Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e39342e3230382e302f32342d3234203d3e20313336373837.roa
File: 34352e39342e3230382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: GkTQirDwke63lDvpYwWmsDKQJWeAluRUYebjENI9mc8=
Subject key identifier: CF:89:19:94:C9:29:05:F0:88:B8:87:8D:8B:0C:F6:68:C7:97:0C:C4
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 23043E1D13F82D188DB468AEA1A0F101FABFCBE9
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e39342e3230382e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 07 Aug 2023 22:03:56 +0000
ROA not before: Mon 07 Aug 2023 21:58:56 +0000
ROA not after: Mon 05 Aug 2024 22:03:56 +0000
asID: 136787
IP address blocks: 45.94.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:04:3e:1d:13:f8:2d:18:8d:b4:68:ae:a1:a0:f1:01:fa:bf:cb:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Aug 7 21:58:56 2023 GMT
Not After : Aug 5 22:03:56 2024 GMT
Subject: CN=CF891994C92905F088B8878D8B0CF668C7970CC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:54:f8:30:7d:50:39:ea:46:cd:77:9a:7b:6c:
27:a6:49:a9:11:da:49:9c:05:b5:b1:9a:39:ba:5a:
69:d1:46:61:81:de:9d:d6:d0:5b:48:bf:53:18:84:
aa:c9:89:7c:30:19:81:6c:7f:52:e4:5d:6d:11:8c:
b3:86:dc:74:3e:e7:3e:63:e2:25:b9:4a:05:05:63:
05:84:3b:e7:98:14:00:24:5c:8f:4c:53:67:0d:0d:
7f:2d:e9:76:e1:7a:e3:bd:79:55:fc:4e:e6:84:5d:
e8:3d:b5:ec:62:d0:1c:58:b5:19:77:71:4c:4d:88:
30:1f:b7:a5:c9:c3:27:23:6f:34:5c:f9:a1:54:f9:
ac:d9:2e:5f:7c:f0:cf:d5:8c:b3:39:51:68:0c:af:
3b:75:d8:3b:f0:dc:b3:1f:6e:f9:ba:50:7d:e5:af:
0f:16:23:68:09:ec:3a:5f:c6:a9:41:70:57:ab:9f:
9d:4c:4b:13:9f:e6:4f:b3:3e:46:a2:28:24:58:15:
69:9c:31:1b:69:29:39:3c:3b:72:c2:57:cc:18:6a:
d9:b1:44:69:b6:40:30:5e:72:bf:de:c5:85:e3:c5:
15:f6:1a:4f:33:8b:06:a4:34:e3:bc:55:e0:8b:fb:
0a:53:3b:2e:fe:81:97:73:c7:5f:3d:26:69:a7:06:
66:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:89:19:94:C9:29:05:F0:88:B8:87:8D:8B:0C:F6:68:C7:97:0C:C4
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e39342e3230382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.208.0/24
Signature Algorithm: sha256WithRSAEncryption
91:90:16:45:ae:32:ba:95:eb:04:c9:f1:32:a2:ee:43:12:c1:
f6:90:d3:ab:d6:89:ad:c6:c2:ea:65:4e:06:4c:b8:f3:a8:bd:
1d:e7:9f:fe:4a:c7:fb:08:a9:aa:15:f2:0d:75:a9:0a:99:44:
d7:e4:da:7a:17:66:1c:d1:1f:02:b5:2c:a3:f2:4c:3b:74:21:
29:8b:49:02:33:ab:15:23:94:0c:c7:31:6f:3c:12:1c:5d:e8:
b0:5f:24:03:ad:16:c8:64:f3:7f:2a:ac:d2:ca:f1:a5:bb:66:
95:7f:30:aa:70:e4:36:9f:bb:0a:47:47:35:5b:c0:51:5c:2e:
6a:14:c9:a7:61:e6:26:54:20:35:a7:86:fa:a7:1a:8e:b9:5b:
af:15:9f:78:0b:87:a4:6f:a9:cd:f9:3f:97:2c:a8:de:9b:f4:
bd:f1:64:58:dd:3c:a9:1d:7b:0f:b8:29:b5:ca:cc:a5:d3:a9:
a1:82:25:6a:d2:32:db:bb:fa:c1:2f:28:aa:10:0b:71:e1:cf:
12:7f:9b:47:52:db:b1:dd:78:fa:16:9c:43:f1:69:b9:a5:87:
da:79:b5:e2:da:22:56:f2:ee:13:26:8d:c6:87:b3:f8:4e:5c:
61:29:7f:2e:3c:00:37:52:a2:11:e6:18:0d:61:5c:f9:86:56:
22:4d:aa:b4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIwQ+HRP4LRiNtGiuoaDxAfq/y+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yMzA4MDcyMTU4NTZaFw0yNDA4MDUyMjAzNTZaMDMxMTAvBgNV
BAMTKENGODkxOTk0QzkyOTA1RjA4OEI4ODc4RDhCMENGNjY4Qzc5NzBDQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEVPgwfVA56kbNd5p7bCemSakR
2kmcBbWxmjm6WmnRRmGB3p3W0FtIv1MYhKrJiXwwGYFsf1LkXW0RjLOG3HQ+5z5j
4iW5SgUFYwWEO+eYFAAkXI9MU2cNDX8t6XbheuO9eVX8TuaEXeg9texi0BxYtRl3
cUxNiDAft6XJwycjbzRc+aFU+azZLl988M/VjLM5UWgMrzt12Dvw3LMfbvm6UH3l
rw8WI2gJ7DpfxqlBcFern51MSxOf5k+zPkaiKCRYFWmcMRtpKTk8O3LCV8wYatmx
RGm2QDBecr/exYXjxRX2Gk8ziwakNOO8VeCL+wpTOy7+gZdzx189JmmnBmbHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUz4kZlMkpBfCIuIeNiwz2aMeXDMQwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzQzNTJlMzkzNDJlMzIzMDM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LV7QMA0GCSqGSIb3DQEBCwUAA4IBAQCRkBZFrjK6lesEyfEyou5DEsH2kNOr1omt
xsLqZU4GTLjzqL0d55/+Ssf7CKmqFfINdakKmUTX5Np6F2Yc0R8CtSyj8kw7dCEp
i0kCM6sVI5QMxzFvPBIcXeiwXyQDrRbIZPN/KqzSyvGlu2aVfzCqcOQ2n7sKR0c1
W8BRXC5qFMmnYeYmVCA1p4b6pxqOuVuvFZ94C4ekb6nN+T+XLKjem/S98WRY3Typ
HXsPuCm1ysyl06mhgiVq0jLbu/rBLyiqEAtx4c8Sf5tHUtux3Xj6FpxD8Wm5pYfa
ebXi2iJW8u4TJo3Gh7P4TlxhKX8uPAA3UqIR5hgNYVz5hlYiTaq0
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:54 2024 by rpki-client on console-ams.rpki-client.org