Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e38342e3133372e302f32342d3234203d3e20313336373837.roa
File: 34352e38342e3133372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: mpxN+/aITWumvjEVpGd5aCW9RnyeN7PE2KhWNkn3Um4=
Subject key identifier: ED:A7:10:AB:4A:5D:1D:96:08:C1:0F:22:42:57:46:95:AF:88:A0:8D
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 7C4D7100DDDDAD3918F75A58DD6D4375AA033B59
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e38342e3133372e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:24 +0000
ROA not before: Mon 01 Apr 2024 13:58:24 +0000
ROA not after: Mon 31 Mar 2025 14:03:24 +0000
asID: 136787
IP address blocks: 45.84.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:4d:71:00:dd:dd:ad:39:18:f7:5a:58:dd:6d:43:75:aa:03:3b:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Apr 1 13:58:24 2024 GMT
Not After : Mar 31 14:03:24 2025 GMT
Subject: CN=EDA710AB4A5D1D9608C10F2242574695AF88A08D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1a:d4:b0:69:97:bf:94:13:8b:d2:b6:44:05:
d3:25:c1:62:39:80:f3:dc:a9:9c:88:12:5e:7d:fd:
a1:36:38:1c:b8:05:76:b0:00:ad:54:2d:ed:df:55:
f7:bd:b8:b8:4a:10:d2:e7:95:68:ad:64:43:20:ee:
d1:7e:10:25:c1:ea:3c:9c:96:b9:84:5d:09:02:89:
88:7f:f9:77:f1:e5:5f:7b:ad:ac:08:9c:c6:05:f4:
e3:77:53:c0:b1:70:05:c1:dc:f1:0e:a0:c7:7f:95:
95:a4:4c:76:57:77:f0:d9:4c:6c:e2:68:f0:e5:a8:
0b:99:4f:16:99:2e:8c:68:9f:c4:ec:83:9e:e4:ce:
76:0a:87:64:87:2c:8b:15:5c:ca:6a:68:64:0e:52:
85:1e:b1:d9:35:82:4d:1f:d9:d1:83:5c:a7:5a:d8:
6e:77:17:57:b9:b3:f5:89:26:ea:e4:8a:57:40:7c:
45:ad:6e:b7:9d:d3:34:3f:c2:ec:f8:8f:3b:f4:b7:
7f:5e:de:91:ea:4e:7a:a3:b1:88:f3:5e:82:27:7e:
86:3d:85:c6:b6:27:26:36:45:05:f6:a2:38:70:77:
88:5b:97:15:d2:53:15:22:64:dc:b3:fa:82:f7:d1:
a1:37:19:81:b7:58:f8:e5:c2:b3:45:67:d3:c0:97:
2b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:A7:10:AB:4A:5D:1D:96:08:C1:0F:22:42:57:46:95:AF:88:A0:8D
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e38342e3133372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.137.0/24
Signature Algorithm: sha256WithRSAEncryption
37:df:5d:c1:25:a2:70:cd:65:29:f4:84:cb:02:89:e0:cb:11:
04:49:8d:f1:7a:34:86:00:91:c6:ac:bd:34:5d:1f:53:44:6e:
06:03:c0:0c:b8:b0:cb:e7:21:4f:cd:79:f6:87:3f:7b:64:7a:
f6:85:4d:14:85:f3:d2:cd:b8:39:b2:d7:eb:01:ff:44:45:4f:
14:7d:9e:d8:53:ec:f1:c2:65:08:8c:0a:37:d9:c4:92:c5:2f:
e1:d5:ce:26:f9:97:d6:8e:cc:b0:f9:a3:fe:80:ee:db:16:d6:
7f:0a:62:21:e9:4f:a6:ca:e5:5c:66:f8:eb:4f:90:57:c3:0e:
c4:4b:93:4c:03:26:5a:3f:bb:30:7e:97:1f:00:32:9a:b3:25:
7b:e2:3c:80:47:65:21:37:0b:11:36:c6:37:e2:65:c4:5d:bb:
69:ef:d9:e8:0e:8b:8e:9e:c0:45:83:1c:46:b0:24:3f:57:f7:
da:fa:20:5a:52:43:83:93:69:78:73:2c:ab:d4:70:a3:89:2f:
5c:b1:95:a8:6c:a4:70:77:20:1c:35:72:91:95:ae:2f:c9:82:
79:f8:65:be:e3:49:18:02:36:69:95:90:cd:52:63:36:9c:0a:
5c:97:08:49:3e:1b:0d:c5:0e:55:e7:f7:46:c8:51:9b:2f:1f:
35:81:91:ab
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfE1xAN3drTkY91pY3W1DdaoDO1kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA0MDExMzU4MjRaFw0yNTAzMzExNDAzMjRaMDMxMTAvBgNV
BAMTKEVEQTcxMEFCNEE1RDFEOTYwOEMxMEYyMjQyNTc0Njk1QUY4OEEwOEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoGtSwaZe/lBOL0rZEBdMlwWI5
gPPcqZyIEl59/aE2OBy4BXawAK1ULe3fVfe9uLhKENLnlWitZEMg7tF+ECXB6jyc
lrmEXQkCiYh/+Xfx5V97rawInMYF9ON3U8CxcAXB3PEOoMd/lZWkTHZXd/DZTGzi
aPDlqAuZTxaZLoxon8Tsg57kznYKh2SHLIsVXMpqaGQOUoUesdk1gk0f2dGDXKda
2G53F1e5s/WJJurkildAfEWtbred0zQ/wuz4jzv0t39e3pHqTnqjsYjzXoInfoY9
hca2JyY2RQX2ojhwd4hblxXSUxUiZNyz+oL30aE3GYG3WPjlwrNFZ9PAlytdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU7acQq0pdHZYIwQ8iQldGla+IoI0wHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzQzNTJlMzgzNDJlMzEzMzM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVSJMA0GCSqGSIb3DQEBCwUAA4IBAQA3313BJaJwzWUp9ITLAongyxEESY3xejSG
AJHGrL00XR9TRG4GA8AMuLDL5yFPzXn2hz97ZHr2hU0UhfPSzbg5stfrAf9ERU8U
fZ7YU+zxwmUIjAo32cSSxS/h1c4m+ZfWjsyw+aP+gO7bFtZ/CmIh6U+myuVcZvjr
T5BXww7ES5NMAyZaP7swfpcfADKasyV74jyAR2UhNwsRNsY34mXEXbtp79noDouO
nsBFgxxGsCQ/V/fa+iBaUkODk2l4cyyr1HCjiS9csZWobKRwdyAcNXKRla4vyYJ5
+GW+40kYAjZplZDNUmM2nApclwhJPhsNxQ5V5/dGyFGbLx81gZGr
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org