Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3135392e3233302e302f32332d3332203d3e203531313637.roa
File: 34352e3135392e3233302e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: SLS9XNbr1wGj2CGneMQP5OyWkimUxKK5ynwzQfq6q7c=
Subject key identifier: 4A:D4:84:93:CF:76:44:8D:BA:A2:46:F7:E7:AB:FC:0F:32:CD:63:65
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 198C3360887943B681B2AAB8B5B2F5E4C63E18E4
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3135392e3233302e302f32332d3332203d3e203531313637.roa
Signing time: Wed 22 May 2024 12:53:34 +0000
ROA not before: Wed 22 May 2024 12:48:34 +0000
ROA not after: Wed 21 May 2025 12:53:34 +0000
asID: 51167
IP address blocks: 45.159.230.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:8c:33:60:88:79:43:b6:81:b2:aa:b8:b5:b2:f5:e4:c6:3e:18:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: May 22 12:48:34 2024 GMT
Not After : May 21 12:53:34 2025 GMT
Subject: CN=4AD48493CF76448DBAA246F7E7ABFC0F32CD6365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d7:fb:01:d6:cc:51:94:33:43:93:6f:81:d6:
18:0b:cf:fa:12:6e:2b:1f:40:19:e3:79:7f:04:34:
2b:c2:02:2b:4b:e0:27:a5:4a:9c:f8:7a:7d:a5:c5:
4f:68:14:88:46:11:2f:1f:66:61:23:9d:09:cb:b8:
17:54:44:f0:1d:b3:97:98:49:30:16:47:85:65:88:
98:a5:96:de:b2:f6:69:87:b3:ad:ea:eb:9a:77:bd:
b3:6f:5a:f0:b6:fd:98:3e:af:97:73:bf:0c:71:64:
d5:c7:72:1f:8d:46:ce:f3:67:d9:82:2c:94:c9:77:
5f:4b:b3:ad:a7:68:a7:d7:34:4d:d8:0e:a4:77:44:
96:18:40:42:f1:28:4b:24:8d:0e:31:ba:60:71:b9:
8a:67:52:03:08:82:fd:67:98:e1:26:9e:43:77:e5:
25:ca:40:07:8e:c3:c9:a4:5f:16:e6:50:dc:3b:cc:
21:29:5e:4d:03:c2:eb:98:26:f1:d4:ad:0a:f8:f5:
ce:1d:ce:95:a6:de:2a:9a:27:aa:9f:56:35:ec:ec:
9d:f5:21:35:02:e2:e4:c6:c7:e7:9d:c8:b6:17:f5:
ee:3f:ba:f8:63:fc:45:5d:a1:f2:0c:c5:a2:89:31:
02:82:27:ad:b8:87:73:3c:cc:41:8b:7e:e3:b6:c2:
4f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D4:84:93:CF:76:44:8D:BA:A2:46:F7:E7:AB:FC:0F:32:CD:63:65
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3135392e3233302e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.230.0/23
Signature Algorithm: sha256WithRSAEncryption
78:30:7e:22:54:00:2e:0b:7d:cb:57:93:63:29:f0:d9:19:85:
f7:46:67:2e:60:86:4c:46:4b:7e:dd:05:09:50:0e:91:75:57:
c3:bb:9a:af:89:2d:22:aa:5a:93:f4:f8:a1:9c:7f:43:4d:ff:
07:e5:d6:a7:10:69:dc:d0:00:1a:1e:63:7f:6d:a6:55:33:bc:
ff:b9:86:b5:36:23:08:34:a0:84:12:0e:eb:c5:22:c9:2d:49:
5d:95:c8:a2:61:4c:60:04:69:e7:dd:45:4d:98:ca:85:e3:3f:
29:4d:fc:8b:4c:44:9b:54:e3:80:3f:46:5e:ee:e5:01:1f:53:
00:02:bb:a1:ec:a0:26:64:41:84:4a:96:56:0a:07:30:35:8d:
e0:fc:87:0f:fa:00:94:a7:4e:1e:49:0e:49:08:2d:35:8e:89:
4c:3d:7b:1a:53:ec:09:05:da:df:6d:8e:8c:10:12:75:56:c2:
89:ad:42:06:e7:6b:d5:c1:4d:dd:ce:ed:83:7f:a7:dc:68:91:
c9:a5:33:4c:45:26:92:5b:09:bf:00:76:52:e2:6a:0b:a4:cf:
ad:67:b2:89:e5:83:86:4d:55:a5:96:f4:76:f5:f7:62:01:a9:
54:73:a5:03:86:0b:92:ae:ef:be:e5:41:e6:bc:2b:d6:f8:3b:
cc:0f:d2:13
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGYwzYIh5Q7aBsqq4tbL15MY+GOQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDA1MjIxMjQ4MzRaFw0yNTA1MjExMjUzMzRaMDMxMTAvBgNV
BAMTKDRBRDQ4NDkzQ0Y3NjQ0OERCQUEyNDZGN0U3QUJGQzBGMzJDRDYzNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB1/sB1sxRlDNDk2+B1hgLz/oS
bisfQBnjeX8ENCvCAitL4CelSpz4en2lxU9oFIhGES8fZmEjnQnLuBdURPAds5eY
STAWR4VliJillt6y9mmHs63q65p3vbNvWvC2/Zg+r5dzvwxxZNXHch+NRs7zZ9mC
LJTJd19Ls62naKfXNE3YDqR3RJYYQELxKEskjQ4xumBxuYpnUgMIgv1nmOEmnkN3
5SXKQAeOw8mkXxbmUNw7zCEpXk0DwuuYJvHUrQr49c4dzpWm3iqaJ6qfVjXs7J31
ITUC4uTGx+edyLYX9e4/uvhj/EVdofIMxaKJMQKCJ624h3M8zEGLfuO2wk+7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUStSEk892RI26okb356v8DzLNY2UwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNTM5MmUzMjMz
MzAyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
LZ/mMA0GCSqGSIb3DQEBCwUAA4IBAQB4MH4iVAAuC33LV5NjKfDZGYX3RmcuYIZM
Rkt+3QUJUA6RdVfDu5qviS0iqlqT9PihnH9DTf8H5danEGnc0AAaHmN/baZVM7z/
uYa1NiMINKCEEg7rxSLJLUldlciiYUxgBGnn3UVNmMqF4z8pTfyLTESbVOOAP0Ze
7uUBH1MAAruh7KAmZEGESpZWCgcwNY3g/IcP+gCUp04eSQ5JCC01jolMPXsaU+wJ
BdrfbY6MEBJ1VsKJrUIG52vVwU3dzu2Df6fcaJHJpTNMRSaSWwm/AHZS4moLpM+t
Z7KJ5YOGTVWllvR29fdiAalUc6UDhguSru++5UHmvCvW+DvMD9IT
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org