Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133392e3131362e302f32322d3234203d3e20323033303631.roa
File: 34352e3133392e3131362e302f32322d3234203d3e20323033303631.roa (raw, json)
Hash identifier: MPMarIPTcxkPnEKMnaAgp1KvRJcYuXXNqdoIgldDyyE=
Subject key identifier: B1:D8:60:C3:56:2B:42:58:DB:60:FF:91:91:B9:FE:D6:FB:BB:B9:27
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 56145717180F2A931A028E094EFA139477A1FAD0
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133392e3131362e302f32322d3234203d3e20323033303631.roa
Signing time: Mon 26 Feb 2024 08:52:43 +0000
ROA not before: Mon 26 Feb 2024 08:47:43 +0000
ROA not after: Mon 24 Feb 2025 08:52:43 +0000
asID: 203061
IP address blocks: 45.139.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:14:57:17:18:0f:2a:93:1a:02:8e:09:4e:fa:13:94:77:a1:fa:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 26 08:47:43 2024 GMT
Not After : Feb 24 08:52:43 2025 GMT
Subject: CN=B1D860C3562B4258DB60FF9191B9FED6FBBBB927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:17:bc:44:0e:97:ab:90:ba:d6:86:36:ae:7f:
6b:ae:8d:ef:c0:ad:3e:f9:b8:65:fa:0c:96:54:b4:
48:19:0d:6f:d6:b0:16:89:2b:ee:07:d8:43:a7:20:
33:3b:aa:f8:9f:38:25:78:03:da:a3:b4:70:e7:b1:
71:f6:93:e7:f4:bf:16:a0:e7:a6:79:e9:a1:24:49:
79:53:5a:3e:e3:3a:4b:67:af:ff:21:8f:5d:60:ac:
5b:05:41:56:f5:c6:0b:68:31:fd:99:7f:37:bf:48:
36:ea:5b:db:97:80:ae:b2:ae:71:4e:66:e2:7d:56:
66:b8:c7:53:da:ff:5a:b7:87:a8:00:eb:54:54:a3:
5e:46:ee:25:86:c8:c4:f0:91:1d:b7:35:9a:de:33:
ca:df:48:02:03:2a:9c:9b:69:7e:f9:64:32:76:3e:
d3:b5:ca:66:62:fe:ff:93:e9:70:66:6f:80:ba:98:
c6:6f:d7:e5:12:6c:36:37:49:af:f9:a1:d7:30:c4:
96:81:2a:bf:77:97:21:e7:6b:10:cd:2d:3c:66:0d:
ba:91:b1:5e:ad:0f:a7:f2:d0:05:7e:69:a3:f7:74:
f8:f2:d4:e7:5e:65:f8:58:f7:31:35:3e:4d:fa:75:
d6:7f:d8:57:2c:96:32:a6:30:55:0b:78:5c:13:81:
6a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D8:60:C3:56:2B:42:58:DB:60:FF:91:91:B9:FE:D6:FB:BB:B9:27
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133392e3131362e302f32322d3234203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.116.0/22
Signature Algorithm: sha256WithRSAEncryption
81:59:e3:f2:79:5b:2a:cf:af:71:03:c1:97:38:22:5a:5e:10:
ef:9c:09:9d:f9:9b:e6:fe:28:fb:a9:f0:6b:da:18:5b:13:01:
cc:d1:0c:55:5a:bd:94:26:62:9e:8d:0b:42:90:8b:c2:65:73:
44:ed:9f:a6:93:68:73:44:6d:2f:24:ad:2e:8a:c2:a5:54:6f:
7c:b8:50:d0:39:b0:73:2b:81:c5:a1:8b:04:42:68:20:4c:12:
18:32:a1:67:8d:50:02:ed:f0:42:dc:19:10:fb:c3:61:cf:b3:
58:46:e1:11:a6:ca:6e:95:73:0b:2f:36:df:a3:44:5d:0c:84:
48:e6:5d:e6:f8:33:90:f5:e3:76:a1:4c:29:04:49:48:38:7d:
07:ef:d1:cd:c7:97:2c:21:0f:2e:0a:d4:30:99:87:bf:10:55:
13:c0:3b:a0:2a:94:44:e2:d2:27:46:0c:ae:2d:d4:5b:07:43:
b5:83:69:48:6d:36:0a:0e:9a:5b:bc:92:53:64:9e:c9:bc:f3:
8f:87:38:58:cc:55:33:04:d8:77:c4:76:e6:07:f7:3a:c0:4b:
f2:23:65:3b:f2:0c:91:b2:69:aa:1c:ec:e5:95:90:f4:0e:10:
94:95:45:30:c8:23:ce:7c:75:20:ac:af:31:2c:71:76:cb:2d:
b2:d4:27:49
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVhRXFxgPKpMaAo4JTvoTlHeh+tAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDAyMjYwODQ3NDNaFw0yNTAyMjQwODUyNDNaMDMxMTAvBgNV
BAMTKEIxRDg2MEMzNTYyQjQyNThEQjYwRkY5MTkxQjlGRUQ2RkJCQkI5MjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsF7xEDperkLrWhjauf2uuje/A
rT75uGX6DJZUtEgZDW/WsBaJK+4H2EOnIDM7qvifOCV4A9qjtHDnsXH2k+f0vxag
56Z56aEkSXlTWj7jOktnr/8hj11grFsFQVb1xgtoMf2Zfze/SDbqW9uXgK6yrnFO
ZuJ9Vma4x1Pa/1q3h6gA61RUo15G7iWGyMTwkR23NZreM8rfSAIDKpybaX75ZDJ2
PtO1ymZi/v+T6XBmb4C6mMZv1+USbDY3Sa/5odcwxJaBKr93lyHnaxDNLTxmDbqR
sV6tD6fy0AV+aaP3dPjy1OdeZfhY9zE1Pk36ddZ/2FcsljKmMFULeFwTgWrpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUsdhgw1YrQljbYP+Rkbn+1vu7uScwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzMzM5MmUzMTMx
MzYyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMwMzMzMDM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIti3QwDQYJKoZIhvcNAQELBQADggEBAIFZ4/J5WyrPr3EDwZc4IlpeEO+cCZ35
m+b+KPup8GvaGFsTAczRDFVavZQmYp6NC0KQi8Jlc0Ttn6aTaHNEbS8krS6KwqVU
b3y4UNA5sHMrgcWhiwRCaCBMEhgyoWeNUALt8ELcGRD7w2HPs1hG4RGmym6Vcwsv
Nt+jRF0MhEjmXeb4M5D143ahTCkESUg4fQfv0c3HlywhDy4K1DCZh78QVRPAO6Aq
lETi0idGDK4t1FsHQ7WDaUhtNgoOmlu8klNknsm884+HOFjMVTME2HfEduYH9zrA
S/IjZTvyDJGyaaoc7OWVkPQOEJSVRTDII858dSCsrzEscXbLLbLUJ0k=
-----END CERTIFICATE-----
Generated at Fri May 17 09:34:37 2024 by rpki-client on console-fra.rpki-client.org