Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3135312e3132302e302f32332d3234203d3e203437353833.roa
File: 34352e3135312e3132302e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: 4Xngt8llDrIBGzBSxqRQppPOQbSNCSaiTBnySuyed+A=
Subject key identifier: 37:0A:26:D0:60:79:9C:33:5C:FB:04:C3:19:EB:47:B4:32:26:09:AE
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 534EEEFCD3BE0AF0868D3F852067833D1268816A
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3135312e3132302e302f32332d3234203d3e203437353833.roa
Signing time: Thu 13 Jun 2024 10:41:36 +0000
ROA not before: Thu 13 Jun 2024 10:36:36 +0000
ROA not after: Thu 12 Jun 2025 10:41:36 +0000
asID: 47583
IP address blocks: 45.151.120.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:4e:ee:fc:d3:be:0a:f0:86:8d:3f:85:20:67:83:3d:12:68:81:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Jun 13 10:36:36 2024 GMT
Not After : Jun 12 10:41:36 2025 GMT
Subject: CN=370A26D060799C335CFB04C319EB47B4322609AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1f:8c:f7:4f:c5:28:cd:33:03:a2:f1:8a:88:
51:c5:de:e7:90:95:f6:cc:e8:f3:29:3c:52:36:7e:
ac:71:ec:30:75:78:38:47:6b:be:df:4b:36:f9:b9:
fc:52:88:69:0d:d9:2d:bf:bd:99:eb:08:cb:38:c5:
d6:a2:69:93:00:c3:f8:29:3a:56:27:31:06:61:de:
29:17:c8:78:c6:59:61:1c:f7:97:57:bc:ff:3d:e3:
92:4f:de:08:44:76:0d:dd:45:11:73:75:52:31:be:
78:ad:b3:79:c1:5c:a8:3d:d1:78:50:fe:08:28:b7:
70:26:88:74:f6:52:cb:b8:35:d1:f8:87:f5:64:04:
f4:65:32:52:17:5c:2d:c4:98:96:b1:6e:8c:c3:4e:
b1:27:45:c6:14:41:75:69:04:7d:76:03:e5:0d:9f:
c2:51:0a:1f:1c:26:14:0a:3c:d7:2c:02:07:44:fb:
9d:10:00:11:69:37:8a:c1:3a:6f:29:f6:f6:a4:22:
99:04:c6:4a:f1:ad:99:9e:5b:f1:36:0e:58:95:bb:
64:7f:20:69:05:5e:cf:cf:ea:bc:c7:01:54:0d:41:
b6:4e:a1:d1:b6:d5:a3:31:7f:0a:8a:47:25:29:ec:
a3:04:5c:76:44:bb:3b:0f:54:89:34:37:23:ed:28:
2b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:0A:26:D0:60:79:9C:33:5C:FB:04:C3:19:EB:47:B4:32:26:09:AE
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3135312e3132302e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.120.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:b3:f1:0c:0e:b6:f3:58:32:98:54:8d:96:ab:b9:22:88:84:
9a:59:2f:68:2f:a9:6a:e2:23:3e:d5:0f:c5:b0:ea:45:6c:e0:
c9:18:0e:6f:78:0f:63:56:99:45:87:c1:dd:d5:c1:df:b0:4e:
e1:88:91:13:3a:4e:c5:c0:67:6c:27:ed:83:72:f5:90:53:b5:
bf:ca:fb:fa:db:22:13:a1:67:25:c5:16:e8:19:f3:91:30:1e:
f8:f1:dc:61:5c:6e:99:d4:3f:6a:cb:2f:58:1f:b0:ee:4c:e4:
f0:e2:c7:0d:30:e2:4d:38:00:c3:57:5f:73:47:e8:8f:80:37:
c7:ec:3c:6e:7d:5a:c0:54:5a:54:89:7f:8a:c8:9e:cb:32:2f:
4c:2c:28:c1:be:83:ce:0d:c4:e0:79:25:1c:31:f7:9f:a0:0f:
16:7a:44:ca:15:95:d9:b1:aa:f0:a4:18:9d:4b:26:d0:0c:b1:
d7:74:a7:7f:da:69:07:a7:f4:48:bc:e2:7b:9c:b9:43:ef:57:
1d:66:27:ce:8b:49:c3:78:eb:89:e1:a8:60:c8:3d:65:28:f9:
7a:21:72:d0:1a:31:04:e9:41:5c:cc:2c:85:e6:8c:ec:bc:2b:
c7:37:00:5e:7c:da:68:df:c1:6e:dd:5b:50:1d:af:5a:2e:06:
33:03:3b:ae
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUU07u/NO+CvCGjT+FIGeDPRJogWowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA2MTMxMDM2MzZaFw0yNTA2MTIxMDQxMzZaMDMxMTAvBgNV
BAMTKDM3MEEyNkQwNjA3OTlDMzM1Q0ZCMDRDMzE5RUI0N0I0MzIyNjA5QUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAH4z3T8UozTMDovGKiFHF3ueQ
lfbM6PMpPFI2fqxx7DB1eDhHa77fSzb5ufxSiGkN2S2/vZnrCMs4xdaiaZMAw/gp
OlYnMQZh3ikXyHjGWWEc95dXvP8945JP3ghEdg3dRRFzdVIxvnits3nBXKg90XhQ
/ggot3AmiHT2Usu4NdH4h/VkBPRlMlIXXC3EmJaxbozDTrEnRcYUQXVpBH12A+UN
n8JRCh8cJhQKPNcsAgdE+50QABFpN4rBOm8p9vakIpkExkrxrZmeW/E2DliVu2R/
IGkFXs/P6rzHAVQNQbZOodG21aMxfwqKRyUp7KMEXHZEuzsPVIk0NyPtKCuPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUNwom0GB5nDNc+wTDGetHtDImCa4wHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzQzNTJlMzEzNTMxMmUzMTMy
MzAyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
LZd4MA0GCSqGSIb3DQEBCwUAA4IBAQA8s/EMDrbzWDKYVI2Wq7kiiISaWS9oL6lq
4iM+1Q/FsOpFbODJGA5veA9jVplFh8Hd1cHfsE7hiJETOk7FwGdsJ+2DcvWQU7W/
yvv62yIToWclxRboGfORMB748dxhXG6Z1D9qyy9YH7DuTOTw4scNMOJNOADDV19z
R+iPgDfH7DxufVrAVFpUiX+KyJ7LMi9MLCjBvoPODcTgeSUcMfefoA8WekTKFZXZ
sarwpBidSybQDLHXdKd/2mkHp/RIvOJ7nLlD71cdZifOi0nDeOuJ4ahgyD1lKPl6
IXLQGjEE6UFczCyF5ozsvCvHNwBefNpo38Fu3VtQHa9aLgYzAzuu
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:27 2024 by rpki-client on console-ams.rpki-client.org