Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132322e302f32342d3332203d3e203531313637.roa
File: 34352e3134312e3132322e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: xCXr/4ecPKnI4Uj0jw4zf5VcihG9wXzw5qqzg6SyOyM=
Subject key identifier: 5F:AC:97:CE:50:61:C1:3F:39:B6:99:F8:E7:64:1F:6B:AC:B4:12:76
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 1686B7034849AF4627B42668A83FCD91CA4F7D24
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132322e302f32342d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:52:43 +0000
ROA not before: Mon 26 Feb 2024 08:47:43 +0000
ROA not after: Mon 24 Feb 2025 08:52:43 +0000
asID: 51167
IP address blocks: 45.141.122.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:86:b7:03:48:49:af:46:27:b4:26:68:a8:3f:cd:91:ca:4f:7d:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 26 08:47:43 2024 GMT
Not After : Feb 24 08:52:43 2025 GMT
Subject: CN=5FAC97CE5061C13F39B699F8E7641F6BACB41276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:bc:60:0e:1a:ca:9a:3f:61:33:56:dc:31:dd:
e5:5b:68:f8:72:53:7f:82:ab:34:67:dc:25:d2:97:
8b:af:03:cb:a5:74:8c:e5:a3:44:98:f7:65:f1:dd:
5f:51:db:ef:54:b5:13:2c:91:2a:95:b9:11:e4:22:
2e:65:6f:dd:2e:2e:43:83:80:ec:57:e0:9a:d2:25:
84:9f:66:f6:77:af:b2:d4:03:35:d9:8d:55:6e:be:
5a:83:eb:7a:cb:3c:7f:a0:51:7a:81:38:7f:d2:ee:
7a:28:d7:41:10:36:19:06:29:72:7e:67:c8:74:29:
0a:0a:5c:bd:70:29:91:f8:88:24:c9:39:2c:51:28:
f0:48:87:d9:7c:5b:df:e2:eb:04:8c:78:75:0a:e8:
53:5a:cd:b8:cc:82:3d:49:65:62:b6:ec:38:ca:bd:
b0:e8:be:0a:f9:46:8f:18:91:b1:32:70:9a:06:36:
d9:65:98:1f:b7:3d:85:a5:95:ea:7f:dc:b9:32:45:
80:71:b0:16:57:6e:50:2b:73:5a:b1:72:9c:0e:a1:
8d:80:15:00:24:e8:ed:23:db:ae:9d:64:51:eb:d7:
cd:9f:fe:51:c6:79:29:d3:b3:b9:35:17:a2:34:64:
ef:32:35:49:60:a6:c3:31:c4:a0:f4:7d:7b:f4:20:
a3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:AC:97:CE:50:61:C1:3F:39:B6:99:F8:E7:64:1F:6B:AC:B4:12:76
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132322e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.122.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:9c:c2:06:ca:14:9b:77:18:21:38:e5:c2:28:e3:f3:be:ee:
cf:50:0b:1d:6b:40:0e:b0:89:65:e2:46:b6:5c:81:d5:b2:6c:
2a:4a:fc:fc:1d:a6:30:4f:34:04:bd:3a:c1:d5:e7:f2:02:ba:
34:06:63:ad:e2:ea:f7:5a:93:53:b0:f6:7e:bf:04:46:c9:12:
b6:ba:e6:1d:b6:05:ef:87:00:6c:55:a1:d7:17:40:9c:08:4b:
6c:d4:3d:83:df:26:59:a8:06:8d:ac:ec:07:aa:f4:df:e6:b3:
ea:04:48:f9:d6:2b:e0:09:91:21:73:ee:7b:79:1e:85:24:40:
76:e3:e6:1d:af:92:b3:b7:90:8a:8e:d5:c0:ad:e1:56:41:af:
24:90:4c:ae:29:f1:fd:2a:e0:78:b6:d2:aa:eb:3f:8f:a7:66:
aa:cb:cd:af:07:8e:11:cc:23:31:f0:cf:f6:57:fd:34:52:b5:
d7:78:86:39:9c:d2:39:07:28:34:3a:7b:2a:38:4e:89:fc:60:
1a:80:2e:9d:6c:c7:19:14:74:f3:b4:23:4a:b9:0c:d2:d1:93:
aa:1a:af:64:af:b1:b8:1a:14:ef:86:a1:a8:f9:2c:4b:c8:54:
b6:8c:4e:17:1f:f9:24:8c:b9:a8:9a:f0:9a:fb:6a:ab:04:b6:
8e:6f:2d:14
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFoa3A0hJr0YntCZoqD/NkcpPfSQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDAyMjYwODQ3NDNaFw0yNTAyMjQwODUyNDNaMDMxMTAvBgNV
BAMTKDVGQUM5N0NFNTA2MUMxM0YzOUI2OTlGOEU3NjQxRjZCQUNCNDEyNzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3vGAOGsqaP2EzVtwx3eVbaPhy
U3+CqzRn3CXSl4uvA8uldIzlo0SY92Xx3V9R2+9UtRMskSqVuRHkIi5lb90uLkOD
gOxX4JrSJYSfZvZ3r7LUAzXZjVVuvlqD63rLPH+gUXqBOH/S7noo10EQNhkGKXJ+
Z8h0KQoKXL1wKZH4iCTJOSxRKPBIh9l8W9/i6wSMeHUK6FNazbjMgj1JZWK27DjK
vbDovgr5Ro8YkbEycJoGNtllmB+3PYWllep/3LkyRYBxsBZXblArc1qxcpwOoY2A
FQAk6O0j266dZFHr182f/lHGeSnTs7k1F6I0ZO8yNUlgpsMxxKD0fXv0IKOLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUX6yXzlBhwT85tpn452Qfa6y0EnYwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNDMxMmUzMTMy
MzIyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LY16MA0GCSqGSIb3DQEBCwUAA4IBAQA8nMIGyhSbdxghOOXCKOPzvu7PUAsda0AO
sIll4ka2XIHVsmwqSvz8HaYwTzQEvTrB1efyAro0BmOt4ur3WpNTsPZ+vwRGyRK2
uuYdtgXvhwBsVaHXF0CcCEts1D2D3yZZqAaNrOwHqvTf5rPqBEj51ivgCZEhc+57
eR6FJEB24+Ydr5Kzt5CKjtXAreFWQa8kkEyuKfH9KuB4ttKq6z+Pp2aqy82vB44R
zCMx8M/2V/00UrXXeIY5nNI5Byg0OnsqOE6J/GAagC6dbMcZFHTztCNKuQzS0ZOq
Gq9kr7G4GhTvhqGo+SxLyFS2jE4XH/kkjLmomvCa+2qrBLaOby0U
-----END CERTIFICATE-----
Generated at Fri May 17 10:15:39 2024 by rpki-client on console-ams.rpki-client.org