Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e31302e3135332e302f32342d3234203d3e20313336373837.roa
File: 34352e31302e3135332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 5Gwa7yCFoPW/69Ra7mM8QFskfixHNSdSBAgODx3SCyg=
Subject key identifier: 7A:B8:A5:C0:28:D0:BE:12:B4:8E:DB:F9:AE:11:FC:86:62:1A:82:48
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 7BA9FAF4421AA76BA6514BC22450C9ECF69F8C46
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e31302e3135332e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:24 +0000
ROA not before: Mon 01 Apr 2024 13:58:24 +0000
ROA not after: Mon 31 Mar 2025 14:03:24 +0000
asID: 136787
IP address blocks: 45.10.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:a9:fa:f4:42:1a:a7:6b:a6:51:4b:c2:24:50:c9:ec:f6:9f:8c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Apr 1 13:58:24 2024 GMT
Not After : Mar 31 14:03:24 2025 GMT
Subject: CN=7AB8A5C028D0BE12B48EDBF9AE11FC86621A8248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bc:f0:29:80:7a:f0:d4:e1:cd:d6:c9:89:ab:
a6:12:a2:82:e7:be:28:fb:57:e1:ac:e8:60:91:bc:
fb:8c:79:a5:ba:56:50:f2:7f:25:31:c5:57:36:53:
82:72:a8:ac:2c:2e:fc:f2:d9:5c:e2:98:a6:3d:87:
95:d3:15:ae:a7:17:43:1a:82:86:d1:d3:54:8b:a1:
19:cc:b3:66:20:64:eb:f3:97:71:c3:f0:fc:7a:a2:
9e:3a:53:cd:74:0f:75:69:ce:d9:d5:a2:20:87:04:
a4:79:30:c8:f0:17:90:dd:64:a2:c6:fb:8b:31:af:
27:17:1e:ff:bf:e9:fe:ec:32:2e:27:69:3f:34:fe:
58:2d:1a:43:75:7c:a6:6a:6b:a4:d1:0a:03:7c:3b:
5e:7d:83:5e:20:46:96:13:e5:12:ee:06:b1:7e:c8:
50:b1:7d:ad:f8:f6:dc:da:00:02:76:77:d5:6f:e4:
58:c5:bd:88:f4:d7:fc:c8:9a:51:3a:17:b6:d1:ee:
e1:ba:8a:84:84:d0:e4:f3:a1:63:9f:5c:37:29:41:
39:ca:fe:b6:24:93:66:2d:31:0b:52:dd:8c:15:7d:
5d:9c:eb:8e:db:01:68:c1:13:34:39:a6:d7:66:9e:
8d:92:64:b8:40:cf:97:75:29:50:b0:80:4d:0f:11:
ce:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:B8:A5:C0:28:D0:BE:12:B4:8E:DB:F9:AE:11:FC:86:62:1A:82:48
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e31302e3135332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.153.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:0f:21:22:3e:2e:8b:22:7d:78:04:06:2a:b4:08:6b:41:02:
60:ba:78:fd:6c:bb:16:8d:b5:3a:99:32:c7:33:93:ba:56:73:
5d:4e:d1:8e:b1:56:e2:69:6b:ac:03:36:35:57:a6:17:89:8c:
85:74:35:cd:af:b1:38:8a:36:d4:9e:f8:12:8b:94:8c:70:f6:
4b:fc:a2:e1:f5:e1:11:14:61:52:00:e6:c9:e1:e6:d6:e3:58:
e6:56:d4:5e:1b:89:6f:ed:cb:49:1f:80:c1:07:91:b8:1e:e2:
81:ef:6f:3c:5b:a0:75:67:c1:d2:95:85:ac:ba:0f:20:d5:45:
13:8f:e8:6f:74:cc:bb:09:a4:2e:d7:35:98:78:47:2b:5a:75:
91:ab:2d:6a:d9:88:64:f8:42:f2:c3:17:0e:78:a5:61:9d:83:
a3:99:2a:50:c6:ae:cc:23:47:cb:0b:2c:20:b4:61:05:da:31:
fb:16:d9:7c:2d:09:50:a6:1f:6c:7a:03:d7:68:45:92:84:59:
4b:c3:5c:19:8b:58:3c:a3:1f:fe:86:05:ae:93:b7:7b:cf:62:
09:e4:1a:df:98:31:31:2b:4c:ab:fc:78:a4:b0:37:d7:f1:01:
29:73:83:4b:0b:e8:a6:e1:14:be:0c:79:04:d8:cc:1b:fa:fb:
f9:60:3b:f5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUe6n69EIap2umUUvCJFDJ7PafjEYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA0MDExMzU4MjRaFw0yNTAzMzExNDAzMjRaMDMxMTAvBgNV
BAMTKDdBQjhBNUMwMjhEMEJFMTJCNDhFREJGOUFFMTFGQzg2NjIxQTgyNDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAvPApgHrw1OHN1smJq6YSooLn
vij7V+Gs6GCRvPuMeaW6VlDyfyUxxVc2U4JyqKwsLvzy2VzimKY9h5XTFa6nF0Ma
gobR01SLoRnMs2YgZOvzl3HD8Px6op46U810D3VpztnVoiCHBKR5MMjwF5DdZKLG
+4sxrycXHv+/6f7sMi4naT80/lgtGkN1fKZqa6TRCgN8O159g14gRpYT5RLuBrF+
yFCxfa349tzaAAJ2d9Vv5FjFvYj01/zImlE6F7bR7uG6ioSE0OTzoWOfXDcpQTnK
/rYkk2YtMQtS3YwVfV2c647bAWjBEzQ5ptdmno2SZLhAz5d1KVCwgE0PEc5HAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUerilwCjQvhK0jtv5rhH8hmIagkgwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzQzNTJlMzEzMDJlMzEzNTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LQqZMA0GCSqGSIb3DQEBCwUAA4IBAQA/DyEiPi6LIn14BAYqtAhrQQJgunj9bLsW
jbU6mTLHM5O6VnNdTtGOsVbiaWusAzY1V6YXiYyFdDXNr7E4ijbUnvgSi5SMcPZL
/KLh9eERFGFSAObJ4ebW41jmVtReG4lv7ctJH4DBB5G4HuKB7288W6B1Z8HSlYWs
ug8g1UUTj+hvdMy7CaQu1zWYeEcrWnWRqy1q2Yhk+ELywxcOeKVhnYOjmSpQxq7M
I0fLCywgtGEF2jH7Ftl8LQlQph9segPXaEWShFlLw1wZi1g8ox/+hgWuk7d7z2IJ
5BrfmDExK0yr/HiksDfX8QEpc4NLC+im4RS+DHkE2Mwb+vv5YDv1
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org