Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3133372e3134302e302f32322d3232203d3e20323033303230.roa
File: 34352e3133372e3134302e302f32322d3232203d3e20323033303230.roa (raw, json)
Hash identifier: Phg92Q4SAxtwRXmBgM0f0gSR8GQoWBT8Xdn1Wxe8W14=
Subject key identifier: 1F:AA:AB:CB:F6:BE:BB:03:1A:72:37:20:86:BD:77:AA:C9:4D:4D:22
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 315DD6873113975AA8095C8D244945850245E79D
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3133372e3134302e302f32322d3232203d3e20323033303230.roa
Signing time: Wed 14 Aug 2024 08:02:02 +0000
ROA not before: Wed 14 Aug 2024 07:57:02 +0000
ROA not after: Wed 13 Aug 2025 08:02:02 +0000
asID: 203020
IP address blocks: 45.137.140.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:5d:d6:87:31:13:97:5a:a8:09:5c:8d:24:49:45:85:02:45:e7:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Aug 14 07:57:02 2024 GMT
Not After : Aug 13 08:02:02 2025 GMT
Subject: CN=1FAAABCBF6BEBB031A72372086BD77AAC94D4D22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:64:b5:1f:4c:66:46:73:97:14:03:fb:ba:13:
bd:7e:0f:43:15:f7:0c:34:cb:04:01:30:b6:57:42:
b9:3f:7d:91:69:78:49:1c:02:c9:49:f2:97:3e:50:
41:b0:60:8b:a1:9f:c6:4f:93:f9:e1:27:36:f1:92:
94:1c:24:d6:63:0f:e7:e0:62:6c:ed:f3:f9:1d:e1:
89:65:63:47:99:02:cc:6a:3f:86:c1:91:d9:7b:6b:
49:68:88:cb:38:c6:77:d4:f3:1a:70:12:ef:76:b7:
38:ec:31:6d:a1:eb:b4:0a:b5:1b:10:ee:6f:37:17:
47:3a:65:53:50:0b:45:11:aa:23:b1:d9:28:b8:23:
c6:6c:dc:3f:e0:88:36:0f:d2:b8:8b:ba:54:d3:c6:
67:de:c7:1d:ca:d3:c0:6c:2a:d6:b4:75:4c:de:18:
73:f0:a0:5a:49:b1:a1:c4:4f:18:eb:5c:2a:45:1f:
cd:63:3a:b1:ec:37:41:b2:ba:65:71:79:af:7c:0b:
2c:f9:47:94:88:97:e0:b1:52:8c:34:72:cf:f0:fc:
88:b3:f3:26:ef:85:c0:c3:55:05:d7:7e:c2:98:bb:
24:48:72:f1:c9:83:e7:84:69:db:c8:44:28:38:b2:
c0:30:9e:e3:48:16:fe:e2:d7:19:6f:fd:94:41:29:
18:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:AA:AB:CB:F6:BE:BB:03:1A:72:37:20:86:BD:77:AA:C9:4D:4D:22
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3133372e3134302e302f32322d3232203d3e20323033303230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.140.0/22
Signature Algorithm: sha256WithRSAEncryption
12:f7:58:96:a8:9b:1f:6f:13:ac:20:c1:6d:4c:5c:e3:e9:dc:
36:62:a9:b1:e1:1a:67:6b:1b:42:70:1c:4e:00:29:e1:66:23:
85:9d:4d:a8:3e:67:cc:1a:11:2a:ee:6f:84:33:55:93:79:5f:
ba:b1:6e:dc:77:fb:2f:b5:e8:8e:e1:a2:10:ff:f4:08:48:3c:
4f:45:53:1d:cb:e1:8a:b7:56:a6:a6:98:aa:97:e4:c9:1d:76:
6a:c9:cd:c0:69:84:e8:42:3f:8e:6c:59:d1:1b:62:20:c2:fc:
7f:b4:3b:32:fd:b6:f2:6d:b5:c1:56:7b:d5:7f:3a:b8:ae:4b:
c4:37:31:34:7f:e3:71:85:66:a6:dd:df:4c:9e:9b:c0:60:06:
ff:43:7a:29:26:be:5a:47:0c:8f:50:cf:49:6f:34:c8:51:ec:
f9:b7:aa:77:ed:da:7e:a4:81:15:01:88:d9:2c:61:5f:3d:b4:
24:c9:2d:e0:a8:fb:d7:b4:1a:78:91:80:5a:88:69:93:3a:a3:
15:f8:aa:73:4d:80:72:7e:6c:c1:50:9c:3d:dd:b2:b5:ff:8f:
bf:c8:09:19:67:24:e3:16:c0:47:03:5d:ca:4e:d5:d9:71:01:
80:b4:b5:fd:95:14:94:7e:f1:1e:38:1b:19:f4:00:4e:0f:9e:
6f:84:41:1a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMV3WhzETl1qoCVyNJElFhQJF550wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA4MTQwNzU3MDJaFw0yNTA4MTMwODAyMDJaMDMxMTAvBgNV
BAMTKDFGQUFBQkNCRjZCRUJCMDMxQTcyMzcyMDg2QkQ3N0FBQzk0RDREMjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGZLUfTGZGc5cUA/u6E71+D0MV
9ww0ywQBMLZXQrk/fZFpeEkcAslJ8pc+UEGwYIuhn8ZPk/nhJzbxkpQcJNZjD+fg
Ymzt8/kd4YllY0eZAsxqP4bBkdl7a0loiMs4xnfU8xpwEu92tzjsMW2h67QKtRsQ
7m83F0c6ZVNQC0URqiOx2Si4I8Zs3D/giDYP0riLulTTxmfexx3K08BsKta0dUze
GHPwoFpJsaHETxjrXCpFH81jOrHsN0GyumVxea98Cyz5R5SIl+CxUow0cs/w/Iiz
8ybvhcDDVQXXfsKYuyRIcvHJg+eEadvIRCg4ssAwnuNIFv7i1xlv/ZRBKRgtAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUH6qry/a+uwMacjcghr13qslNTSIwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzQzNTJlMzEzMzM3MmUzMTM0
MzAyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjMwMzMzMDMyMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAItiYwwDQYJKoZIhvcNAQELBQADggEBABL3WJaomx9vE6wgwW1MXOPp3DZiqbHh
GmdrG0JwHE4AKeFmI4WdTag+Z8waESrub4QzVZN5X7qxbtx3+y+16I7hohD/9AhI
PE9FUx3L4Yq3VqammKqX5MkddmrJzcBphOhCP45sWdEbYiDC/H+0OzL9tvJttcFW
e9V/OriuS8Q3MTR/43GFZqbd30yem8BgBv9DeikmvlpHDI9Qz0lvNMhR7Pm3qnft
2n6kgRUBiNksYV89tCTJLeCo+9e0GniRgFqIaZM6oxX4qnNNgHJ+bMFQnD3dsrX/
j7/ICRlnJOMWwEcDXcpO1dlxAYC0tf2VFJR+8R44Gxn0AE4Pnm+EQRo=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:27 2024 by rpki-client on console-ams.rpki-client.org