Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132302e302f32342d3234203d3e20313336373837.roa
File: 34352e3134312e3132302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: /+06D/5GVp3R3QlfIPP/JP6cggz2pChE0Zzxtcp4o90=
Subject key identifier: 4A:3A:CB:E7:D7:0B:7F:F8:BC:3A:AE:03:94:BF:CC:29:E8:9C:8A:E9
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 614EBC22C3E6EEDCFE9ED391A7D49ADDFF38A0DD
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132302e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 02 Mar 2024 21:54:45 +0000
ROA not before: Sat 02 Mar 2024 21:49:45 +0000
ROA not after: Sat 01 Mar 2025 21:54:45 +0000
asID: 136787
IP address blocks: 45.141.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:4e:bc:22:c3:e6:ee:dc:fe:9e:d3:91:a7:d4:9a:dd:ff:38:a0:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 2 21:49:45 2024 GMT
Not After : Mar 1 21:54:45 2025 GMT
Subject: CN=4A3ACBE7D70B7FF8BC3AAE0394BFCC29E89C8AE9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7d:41:90:35:0a:22:d3:a8:55:dd:e7:a6:6b:
c0:04:35:14:92:76:99:3f:d4:11:e5:a5:d9:4e:8a:
5d:d4:eb:e6:d7:75:b4:56:5c:ee:50:77:87:7f:f5:
23:c5:36:1b:28:ef:b8:4f:33:97:75:a6:41:5a:dd:
e4:bc:8c:ca:9f:fa:a3:94:00:47:a2:36:ee:1d:e0:
70:ce:ba:a0:41:82:9d:19:ae:d0:82:35:21:ef:67:
e0:c1:54:8e:6c:93:a7:a8:22:dd:2e:00:2e:ee:35:
c5:be:38:ea:7a:9d:06:67:25:a3:e2:3b:17:7d:82:
22:ca:d3:dd:5c:37:c0:84:21:0e:66:a9:4f:4d:6c:
57:99:a7:99:72:b9:70:95:44:c8:e7:15:29:63:1f:
2a:d5:9c:23:24:08:00:11:54:67:a1:6b:f9:9b:01:
53:76:33:39:ed:8c:9f:bc:83:37:ef:4a:b4:07:30:
7f:03:12:d5:e8:16:8a:dc:30:32:fc:9d:21:35:18:
22:5e:95:58:65:03:bf:6d:35:c6:91:a4:8d:ef:bb:
3e:24:04:6c:55:07:0a:46:ba:f9:c7:2a:6a:eb:70:
d6:73:58:3a:ab:10:74:97:3f:10:bd:36:82:8b:5c:
1c:85:80:2a:34:52:c9:d3:ea:b5:17:9c:2f:bb:fb:
aa:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:3A:CB:E7:D7:0B:7F:F8:BC:3A:AE:03:94:BF:CC:29:E8:9C:8A:E9
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.120.0/24
Signature Algorithm: sha256WithRSAEncryption
30:c7:da:9c:36:97:a9:8f:d1:40:9c:88:79:d2:3d:21:70:98:
51:e9:43:c5:d3:4c:95:62:f4:e2:19:c4:23:6d:92:fe:ba:f4:
e2:3f:f6:95:11:80:dd:b1:43:7d:cb:72:48:2b:d7:07:47:3b:
ca:36:a4:d9:e0:e4:c1:9e:92:d1:33:58:b1:41:63:fd:af:59:
72:a5:ab:11:ba:22:34:96:4c:3e:3b:13:17:0d:ed:1f:1a:27:
da:d9:85:bf:d8:ad:76:61:81:95:05:74:0c:2a:d7:02:e6:c5:
72:50:1c:7d:f0:17:d9:ef:f0:c1:cf:e6:cd:b5:fb:cb:30:50:
4a:3b:34:2d:73:2c:6e:6b:d2:b2:b8:26:9b:99:fe:2f:66:5f:
5a:23:8b:17:2f:98:8a:22:48:dd:55:7e:6a:f5:69:9e:24:a8:
f3:18:0f:4c:18:4b:ac:42:31:22:b3:bf:39:8b:a0:a7:33:90:
62:47:0c:95:b2:aa:57:92:fe:2e:f8:23:e3:31:e4:d7:88:22:
fb:d7:b1:20:9a:c0:5a:06:1f:9e:3b:7b:88:66:b0:b2:7d:5f:
ca:b0:4e:55:0e:36:5e:d3:a8:00:bd:ea:24:ad:f5:d3:63:87:
38:12:93:94:b0:49:c2:b1:5e:d7:c1:86:5b:77:3f:59:08:a0:
26:8a:45:46
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYU68IsPm7tz+ntORp9Sa3f84oN0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDAzMDIyMTQ5NDVaFw0yNTAzMDEyMTU0NDVaMDMxMTAvBgNV
BAMTKDRBM0FDQkU3RDcwQjdGRjhCQzNBQUUwMzk0QkZDQzI5RTg5QzhBRTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHfUGQNQoi06hV3eema8AENRSS
dpk/1BHlpdlOil3U6+bXdbRWXO5Qd4d/9SPFNhso77hPM5d1pkFa3eS8jMqf+qOU
AEeiNu4d4HDOuqBBgp0ZrtCCNSHvZ+DBVI5sk6eoIt0uAC7uNcW+OOp6nQZnJaPi
Oxd9giLK091cN8CEIQ5mqU9NbFeZp5lyuXCVRMjnFSljHyrVnCMkCAARVGeha/mb
AVN2MzntjJ+8gzfvSrQHMH8DEtXoForcMDL8nSE1GCJelVhlA79tNcaRpI3vuz4k
BGxVBwpGuvnHKmrrcNZzWDqrEHSXPxC9NoKLXByFgCo0UsnT6rUXnC+7+6oVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUSjrL59cLf/i8Oq4DlL/MKeiciukwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNDMxMmUzMTMy
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtjXgwDQYJKoZIhvcNAQELBQADggEBADDH2pw2l6mP0UCciHnSPSFwmFHpQ8XT
TJVi9OIZxCNtkv669OI/9pURgN2xQ33Lckgr1wdHO8o2pNng5MGektEzWLFBY/2v
WXKlqxG6IjSWTD47ExcN7R8aJ9rZhb/YrXZhgZUFdAwq1wLmxXJQHH3wF9nv8MHP
5s21+8swUEo7NC1zLG5r0rK4JpuZ/i9mX1ojixcvmIoiSN1Vfmr1aZ4kqPMYD0wY
S6xCMSKzvzmLoKczkGJHDJWyqleS/i74I+Mx5NeIIvvXsSCawFoGH547e4hmsLJ9
X8qwTlUONl7TqAC96iSt9dNjhzgSk5SwScKxXtfBhlt3P1kIoCaKRUY=
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:26 2024 by rpki-client on console-fra.rpki-client.org