Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e3133322e3234302e302f32322d3234203d3e203437353833.roa
File: 34352e3133322e3234302e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: ZGOvFQgOdtlJf4WGHp/pcu2pFpY2rFGD1qlDWULYm3g=
Subject key identifier: DA:6D:09:BF:96:1A:1A:2F:7F:D3:A0:5A:DA:4C:B2:2E:3E:D0:CE:32
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 2AB14D2852A009DDA8A1B2EA0E68092392FB1790
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e3133322e3234302e302f32322d3234203d3e203437353833.roa
Signing time: Mon 26 Feb 2024 08:53:49 +0000
ROA not before: Mon 26 Feb 2024 08:48:49 +0000
ROA not after: Mon 24 Feb 2025 08:53:49 +0000
asID: 47583
IP address blocks: 45.132.240.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:b1:4d:28:52:a0:09:dd:a8:a1:b2:ea:0e:68:09:23:92:fb:17:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Feb 26 08:48:49 2024 GMT
Not After : Feb 24 08:53:49 2025 GMT
Subject: CN=DA6D09BF961A1A2F7FD3A05ADA4CB22E3ED0CE32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9f:2e:f7:ec:50:67:d1:8d:bc:84:fb:65:1a:
e6:b9:00:b9:c1:81:9d:f2:48:a4:4c:cf:71:95:17:
56:f5:50:0c:98:41:1e:cd:c8:ca:dd:e4:da:e0:f9:
8b:1e:9a:f5:92:0b:4e:35:2e:00:f4:5e:22:c5:86:
7c:0d:22:36:0d:bc:5b:30:ca:fa:3a:0b:9d:54:14:
e1:57:ab:b3:01:d6:bc:17:ff:f6:1d:23:3e:5a:db:
2c:57:ef:81:fe:2c:1a:1d:51:4f:ae:55:51:a9:18:
7e:d9:78:dc:70:7e:41:b2:e2:62:bd:09:f7:ad:0e:
e1:42:9f:69:3e:bb:0a:8b:08:f1:45:b2:65:e7:ee:
2e:50:5a:ff:48:96:96:c2:93:b6:57:0c:f3:df:35:
b9:3e:95:cf:53:f1:30:be:aa:1a:6c:3a:71:ed:9b:
21:6c:e1:8b:03:b8:86:f8:c0:80:d8:d9:45:b1:8d:
ff:27:ee:58:10:c1:fe:1f:a8:a0:7a:8b:d5:39:49:
ed:65:b5:4b:e5:9b:2d:42:61:13:a1:7f:b5:da:5f:
70:d8:60:5e:ba:ab:ba:6d:6d:d6:d2:52:12:f8:4d:
61:40:c5:2f:b3:ab:d4:ae:8f:7a:8d:71:04:56:ed:
35:fa:d5:5f:59:dd:77:62:7c:58:fe:16:c3:4d:92:
a6:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:6D:09:BF:96:1A:1A:2F:7F:D3:A0:5A:DA:4C:B2:2E:3E:D0:CE:32
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e3133322e3234302e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.240.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:16:a1:f4:97:78:8d:49:3f:a4:7c:54:2f:19:df:c7:39:53:
f3:33:bc:c6:40:f8:b2:b6:f0:b3:6a:93:63:77:23:e7:d2:9c:
1c:06:b4:cf:47:1a:9c:13:50:70:99:e1:42:64:24:fc:20:af:
a7:bd:e1:33:c3:fa:07:43:7a:54:c9:cb:ae:fd:84:86:fa:c7:
55:02:08:1c:25:b9:5f:92:9f:26:c7:29:4f:60:cf:7e:d1:4b:
dd:a7:1e:b3:17:88:1d:77:cd:57:9b:4a:1e:bc:9b:9e:2d:4f:
80:18:83:16:f3:2a:de:78:a5:d5:f8:12:66:4c:d6:41:d2:a5:
a8:14:e3:d9:9b:f2:22:6f:91:78:1d:51:19:df:2c:39:97:57:
2c:20:bc:e0:f0:8e:80:3e:d8:af:a3:c1:49:cf:23:d3:83:2c:
e3:ed:ec:c0:d3:f8:00:53:a6:a4:2f:4d:f3:1f:b4:4d:da:b6:
17:a2:75:89:c0:0e:33:85:fb:6e:15:68:76:52:5d:ef:4d:5e:
a8:c6:c3:f7:a9:78:37:30:10:1c:b4:a6:df:a2:ec:2b:9d:07:
5e:b6:91:53:16:e6:e9:30:79:de:55:fc:20:01:c0:aa:b6:e1:
ba:b0:20:1b:51:d7:d4:35:64:2e:54:9e:e9:53:65:af:d7:57:
ee:04:2b:bf
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKrFNKFKgCd2oobLqDmgJI5L7F5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDAyMjYwODQ4NDlaFw0yNTAyMjQwODUzNDlaMDMxMTAvBgNV
BAMTKERBNkQwOUJGOTYxQTFBMkY3RkQzQTA1QURBNENCMjJFM0VEMENFMzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxny737FBn0Y28hPtlGua5ALnB
gZ3ySKRMz3GVF1b1UAyYQR7NyMrd5Nrg+YsemvWSC041LgD0XiLFhnwNIjYNvFsw
yvo6C51UFOFXq7MB1rwX//YdIz5a2yxX74H+LBodUU+uVVGpGH7ZeNxwfkGy4mK9
CfetDuFCn2k+uwqLCPFFsmXn7i5QWv9IlpbCk7ZXDPPfNbk+lc9T8TC+qhpsOnHt
myFs4YsDuIb4wIDY2UWxjf8n7lgQwf4fqKB6i9U5Se1ltUvlmy1CYROhf7XaX3DY
YF66q7ptbdbSUhL4TWFAxS+zq9Suj3qNcQRW7TX61V9Z3XdifFj+FsNNkqZdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU2m0Jv5YaGi9/06Ba2kyyLj7QzjIwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzQzNTJlMzEzMzMyMmUzMjM0
MzAyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
LYTwMA0GCSqGSIb3DQEBCwUAA4IBAQAsFqH0l3iNST+kfFQvGd/HOVPzM7zGQPiy
tvCzapNjdyPn0pwcBrTPRxqcE1BwmeFCZCT8IK+nveEzw/oHQ3pUycuu/YSG+sdV
AggcJblfkp8mxylPYM9+0Uvdpx6zF4gdd81Xm0oevJueLU+AGIMW8yreeKXV+BJm
TNZB0qWoFOPZm/Iib5F4HVEZ3yw5l1csILzg8I6APtivo8FJzyPTgyzj7ezA0/gA
U6akL03zH7RN2rYXonWJwA4zhftuFWh2Ul3vTV6oxsP3qXg3MBActKbfouwrnQde
tpFTFubpMHneVfwgAcCqtuG6sCAbUdfUNWQuVJ7pU2Wv11fuBCu/
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:05 2024 by rpki-client on console-fra.rpki-client.org