Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132332e302f32342d3234203d3e20313336373837.roa
File: 34352e3134312e3132332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: XXIJIr299s+3XeAbwLZmcDZvOQ2lwYauxn6bbURJhdQ=
Subject key identifier: 41:63:60:DB:6D:29:04:F0:6C:D3:D9:23:D5:38:6F:AF:4D:B7:C8:3E
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 66582E239C55C72701A6A63BF0EC5313F742B5E8
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132332e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 03 Apr 2024 19:03:27 +0000
ROA not before: Wed 03 Apr 2024 18:58:27 +0000
ROA not after: Wed 02 Apr 2025 19:03:27 +0000
asID: 136787
IP address blocks: 45.141.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 16:15:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:58:2e:23:9c:55:c7:27:01:a6:a6:3b:f0:ec:53:13:f7:42:b5:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Apr 3 18:58:27 2024 GMT
Not After : Apr 2 19:03:27 2025 GMT
Subject: CN=416360DB6D2904F06CD3D923D5386FAF4DB7C83E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:eb:0f:e9:ef:f2:4b:ed:50:a9:27:3a:3e:51:
4d:60:04:1c:75:f4:17:dc:16:2d:6c:c0:72:1e:62:
0f:55:e4:08:83:4b:af:de:86:a0:e3:f0:58:13:3c:
48:01:98:00:a4:92:69:cd:bd:49:f2:64:67:af:be:
90:b6:fb:06:a9:e2:45:eb:b5:21:72:59:4d:ff:3c:
20:80:f6:86:36:7a:a3:5f:76:de:53:a5:e1:05:3a:
06:ed:1f:05:a1:ca:11:dc:07:66:96:79:0f:c6:74:
9a:9f:80:30:99:28:41:f8:d1:f9:1d:bc:77:c9:8e:
e6:da:6e:f7:6e:5f:e2:98:a4:c7:d7:1e:99:2c:f6:
75:c1:78:8a:6d:ca:ba:b4:08:86:c8:26:b1:3b:31:
90:58:f4:35:9b:b5:49:ae:26:15:ff:e2:8c:20:aa:
1b:76:3f:b5:85:a2:f2:00:41:a4:90:7d:e0:f2:32:
9a:da:01:23:84:c7:c1:68:9a:4a:41:24:2b:c8:ae:
92:54:ce:a6:b6:ea:21:ea:a6:d1:41:bd:e4:9a:5f:
0f:7b:35:69:39:1b:f4:c9:8d:4b:ef:45:75:fd:d8:
7c:a7:15:25:7f:72:09:e7:fc:d6:37:2a:83:ab:1c:
3d:65:be:13:03:6e:cb:5d:ea:43:40:35:9f:34:0a:
2b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:63:60:DB:6D:29:04:F0:6C:D3:D9:23:D5:38:6F:AF:4D:B7:C8:3E
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.123.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:f5:62:36:e4:a2:6a:c6:18:cd:d5:3a:a0:d7:80:4c:f4:61:
be:46:60:5b:ec:43:7c:72:09:5c:8b:e1:45:66:17:36:ce:4d:
4a:8b:a6:1c:4a:75:3f:9f:53:56:64:55:c7:ac:c9:63:68:28:
16:1e:fc:f6:e9:d8:d1:0d:aa:9e:f3:86:5c:67:f0:41:a8:85:
c8:d1:6a:23:1d:6f:7d:e5:e9:b2:f9:fa:19:e9:aa:79:00:30:
bb:70:06:f3:c1:d2:29:36:80:ff:1a:a7:bb:d6:cd:0b:88:f3:
5d:d3:ec:8c:51:67:c2:03:73:18:47:72:e3:6d:08:80:8b:db:
cd:f1:02:18:f7:fc:2a:55:43:38:66:22:b6:c2:7c:85:57:63:
ef:27:95:67:19:56:89:0f:b5:f4:50:59:f9:fd:4d:44:ea:0d:
4b:ad:73:75:5a:ce:78:f3:65:8d:0d:b4:ec:09:0d:76:7f:8b:
b3:8b:ff:c9:29:4a:a5:c8:93:e9:1c:4b:2a:61:97:df:ff:42:
18:2e:5c:59:1c:b7:4b:a3:df:65:a6:34:ee:c9:07:ce:1c:c5:
ab:f7:70:4f:f3:a8:6b:28:fe:7d:ea:63:d3:22:a6:42:46:c8:
9c:84:95:e1:d1:bc:74:aa:af:7e:e5:0d:4a:b1:7c:b2:87:71:
00:1f:17:5a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZlguI5xVxycBpqY78OxTE/dCtegwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDA0MDMxODU4MjdaFw0yNTA0MDIxOTAzMjdaMDMxMTAvBgNV
BAMTKDQxNjM2MERCNkQyOTA0RjA2Q0QzRDkyM0Q1Mzg2RkFGNERCN0M4M0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR6w/p7/JL7VCpJzo+UU1gBBx1
9BfcFi1swHIeYg9V5AiDS6/ehqDj8FgTPEgBmACkkmnNvUnyZGevvpC2+wap4kXr
tSFyWU3/PCCA9oY2eqNfdt5TpeEFOgbtHwWhyhHcB2aWeQ/GdJqfgDCZKEH40fkd
vHfJjubabvduX+KYpMfXHpks9nXBeIptyrq0CIbIJrE7MZBY9DWbtUmuJhX/4owg
qht2P7WFovIAQaSQfeDyMpraASOEx8FomkpBJCvIrpJUzqa26iHqptFBveSaXw97
NWk5G/TJjUvvRXX92HynFSV/cgnn/NY3KoOrHD1lvhMDbstd6kNANZ80CittAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUQWNg220pBPBs09kj1Thvr023yD4wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNDMxMmUzMTMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtjXswDQYJKoZIhvcNAQELBQADggEBAKf1YjbkomrGGM3VOqDXgEz0Yb5GYFvs
Q3xyCVyL4UVmFzbOTUqLphxKdT+fU1ZkVcesyWNoKBYe/Pbp2NENqp7zhlxn8EGo
hcjRaiMdb33l6bL5+hnpqnkAMLtwBvPB0ik2gP8ap7vWzQuI813T7IxRZ8IDcxhH
cuNtCICL283xAhj3/CpVQzhmIrbCfIVXY+8nlWcZVokPtfRQWfn9TUTqDUutc3Va
znjzZY0NtOwJDXZ/i7OL/8kpSqXIk+kcSyphl9//QhguXFkct0uj32WmNO7JB84c
xav3cE/zqGso/n3qY9MipkJGyJyEleHRvHSqr37lDUqxfLKHcQAfF1o=
-----END CERTIFICATE-----
Generated at Wed May 8 01:08:36 2024 by rpki-client on console-fra.rpki-client.org