Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e31332e3233342e302f32342d3234203d3e20313336373837.roa
File: 34352e31332e3233342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: kRGrNdHMT8FzY005/Zebsa78QwAKncGNqXOg/GAoESg=
Subject key identifier: 50:93:08:89:45:A1:6E:15:02:EF:CE:3B:A5:47:35:BE:36:0E:E2:49
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 64FDBEAE28DB4AD9FECA8ED206953250E7CF99FF
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e31332e3233342e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 13 Feb 2024 12:55:00 +0000
ROA not before: Tue 13 Feb 2024 12:50:00 +0000
ROA not after: Tue 11 Feb 2025 12:55:00 +0000
asID: 136787
IP address blocks: 45.13.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:fd:be:ae:28:db:4a:d9:fe:ca:8e:d2:06:95:32:50:e7:cf:99:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Feb 13 12:50:00 2024 GMT
Not After : Feb 11 12:55:00 2025 GMT
Subject: CN=5093088945A16E1502EFCE3BA54735BE360EE249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:13:dc:08:e4:6f:d9:a8:cc:da:9d:fd:7b:db:
dd:9d:23:ae:f4:2d:82:5e:a5:36:3c:0b:5a:35:35:
4f:43:ff:92:17:81:70:d2:37:d7:8b:51:b2:4e:64:
47:49:5d:24:dd:15:bc:0f:6b:68:85:76:32:2a:ee:
d8:81:ec:e8:46:0d:98:34:e5:f4:10:d2:a7:03:55:
32:d1:38:24:9d:56:4a:be:de:60:e3:27:70:9e:56:
6f:13:21:bc:26:10:1d:cd:15:95:b5:8e:ba:12:36:
74:c0:81:c9:ab:96:4a:16:bf:6b:45:c4:18:48:5c:
76:27:03:28:51:08:f6:c6:ac:f8:d1:19:ac:72:e8:
72:4d:4b:b1:c5:e8:ea:29:f7:43:69:d6:14:f5:1a:
31:7a:22:bf:16:0c:7f:cd:67:8d:a0:55:07:6c:83:
c2:0e:ac:9b:31:b9:23:53:11:74:9e:85:9e:75:c1:
39:63:23:a6:b9:99:4e:22:05:b9:21:b7:fd:b8:59:
f5:1f:be:20:c2:92:22:9e:5e:54:bd:92:1e:39:48:
97:9e:92:d8:e9:56:f6:ed:fe:f6:e1:48:72:fb:5e:
b8:31:93:13:37:32:ca:7c:47:98:cf:f3:4f:d0:09:
53:aa:86:85:28:aa:0c:42:87:fe:95:43:f6:f3:ed:
e9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:93:08:89:45:A1:6E:15:02:EF:CE:3B:A5:47:35:BE:36:0E:E2:49
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e31332e3233342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.234.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:1a:80:49:ec:61:eb:41:fd:4d:1c:3c:58:7c:70:0e:f0:a9:
03:4a:bd:b7:ea:6e:cb:bb:93:34:d7:58:23:2e:8b:92:5f:44:
27:90:dc:b4:36:bb:64:64:76:12:12:a8:59:32:3b:82:53:55:
22:60:a0:f5:0f:93:ca:fb:dc:fd:77:6c:7d:a3:5a:67:19:58:
b0:c7:5b:45:87:df:90:97:ee:2f:fd:a6:ca:9e:e7:97:a1:20:
ec:e4:2a:59:99:da:a9:cb:9c:69:c0:b4:95:19:47:b6:5c:4e:
9a:61:33:00:c3:af:4d:c8:dd:da:47:99:44:16:fd:81:5d:57:
27:d4:84:fb:dd:4a:3b:0c:2b:27:25:23:30:5b:3d:46:88:87:
71:87:bc:cc:e2:37:bf:6b:39:51:c0:84:68:40:c5:14:cb:6b:
f4:49:a6:d5:19:4b:8e:f2:69:9d:28:2a:ca:48:bd:ea:71:7a:
ff:8a:d9:70:a7:86:e5:d7:62:ea:ec:36:cc:7a:7a:8b:f5:e5:
37:e1:b1:8e:fb:94:43:f3:7a:92:84:17:4b:55:33:3e:af:a8:
9b:14:37:06:60:ed:83:5e:78:6d:e7:c2:d1:d5:c4:b4:0b:dd:
5b:48:1f:cb:83:54:37:f0:ef:fe:d1:23:49:94:22:35:2b:94:
df:c0:68:bf
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZP2+rijbStn+yo7SBpUyUOfPmf8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDAyMTMxMjUwMDBaFw0yNTAyMTExMjU1MDBaMDMxMTAvBgNV
BAMTKDUwOTMwODg5NDVBMTZFMTUwMkVGQ0UzQkE1NDczNUJFMzYwRUUyNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBE9wI5G/ZqMzanf17292dI670
LYJepTY8C1o1NU9D/5IXgXDSN9eLUbJOZEdJXSTdFbwPa2iFdjIq7tiB7OhGDZg0
5fQQ0qcDVTLROCSdVkq+3mDjJ3CeVm8TIbwmEB3NFZW1jroSNnTAgcmrlkoWv2tF
xBhIXHYnAyhRCPbGrPjRGaxy6HJNS7HF6Oop90Np1hT1GjF6Ir8WDH/NZ42gVQds
g8IOrJsxuSNTEXSehZ51wTljI6a5mU4iBbkht/24WfUfviDCkiKeXlS9kh45SJee
ktjpVvbt/vbhSHL7XrgxkxM3Msp8R5jP80/QCVOqhoUoqgxCh/6VQ/bz7elPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUUJMIiUWhbhUC7847pUc1vjYO4kkwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzQzNTJlMzEzMzJlMzIzMzM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LQ3qMA0GCSqGSIb3DQEBCwUAA4IBAQCaGoBJ7GHrQf1NHDxYfHAO8KkDSr236m7L
u5M011gjLouSX0QnkNy0NrtkZHYSEqhZMjuCU1UiYKD1D5PK+9z9d2x9o1pnGViw
x1tFh9+Ql+4v/abKnueXoSDs5CpZmdqpy5xpwLSVGUe2XE6aYTMAw69NyN3aR5lE
Fv2BXVcn1IT73Uo7DCsnJSMwWz1GiIdxh7zM4je/azlRwIRoQMUUy2v0SabVGUuO
8mmdKCrKSL3qcXr/itlwp4bl12Lq7DbMenqL9eU34bGO+5RD83qShBdLVTM+r6ib
FDcGYO2DXnht58LR1cS0C91bSB/Lg1Q38O/+0SNJlCI1K5TfwGi/
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:25 2024 by rpki-client on console-fra.rpki-client.org