Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e38342e3133382e302f32342d3332203d3e203531313637.roa
File: 34352e38342e3133382e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: 3nHS5gz1dW0HelVBNCkGo/UoWfQiX5E6CfqHnxvLktw=
Subject key identifier: 2F:6D:E3:C5:38:44:AC:63:17:D0:45:BB:4B:5D:30:61:B2:4C:37:08
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 08480F40732DCD651FCC4611387824DF9A3AFB7E
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e38342e3133382e302f32342d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:38 +0000
ROA not before: Mon 26 Feb 2024 08:48:38 +0000
ROA not after: Mon 24 Feb 2025 08:53:38 +0000
asID: 51167
IP address blocks: 45.84.138.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:48:0f:40:73:2d:cd:65:1f:cc:46:11:38:78:24:df:9a:3a:fb:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Feb 26 08:48:38 2024 GMT
Not After : Feb 24 08:53:38 2025 GMT
Subject: CN=2F6DE3C53844AC6317D045BB4B5D3061B24C3708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:9f:a8:d9:40:22:80:f6:ec:c5:b9:f3:a8:05:
07:69:47:32:13:b5:6d:ac:09:52:cb:f4:18:70:b1:
81:8c:d9:a6:a6:21:10:c4:1b:5a:a3:5c:e8:af:dc:
21:89:10:3e:f0:24:80:da:5d:19:cb:55:58:d0:37:
21:16:b0:da:69:bc:17:d7:56:59:dd:6d:98:4c:4e:
a5:0b:c7:76:17:3f:77:27:50:9b:b8:71:95:6b:69:
b5:a1:60:57:aa:e3:10:32:39:a6:f0:c2:8d:51:d9:
55:67:d5:c2:35:2c:c3:02:08:ea:2a:fc:47:55:7f:
21:9d:86:72:47:03:2b:e4:96:93:3b:c6:93:60:1e:
1d:bd:70:68:28:4e:79:95:14:56:9b:c2:c7:3b:f2:
7d:1e:82:54:06:f8:b4:28:c5:77:d0:ca:4b:73:f8:
f9:e9:d4:d2:57:2c:d9:e2:d3:9e:40:65:bb:12:2e:
f1:a5:0e:86:48:a3:dd:7e:fc:46:d5:85:57:a1:0c:
b9:86:a3:cf:99:88:74:1a:34:57:df:9f:28:2a:68:
05:8a:a6:d1:64:47:b2:a2:c7:f5:ee:94:74:87:e6:
c6:6a:55:58:5c:d7:4e:7f:f1:9d:bb:c7:5c:61:b2:
53:d9:e3:e7:d5:93:dd:19:4d:fe:37:5c:61:38:9a:
cf:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:6D:E3:C5:38:44:AC:63:17:D0:45:BB:4B:5D:30:61:B2:4C:37:08
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e38342e3133382e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.138.0/24
Signature Algorithm: sha256WithRSAEncryption
44:31:4b:84:1b:aa:a9:bb:0b:7d:98:b3:3f:78:74:85:d9:5c:
aa:dc:94:6f:52:49:95:f7:5c:c1:52:2b:56:a6:3f:51:0f:0f:
87:b4:49:85:0d:e1:e6:91:35:59:e7:c3:f4:67:12:a6:2a:55:
42:78:2f:b4:33:1f:12:9a:ed:d4:16:58:db:a5:20:30:29:9f:
45:ce:e6:aa:f5:0b:49:74:27:6a:01:a6:98:bb:44:43:27:53:
c5:17:7a:cb:9c:e3:55:0c:09:2b:9b:6d:f1:67:37:79:41:96:
a0:2d:c5:d9:fa:0c:5d:b6:f1:83:1d:91:19:96:77:c5:c8:aa:
d8:58:f6:fd:51:68:0c:e8:68:a7:1f:17:28:ad:3f:0e:3c:7a:
ea:19:59:f2:50:5f:c4:15:99:ee:51:eb:f3:97:1a:98:e9:8b:
0a:01:df:69:ba:ca:cb:e2:91:97:32:31:4c:c3:76:35:b3:21:
02:ec:07:d5:81:68:95:ba:56:3b:5a:d3:e8:31:79:f1:7e:bf:
7a:bd:61:ca:d4:15:7f:ae:da:4c:09:7a:7a:f2:78:15:bf:17:
10:dc:66:7f:9d:7e:63:1a:4a:be:e9:6b:c9:d3:61:29:8e:0e:
a9:b3:d3:11:79:d2:88:8a:12:66:71:2f:26:dc:34:55:fb:e1:
ad:c5:d5:0e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUCEgPQHMtzWUfzEYROHgk35o6+34wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDAyMjYwODQ4MzhaFw0yNTAyMjQwODUzMzhaMDMxMTAvBgNV
BAMTKDJGNkRFM0M1Mzg0NEFDNjMxN0QwNDVCQjRCNUQzMDYxQjI0QzM3MDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD6n6jZQCKA9uzFufOoBQdpRzIT
tW2sCVLL9BhwsYGM2aamIRDEG1qjXOiv3CGJED7wJIDaXRnLVVjQNyEWsNppvBfX
VlndbZhMTqULx3YXP3cnUJu4cZVrabWhYFeq4xAyOabwwo1R2VVn1cI1LMMCCOoq
/EdVfyGdhnJHAyvklpM7xpNgHh29cGgoTnmVFFabwsc78n0eglQG+LQoxXfQyktz
+Pnp1NJXLNni055AZbsSLvGlDoZIo91+/EbVhVehDLmGo8+ZiHQaNFffnygqaAWK
ptFkR7Kix/XulHSH5sZqVVhc105/8Z27x1xhslPZ4+fVk90ZTf43XGE4ms9JAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUL23jxThErGMX0EW7S10wYbJMNwgwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzQzNTJlMzgzNDJlMzEzMzM4
MmUzMDJmMzIzNDJkMzMzMjIwM2QzZTIwMzUzMTMxMzYzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1U
ijANBgkqhkiG9w0BAQsFAAOCAQEARDFLhBuqqbsLfZizP3h0hdlcqtyUb1JJlfdc
wVIrVqY/UQ8Ph7RJhQ3h5pE1WefD9GcSpipVQngvtDMfEprt1BZY26UgMCmfRc7m
qvULSXQnagGmmLtEQydTxRd6y5zjVQwJK5tt8Wc3eUGWoC3F2foMXbbxgx2RGZZ3
xciq2Fj2/VFoDOhopx8XKK0/Djx66hlZ8lBfxBWZ7lHr85camOmLCgHfabrKy+KR
lzIxTMN2NbMhAuwH1YFolbpWO1rT6DF58X6/er1hytQVf67aTAl6evJ4Fb8XENxm
f51+YxpKvulrydNhKY4OqbPTEXnSiIoSZnEvJtw0VfvhrcXVDg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:45 2024 by rpki-client on console-ams.rpki-client.org