Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e39342e3231312e302f32342d3234203d3e203632323430.roa
File: 34352e39342e3231312e302f32342d3234203d3e203632323430.roa (raw, json)
Hash identifier: FJViCprVOK4EL4Oj64PjYy0iuuugC6G695UggysRKp8=
Subject key identifier: A0:9A:53:F7:48:CA:71:30:C6:93:99:A5:95:7E:E4:AC:0E:A1:62:93
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 5D63E43A8064E155E0F9A502DE7AD7EF1C891F15
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e39342e3231312e302f32342d3234203d3e203632323430.roa
Signing time: Mon 01 Apr 2024 14:03:22 +0000
ROA not before: Mon 01 Apr 2024 13:58:22 +0000
ROA not after: Mon 31 Mar 2025 14:03:22 +0000
asID: 62240
IP address blocks: 45.94.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:63:e4:3a:80:64:e1:55:e0:f9:a5:02:de:7a:d7:ef:1c:89:1f:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Apr 1 13:58:22 2024 GMT
Not After : Mar 31 14:03:22 2025 GMT
Subject: CN=A09A53F748CA7130C69399A5957EE4AC0EA16293
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6f:f5:76:2a:3b:ab:5c:cc:f3:96:19:ff:58:
95:99:13:ae:0c:be:cc:93:c0:2b:f9:6e:8e:2f:b7:
6b:b9:6a:50:26:e8:b6:de:1c:33:c4:85:93:1b:3a:
2b:92:f6:87:83:e5:50:40:ac:b2:88:c3:2c:78:7b:
6e:2b:bf:dc:ff:70:f6:fc:47:12:a7:91:08:e7:67:
92:2b:59:83:23:46:8e:55:99:bf:68:d8:f2:9d:cb:
68:0f:4e:b4:ed:7d:36:59:e9:ca:1c:45:4c:cb:3f:
6d:42:82:0c:06:99:88:0e:cd:86:6c:5a:1f:78:25:
fa:b3:f2:01:ea:31:2b:ae:1e:3c:08:05:18:86:43:
e7:5f:e4:2b:40:31:34:a1:d4:91:5e:0e:df:5f:45:
85:b6:64:fb:c9:bc:3c:bc:23:dc:89:00:db:0d:8a:
40:b0:5d:93:37:36:f4:a6:f5:26:5f:71:aa:90:4d:
10:13:a3:94:46:5a:0c:33:ac:9e:4a:dc:65:70:5a:
85:bc:c2:a8:46:6d:ca:52:52:4f:1d:2f:33:0f:cf:
1f:f1:4b:5a:f0:76:91:fa:61:99:2f:ee:fd:85:7b:
24:01:76:55:d7:26:d3:62:0c:75:63:f5:96:e0:df:
a2:26:4d:c3:42:50:63:e9:cb:cc:88:6a:0e:04:d5:
21:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:9A:53:F7:48:CA:71:30:C6:93:99:A5:95:7E:E4:AC:0E:A1:62:93
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e39342e3231312e302f32342d3234203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.211.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:46:18:55:74:2a:9d:12:37:ef:b5:75:f1:ad:62:37:75:1a:
ae:51:3f:2d:9d:3f:4f:de:0e:5a:ac:90:01:41:5b:16:cf:86:
61:28:01:8c:15:b3:44:9e:51:50:7e:ec:e3:13:e2:96:4d:fa:
bc:9f:cf:65:37:31:b7:f3:9e:ea:ee:f0:49:e4:52:8c:89:44:
31:30:c7:ad:46:02:4a:5c:48:76:df:b3:78:9e:ca:8e:dc:e4:
66:2f:13:1c:fb:6e:94:95:0e:aa:ee:df:18:0f:06:78:c5:cb:
77:94:f4:e1:2b:9c:c8:36:13:04:c1:ef:56:16:1b:b9:61:08:
f7:02:66:f1:e2:3b:e9:8d:72:35:6f:ad:9b:42:26:4f:3a:82:
8c:0b:e1:d4:7c:f8:b2:ef:31:f2:17:c8:45:f2:76:34:e4:a0:
93:2c:d3:99:ee:12:c4:c1:2a:54:73:37:b5:ab:2d:e1:c5:e6:
4a:b7:1d:20:66:12:be:6b:69:c3:67:5c:1d:e5:aa:55:14:69:
02:b0:b5:80:9c:9e:f7:b4:24:98:77:74:12:64:ae:0e:57:f5:
0c:25:9f:17:81:af:53:5d:cc:ca:56:9e:68:32:d1:d7:b9:eb:
e7:14:38:e6:13:a9:cf:0d:3a:04:c2:43:bc:bd:b6:aa:60:33:
6d:c8:de:28
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUXWPkOoBk4VXg+aUC3nrX7xyJHxUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA0MDExMzU4MjJaFw0yNTAzMzExNDAzMjJaMDMxMTAvBgNV
BAMTKEEwOUE1M0Y3NDhDQTcxMzBDNjkzOTlBNTk1N0VFNEFDMEVBMTYyOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWb/V2KjurXMzzlhn/WJWZE64M
vsyTwCv5bo4vt2u5alAm6LbeHDPEhZMbOiuS9oeD5VBArLKIwyx4e24rv9z/cPb8
RxKnkQjnZ5IrWYMjRo5Vmb9o2PKdy2gPTrTtfTZZ6cocRUzLP21CggwGmYgOzYZs
Wh94Jfqz8gHqMSuuHjwIBRiGQ+df5CtAMTSh1JFeDt9fRYW2ZPvJvDy8I9yJANsN
ikCwXZM3NvSm9SZfcaqQTRATo5RGWgwzrJ5K3GVwWoW8wqhGbcpSUk8dLzMPzx/x
S1rwdpH6YZkv7v2FeyQBdlXXJtNiDHVj9Zbg36ImTcNCUGPpy8yIag4E1SEPAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUoJpT90jKcTDGk5mllX7krA6hYpMwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzQzNTJlMzkzNDJlMzIzMTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMjMyMzQzMC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1e
0zANBgkqhkiG9w0BAQsFAAOCAQEAHEYYVXQqnRI377V18a1iN3UarlE/LZ0/T94O
WqyQAUFbFs+GYSgBjBWzRJ5RUH7s4xPilk36vJ/PZTcxt/Oe6u7wSeRSjIlEMTDH
rUYCSlxIdt+zeJ7KjtzkZi8THPtulJUOqu7fGA8GeMXLd5T04SucyDYTBMHvVhYb
uWEI9wJm8eI76Y1yNW+tm0ImTzqCjAvh1Hz4su8x8hfIRfJ2NOSgkyzTme4SxMEq
VHM3tast4cXmSrcdIGYSvmtpw2dcHeWqVRRpArC1gJye97QkmHd0EmSuDlf1DCWf
F4GvU13MylaeaDLR17nr5xQ45hOpzw06BMJDvL22qmAzbcjeKA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:27 2024 by rpki-client on console-ams.rpki-client.org