Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134392e3230342e302f32332d3332203d3e203531313637.roa
File: 34352e3134392e3230342e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: gUTAepLAoAIeM07dVVtbK1O/45AnDoko5mbbZVeghh0=
Subject key identifier: C1:85:2A:0E:94:B6:8D:9D:5E:45:85:61:39:C3:F9:D0:BA:11:33:C2
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 4947CDD0F6BE5AB259E6FFA5C036790448613568
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134392e3230342e302f32332d3332203d3e203531313637.roa
Signing time: Wed 22 May 2024 12:53:43 +0000
ROA not before: Wed 22 May 2024 12:48:43 +0000
ROA not after: Wed 21 May 2025 12:53:43 +0000
asID: 51167
IP address blocks: 45.149.204.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:47:cd:d0:f6:be:5a:b2:59:e6:ff:a5:c0:36:79:04:48:61:35:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: May 22 12:48:43 2024 GMT
Not After : May 21 12:53:43 2025 GMT
Subject: CN=C1852A0E94B68D9D5E45856139C3F9D0BA1133C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:28:63:bb:53:23:75:6c:f2:05:c8:76:47:53:
dd:49:98:30:5d:ab:e5:24:87:5e:9b:c6:a9:cd:30:
d1:d1:1d:a8:ce:f5:e3:4f:c4:25:2d:a4:6f:d7:92:
32:81:e0:50:1c:23:8b:cc:c2:fb:90:ea:bb:1b:41:
a5:86:9e:f7:2f:0d:f0:f1:0b:79:ee:f2:b0:4c:a7:
9e:85:1a:93:e2:f1:45:4c:a2:81:a5:23:fe:e3:99:
6a:60:36:d8:3c:c7:86:fa:c3:ef:da:a8:80:6a:b2:
58:41:c9:9e:ee:99:43:ff:2d:a5:83:9f:f8:e1:1a:
e9:00:21:f7:6d:cc:c1:a3:da:c8:78:94:40:58:e8:
64:05:29:37:f6:f6:d0:23:52:9c:e5:61:01:7f:bf:
31:48:14:eb:71:0c:cf:63:20:42:a6:56:5c:4a:bc:
54:fe:39:90:2a:a6:4a:00:3f:07:7d:fa:f7:44:49:
56:0e:10:e0:9a:fe:6c:42:53:28:3f:a0:5a:d6:cf:
90:17:bd:87:36:96:2f:08:d9:c5:71:23:7c:74:09:
cb:35:88:b1:04:2d:46:c0:6a:21:42:1a:8a:4b:d7:
e1:63:60:97:ce:19:e1:80:b7:43:8e:d6:ec:f1:23:
6f:08:f8:36:d9:35:8f:cd:30:da:19:3d:0e:89:6a:
f5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:85:2A:0E:94:B6:8D:9D:5E:45:85:61:39:C3:F9:D0:BA:11:33:C2
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134392e3230342e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.204.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:ca:5f:97:94:72:88:a4:e1:97:d4:24:a5:5a:78:40:e5:d2:
11:00:df:8e:82:79:1b:bc:cd:ed:27:42:6f:98:55:68:94:12:
3e:fb:f1:d9:7e:dd:38:6d:d3:6c:3d:98:40:c4:ce:63:ea:e1:
d3:31:94:1e:4b:22:19:d3:06:2e:dd:63:3a:16:ec:ec:7b:0b:
9c:07:7d:67:dc:9b:7f:69:4c:0d:98:30:a6:1f:f1:ce:24:6c:
08:89:92:d3:53:9f:3a:b5:bc:97:ca:29:4d:b7:17:86:0d:23:
7a:65:10:aa:09:70:0e:1d:c6:82:cb:36:f1:ea:ce:59:ca:ac:
5e:1f:72:0c:cc:5d:2d:29:36:d3:aa:ae:2d:fa:cc:30:ce:7f:
4f:8d:1e:bc:22:28:27:7e:9c:0b:ec:a9:2a:4e:91:1a:4d:10:
10:02:a7:2d:f0:dc:c0:c8:f9:c5:4b:63:f5:e8:d3:e9:1b:90:
68:04:9c:4c:0e:98:d9:81:cd:a8:a0:28:9f:4e:36:b3:35:70:
27:16:f7:9c:13:9a:2a:a9:ac:6c:0b:73:3f:a6:6d:83:7f:0f:
64:ca:65:29:07:90:f9:8c:5e:65:12:46:4f:2f:06:89:a5:fd:
c0:65:e2:16:07:81:5f:01:6a:22:af:fc:13:84:98:4e:8b:bd:
98:b7:48:52
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSUfN0Pa+WrJZ5v+lwDZ5BEhhNWgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDA1MjIxMjQ4NDNaFw0yNTA1MjExMjUzNDNaMDMxMTAvBgNV
BAMTKEMxODUyQTBFOTRCNjhEOUQ1RTQ1ODU2MTM5QzNGOUQwQkExMTMzQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfKGO7UyN1bPIFyHZHU91JmDBd
q+Ukh16bxqnNMNHRHajO9eNPxCUtpG/XkjKB4FAcI4vMwvuQ6rsbQaWGnvcvDfDx
C3nu8rBMp56FGpPi8UVMooGlI/7jmWpgNtg8x4b6w+/aqIBqslhByZ7umUP/LaWD
n/jhGukAIfdtzMGj2sh4lEBY6GQFKTf29tAjUpzlYQF/vzFIFOtxDM9jIEKmVlxK
vFT+OZAqpkoAPwd9+vdESVYOEOCa/mxCUyg/oFrWz5AXvYc2li8I2cVxI3x0Ccs1
iLEELUbAaiFCGopL1+FjYJfOGeGAt0OO1uzxI28I+DbZNY/NMNoZPQ6JavXRAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUwYUqDpS2jZ1eRYVhOcP50LoRM8IwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNDM5MmUzMjMw
MzQyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
LZXMMA0GCSqGSIb3DQEBCwUAA4IBAQBeyl+XlHKIpOGX1CSlWnhA5dIRAN+Ognkb
vM3tJ0JvmFVolBI++/HZft04bdNsPZhAxM5j6uHTMZQeSyIZ0wYu3WM6Fuzsewuc
B31n3Jt/aUwNmDCmH/HOJGwIiZLTU586tbyXyilNtxeGDSN6ZRCqCXAOHcaCyzbx
6s5ZyqxeH3IMzF0tKTbTqq4t+swwzn9PjR68IignfpwL7KkqTpEaTRAQAqct8NzA
yPnFS2P16NPpG5BoBJxMDpjZgc2ooCifTjazNXAnFvecE5oqqaxsC3M/pm2Dfw9k
ymUpB5D5jF5lEkZPLwaJpf3AZeIWB4FfAWoir/wThJhOi72Yt0hS
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:44:11 2024 by rpki-client on console-fra.rpki-client.org