Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e38302e3138362e302f32342d3234203d3e20313336373837.roa
File: 34352e38302e3138362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: DZhbBNX1bzjTOcZB81juSzFvppNblmiM89tuuQQNqCU=
Subject key identifier: A8:13:51:1B:90:E9:4A:A0:53:35:1E:4A:42:61:F8:37:5C:63:BB:E0
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 22F6B2A57E4419029A7FD9C2DAD6E779EEEBB09C
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e38302e3138362e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 02 Mar 2024 21:54:03 +0000
ROA not before: Sat 02 Mar 2024 21:49:03 +0000
ROA not after: Sat 01 Mar 2025 21:54:03 +0000
asID: 136787
IP address blocks: 45.80.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:f6:b2:a5:7e:44:19:02:9a:7f:d9:c2:da:d6:e7:79:ee:eb:b0:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Mar 2 21:49:03 2024 GMT
Not After : Mar 1 21:54:03 2025 GMT
Subject: CN=A813511B90E94AA053351E4A4261F8375C63BBE0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:db:b1:c5:8d:12:8b:50:61:ab:93:f9:00:da:
73:90:71:c1:91:d2:47:48:60:c4:5a:61:e2:a9:29:
0f:24:f5:48:85:9d:cf:cb:7d:10:c6:77:f9:cf:a0:
da:2d:d6:0c:13:89:3a:d8:36:80:85:cc:df:13:ce:
74:4f:f4:0b:cf:f9:ca:43:86:11:e1:60:80:aa:b4:
ce:f2:d1:e3:de:42:55:3c:7f:9d:f9:23:e2:40:bf:
5b:46:6f:bc:ed:42:91:c1:97:3d:84:61:f5:35:55:
5f:d0:1b:bb:30:2f:a6:74:c2:45:b0:30:23:68:ee:
75:28:68:45:24:2b:94:68:9b:40:04:e9:e5:75:91:
62:56:0e:db:10:a5:0e:6a:09:9e:90:a5:8d:68:d1:
fa:36:b2:27:74:bf:55:da:96:cb:52:44:9b:d9:4f:
7b:2b:71:c8:af:c4:f2:b8:71:5d:47:bc:b4:32:70:
c0:08:70:a9:ec:4e:ba:f9:6a:b1:99:4a:0d:f8:aa:
a5:78:a4:37:a8:2b:d0:1f:5a:d2:37:de:cb:30:fc:
2f:bd:5b:91:59:61:df:21:90:14:60:45:9b:b0:d8:
43:ee:f8:b0:b0:d2:7d:21:f5:6b:f2:4c:6c:d0:fd:
25:1a:e4:7b:91:2b:45:ca:a5:1d:cf:e8:2a:f2:ca:
61:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:13:51:1B:90:E9:4A:A0:53:35:1E:4A:42:61:F8:37:5C:63:BB:E0
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e38302e3138362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.186.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:39:88:a8:d5:c2:d5:67:96:ae:84:10:24:bb:52:15:74:ff:
63:51:3e:07:c9:b2:d5:4a:03:0d:8f:de:df:6a:9b:2a:06:c1:
59:a9:f0:67:f9:15:e6:19:65:4d:5d:bf:6f:d7:b5:cf:60:81:
85:c2:c0:60:34:d2:72:7b:6b:24:b3:5e:13:bb:66:aa:fa:a3:
77:10:f4:23:42:e8:b3:d3:ed:41:98:aa:cf:97:17:69:68:03:
7a:10:0a:ad:f9:56:83:bc:40:f2:8c:cb:c6:65:96:c2:64:f3:
16:b6:78:7d:04:2d:69:c0:99:36:22:28:68:8a:6e:5b:6f:e4:
a7:4c:c1:53:66:1c:c4:18:c5:49:f6:2f:8a:80:4f:06:38:87:
2d:93:df:c0:fc:98:b1:ef:d3:d8:49:cf:25:ea:ee:7a:fd:94:
01:c5:37:20:f5:58:b6:1b:15:f9:00:b5:03:99:22:79:d7:69:
96:4e:ba:4e:49:70:11:ab:9f:a4:15:06:43:db:24:04:de:66:
e2:cf:ea:22:6c:69:c3:22:a0:1b:a6:64:65:20:75:f5:d1:54:
69:d2:0d:ce:74:02:3a:65:b5:98:5d:71:ad:03:19:7f:b6:68:
59:e5:aa:93:04:13:ed:c5:a6:57:a1:92:c8:35:db:f1:60:1c:
bd:c1:e9:3a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIvaypX5EGQKaf9nC2tbnee7rsJwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDAzMDIyMTQ5MDNaFw0yNTAzMDEyMTU0MDNaMDMxMTAvBgNV
BAMTKEE4MTM1MTFCOTBFOTRBQTA1MzM1MUU0QTQyNjFGODM3NUM2M0JCRTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDk27HFjRKLUGGrk/kA2nOQccGR
0kdIYMRaYeKpKQ8k9UiFnc/LfRDGd/nPoNot1gwTiTrYNoCFzN8TznRP9AvP+cpD
hhHhYICqtM7y0ePeQlU8f535I+JAv1tGb7ztQpHBlz2EYfU1VV/QG7swL6Z0wkWw
MCNo7nUoaEUkK5Rom0AE6eV1kWJWDtsQpQ5qCZ6QpY1o0fo2sid0v1XalstSRJvZ
T3srccivxPK4cV1HvLQycMAIcKnsTrr5arGZSg34qqV4pDeoK9AfWtI33ssw/C+9
W5FZYd8hkBRgRZuw2EPu+LCw0n0h9WvyTGzQ/SUa5HuRK0XKpR3P6CryymFVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqBNRG5DpSqBTNR5KQmH4N1xju+AwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzQzNTJlMzgzMDJlMzEzODM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVC6MA0GCSqGSIb3DQEBCwUAA4IBAQB/OYio1cLVZ5auhBAku1IVdP9jUT4HybLV
SgMNj97fapsqBsFZqfBn+RXmGWVNXb9v17XPYIGFwsBgNNJye2sks14Tu2aq+qN3
EPQjQuiz0+1BmKrPlxdpaAN6EAqt+VaDvEDyjMvGZZbCZPMWtnh9BC1pwJk2Iiho
im5bb+SnTMFTZhzEGMVJ9i+KgE8GOIctk9/A/Jix79PYSc8l6u56/ZQBxTcg9Vi2
GxX5ALUDmSJ512mWTrpOSXARq5+kFQZD2yQE3mbiz+oibGnDIqAbpmRlIHX10VRp
0g3OdAI6ZbWYXXGtAxl/tmhZ5aqTBBPtxaZXoZLINdvxYBy9wek6
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org