Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134342e38312e302f32342d3332203d3e20313336373837.roa
File: 34352e3134342e38312e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: Em8a96ULngragHUfKxDffYQdDWkNCgIgS72runL8qB4=
Subject key identifier: BA:53:B6:44:17:D8:9E:05:85:A2:E5:25:BE:A9:5B:ED:60:30:58:81
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 308907F827374E16593555DA8511E061A74185A4
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134342e38312e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:52:43 +0000
ROA not before: Mon 26 Feb 2024 08:47:43 +0000
ROA not after: Mon 24 Feb 2025 08:52:43 +0000
asID: 136787
IP address blocks: 45.144.81.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:89:07:f8:27:37:4e:16:59:35:55:da:85:11:e0:61:a7:41:85:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 26 08:47:43 2024 GMT
Not After : Feb 24 08:52:43 2025 GMT
Subject: CN=BA53B64417D89E0585A2E525BEA95BED60305881
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:17:ce:27:e7:ab:e8:ab:01:49:ba:a0:d2:de:
63:01:62:10:c7:fe:38:e1:3f:95:08:63:a5:d7:7a:
1a:f0:b1:ee:0f:2f:e5:d8:51:34:68:c7:af:6e:2f:
86:da:fc:41:4d:9e:94:57:1f:e7:b6:5e:39:2e:0c:
a8:9c:a4:2f:a6:ba:e0:ce:0d:8e:29:8c:dd:c6:21:
35:b9:f3:ca:e5:a8:d7:27:f4:e2:90:39:2d:48:58:
90:70:77:4b:57:f2:c6:be:a6:dd:cb:0c:59:c4:a9:
b5:18:d8:d6:06:d0:18:18:46:a4:6e:b1:c7:03:86:
e5:ad:36:6a:72:3f:c7:8b:6b:c7:e8:be:24:0c:4b:
cb:da:d4:59:2a:de:3e:2c:60:27:67:5e:af:d0:24:
3e:f6:22:e1:cb:60:dd:f8:fa:58:06:01:38:31:96:
77:d6:bb:f6:d4:3e:dd:3f:50:ff:de:7d:c8:7e:4f:
66:85:7b:e2:26:be:8d:e5:dd:b7:bf:d1:3f:6e:35:
dc:f3:da:6e:ab:a0:8c:41:b6:cf:32:25:02:74:3f:
5f:38:0a:f0:f0:42:e6:e2:83:16:94:8a:5e:17:13:
2c:70:5a:3f:16:93:90:eb:c1:1e:93:d2:c0:41:06:
ed:0e:d3:0f:0b:23:66:f5:db:bc:40:d1:21:a5:36:
2f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:53:B6:44:17:D8:9E:05:85:A2:E5:25:BE:A9:5B:ED:60:30:58:81
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134342e38312e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.81.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:4b:3a:cb:13:88:98:84:b7:35:ff:48:44:94:78:f7:79:ec:
07:8d:b2:f3:18:fd:7f:4d:9b:57:20:89:75:68:64:bc:44:32:
36:8a:91:33:da:5f:89:12:03:ae:76:65:3d:7d:6f:61:98:2a:
e0:e5:0e:5a:8e:e4:42:67:a4:10:dc:2b:85:c0:00:63:83:e0:
e1:ec:22:dd:3a:4e:ca:1a:b7:19:40:af:ff:1f:1c:2c:10:f9:
0d:0f:20:cf:b1:fd:0a:c6:b1:0e:b3:29:be:65:2d:f6:b1:54:
f2:a8:dd:7b:77:10:c9:94:af:55:6e:94:ab:52:19:20:7f:96:
cd:21:a3:d1:bb:0b:95:7c:32:6e:e3:fc:92:02:7e:60:eb:07:
d3:6e:ff:b5:3a:c4:2d:0a:d5:69:cc:81:5c:97:82:1a:e1:0d:
9f:84:d0:67:3c:fe:9a:27:af:d6:9f:fc:c1:d6:c4:40:93:7b:
d3:79:d3:5f:be:72:7b:e6:69:7a:1c:dd:6d:c5:b6:13:37:d3:
8c:11:47:64:89:c7:5c:2e:5b:c1:a8:a2:c7:53:1f:5a:f0:55:
8a:16:9a:39:72:36:3f:d7:14:14:31:ad:0c:9b:12:95:13:b2:
ff:32:24:36:38:91:52:72:92:b7:b2:12:8a:4e:ff:1f:a2:2c:
a1:e2:9d:4e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMIkH+Cc3ThZZNVXahRHgYadBhaQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDAyMjYwODQ3NDNaFw0yNTAyMjQwODUyNDNaMDMxMTAvBgNV
BAMTKEJBNTNCNjQ0MTdEODlFMDU4NUEyRTUyNUJFQTk1QkVENjAzMDU4ODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMF84n56voqwFJuqDS3mMBYhDH
/jjhP5UIY6XXehrwse4PL+XYUTRox69uL4ba/EFNnpRXH+e2XjkuDKicpC+muuDO
DY4pjN3GITW588rlqNcn9OKQOS1IWJBwd0tX8sa+pt3LDFnEqbUY2NYG0BgYRqRu
sccDhuWtNmpyP8eLa8foviQMS8va1Fkq3j4sYCdnXq/QJD72IuHLYN34+lgGATgx
lnfWu/bUPt0/UP/efch+T2aFe+Imvo3l3be/0T9uNdzz2m6roIxBts8yJQJ0P184
CvDwQubigxaUil4XEyxwWj8Wk5DrwR6T0sBBBu0O0w8LI2b127xA0SGlNi97AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUulO2RBfYngWFouUlvqlb7WAwWIEwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNDM0MmUzODMx
MmUzMDJmMzIzNDJkMzMzMjIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZBRMA0GCSqGSIb3DQEBCwUAA4IBAQB8SzrLE4iYhLc1/0hElHj3eewHjbLzGP1/
TZtXIIl1aGS8RDI2ipEz2l+JEgOudmU9fW9hmCrg5Q5ajuRCZ6QQ3CuFwABjg+Dh
7CLdOk7KGrcZQK//HxwsEPkNDyDPsf0KxrEOsym+ZS32sVTyqN17dxDJlK9VbpSr
Uhkgf5bNIaPRuwuVfDJu4/ySAn5g6wfTbv+1OsQtCtVpzIFcl4Ia4Q2fhNBnPP6a
J6/Wn/zB1sRAk3vTedNfvnJ75ml6HN1txbYTN9OMEUdkicdcLlvBqKLHUx9a8FWK
Fpo5cjY/1xQUMa0MmxKVE7L/MiQ2OJFScpK3shKKTv8foiyh4p1O
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:25 2024 by rpki-client on console-fra.rpki-client.org