9IYJip1ctGwdIktY3B6rxm2rMDFJUMecms57AbIuF0=
Subject key identifier: 17:E7:FF:8D:5D:50:A3:A0:0D:51:42:4D:8D:4A:2D:03:AF:41:76:8C
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 0603A096764D963D50FF6F369F90EC99C8B42F32
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133332e34302e302f32322d3234203d3e20323033303631.roa
Signing time: Mon 26 Feb 2024 08:52:42 +0000
ROA not before: Mon 26 Feb 2024 08:47:42 +0000
ROA not after: Mon 24 Feb 2025 08:52:42 +0000
asID: 203061
IP address blocks: 45.133.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:03:a0:96:76:4d:96:3d:50:ff:6f:36:9f:90:ec:99:c8:b4:2f:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 26 08:47:42 2024 GMT
Not After : Feb 24 08:52:42 2025 GMT
Subject: CN=17E7FF8D5D50A3A00D51424D8D4A2D03AF41768C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2c:a3:2e:cd:13:e9:60:2e:42:21:b2:49:ea:
e9:41:3f:00:3c:4a:f1:c0:dc:96:ad:e5:86:c5:06:
d5:0d:7b:57:4e:9c:e1:2e:b7:96:bb:58:fc:eb:56:
9a:39:39:88:60:b0:b6:9b:0d:35:ef:3b:b7:a0:03:
4e:58:97:c7:b6:cf:a3:18:fd:56:da:f7:79:b1:08:
82:39:a1:9a:06:92:ca:69:5a:a4:8d:ab:09:20:ed:
b0:ad:14:4a:c1:b3:54:17:68:06:2c:ce:8d:57:88:
69:8e:4a:83:39:2e:41:21:0c:f3:1b:d0:b1:76:f0:
30:74:b1:fc:d5:be:13:66:c1:6e:cd:a0:0d:23:ec:
1e:d0:16:55:09:21:1b:06:bc:0c:c1:f6:88:94:f4:
68:d3:86:f5:c8:69:8e:61:5d:4f:9c:7e:86:fe:6c:
e3:f7:6a:0d:7b:70:f0:3d:da:93:40:a0:c8:f8:5d:
88:bb:ec:7a:bc:75:10:46:ef:2e:ea:48:51:4d:22:
f1:88:b1:f9:f2:24:0a:43:a1:a8:94:09:92:73:5c:
fb:9b:71:67:d9:7a:c9:4f:67:e3:d1:f6:ff:69:aa:
3a:48:16:c8:ec:e4:0a:54:3b:fd:10:06:dd:57:79:
70:1d:07:c4:5a:32:6a:44:3e:36:69:fa:c0:e3:a1:
fd:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:E7:FF:8D:5D:50:A3:A0:0D:51:42:4D:8D:4A:2D:03:AF:41:76:8C
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133332e34302e302f32322d3234203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.40.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:0a:cb:72:32:2d:27:b9:37:76:38:78:47:01:af:38:11:2d:
46:f1:4b:7d:f5:c0:42:ad:76:8c:f9:5e:bb:0f:3e:8c:8c:2b:
63:15:5d:1c:39:5d:f5:88:c7:0a:dc:22:70:67:bb:37:8b:ab:
ea:98:67:02:75:c3:2c:06:a4:79:9f:ee:fa:43:cd:3a:67:75:
8d:64:2b:07:03:7a:d2:df:41:23:97:c9:18:63:59:0d:86:6b:
47:5d:be:51:d1:3c:6c:c7:1c:68:ee:74:3b:a3:14:2a:fb:cc:
43:71:72:df:a6:70:e4:15:48:00:de:c6:7f:5a:03:a0:54:1c:
8b:6c:90:aa:b9:1b:51:d6:0b:ff:1f:f7:db:0e:ef:40:15:ea:
1c:41:65:85:5e:9e:98:05:3b:42:7b:3f:bb:8c:00:f0:70:81:
57:e5:cb:55:4b:5b:36:f5:44:a4:07:9f:e5:2a:6c:52:a2:73:
1a:07:4d:df:92:19:41:30:00:45:de:ad:8a:7a:a5:fd:af:3f:
90:46:bd:26:a5:9a:5f:76:0d:30:3a:c0:68:53:70:3e:1e:25:
f0:27:25:d2:5e:46:b3:4b:7b:10:12:81:98:8d:85:1c:b9:28:
2a:04:41:23:9f:18:59:5f:39:f3:26:49:24:5a:94:3e:4e:d8:
46:34:60:36
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBgOglnZNlj1Q/282n5Dsmci0LzIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDAyMjYwODQ3NDJaFw0yNTAyMjQwODUyNDJaMDMxMTAvBgNV
BAMTKDE3RTdGRjhENUQ1MEEzQTAwRDUxNDI0RDhENEEyRDAzQUY0MTc2OEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoLKMuzRPpYC5CIbJJ6ulBPwA8
SvHA3Jat5YbFBtUNe1dOnOEut5a7WPzrVpo5OYhgsLabDTXvO7egA05Yl8e2z6MY
/Vba93mxCII5oZoGksppWqSNqwkg7bCtFErBs1QXaAYszo1XiGmOSoM5LkEhDPMb
0LF28DB0sfzVvhNmwW7NoA0j7B7QFlUJIRsGvAzB9oiU9GjThvXIaY5hXU+cfob+
bOP3ag17cPA92pNAoMj4XYi77Hq8dRBG7y7qSFFNIvGIsfnyJApDoaiUCZJzXPub
cWfZeslPZ+PR9v9pqjpIFsjs5ApUO/0QBt1XeXAdB8RaMmpEPjZp+sDjof0hAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUF+f/jV1Qo6ANUUJNjUotA69BdowwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzMzMzMmUzNDMw
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzMDMzMzAzNjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
LYUoMA0GCSqGSIb3DQEBCwUAA4IBAQAOCstyMi0nuTd2OHhHAa84ES1G8Ut99cBC
rXaM+V67Dz6MjCtjFV0cOV31iMcK3CJwZ7s3i6vqmGcCdcMsBqR5n+76Q806Z3WN
ZCsHA3rS30Ejl8kYY1kNhmtHXb5R0Txsxxxo7nQ7oxQq+8xDcXLfpnDkFUgA3sZ/
WgOgVByLbJCquRtR1gv/H/fbDu9AFeocQWWFXp6YBTtCez+7jADwcIFX5ctVS1s2
9USkB5/lKmxSonMaB03fkhlBMABF3q2KeqX9rz+QRr0mpZpfdg0wOsBoU3A+HiXw
JyXSXkazS3sQEoGYjYUcuSgqBEEjnxhZXznzJkkkWpQ+TthGNGA2
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:05 2024 by rpki-client on console-fra.rpki-client.org