Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e3134312e3232302e302f32322d3232203d3e20323031333431.roa
File: 34352e3134312e3232302e302f32322d3232203d3e20323031333431.roa (raw, json)
Hash identifier: 8XwisKXHrUxFZjs0SJH8LLfxPV5kmCpTaKtxX8V7jMw=
Subject key identifier: 8F:2B:FC:96:34:4D:43:B6:71:8A:2F:2B:04:E4:28:70:5E:93:50:F6
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 74C3F4E62BC64DC9F71F45552EEF125C08182F9C
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e3134312e3232302e302f32322d3232203d3e20323031333431.roa
Signing time: Mon 26 Feb 2024 08:53:50 +0000
ROA not before: Mon 26 Feb 2024 08:48:50 +0000
ROA not after: Mon 24 Feb 2025 08:53:50 +0000
asID: 201341
IP address blocks: 45.141.220.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:c3:f4:e6:2b:c6:4d:c9:f7:1f:45:55:2e:ef:12:5c:08:18:2f:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Feb 26 08:48:50 2024 GMT
Not After : Feb 24 08:53:50 2025 GMT
Subject: CN=8F2BFC96344D43B6718A2F2B04E428705E9350F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ff:fe:42:7d:8c:73:e7:aa:94:a6:a5:39:57:
1e:3b:24:18:37:25:59:fb:8a:05:e5:1a:2c:34:6a:
e8:e9:39:93:ca:ac:c4:9c:49:95:48:a5:39:ce:37:
f0:7d:c2:9e:db:31:c8:a6:f8:f7:0a:39:a5:01:20:
33:2a:d1:36:a2:92:eb:41:60:35:5c:53:c8:5c:e8:
76:2c:1a:94:5c:13:25:0a:91:a5:3d:65:6f:f0:cd:
92:17:90:6f:20:6d:f5:2b:66:0e:81:42:50:bf:36:
2e:33:b2:44:3f:9b:9a:90:de:31:da:c0:ca:6b:c6:
b9:f4:27:9f:e7:f0:06:47:cf:43:46:a4:fb:15:6f:
2e:70:a2:b0:8d:8f:1c:50:35:4e:ad:ee:11:5e:e3:
0b:2b:e7:81:ec:d4:59:0b:76:52:aa:43:c2:cf:a0:
10:50:8e:42:14:25:57:24:cc:6d:fe:4f:cb:d1:47:
96:51:c1:b7:79:9d:ba:15:99:4c:ff:44:75:8f:5f:
a8:64:e4:56:46:6b:56:4b:d2:3a:42:c2:52:f2:55:
a8:46:6f:c5:4e:40:da:3e:ac:56:15:47:40:78:94:
09:86:e6:99:8c:11:ed:06:76:51:3b:0d:ad:e7:ad:
36:be:e0:f5:3f:b7:66:54:b7:c0:c1:84:a7:51:b6:
47:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:2B:FC:96:34:4D:43:B6:71:8A:2F:2B:04:E4:28:70:5E:93:50:F6
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e3134312e3232302e302f32322d3232203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.220.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:15:bb:2c:59:98:fc:04:d7:b6:5c:92:c9:dd:a8:da:0c:9e:
ea:5a:f8:53:96:c1:67:e3:9b:e1:b6:88:24:1d:23:46:d2:f2:
4d:4b:c4:0e:e9:6f:64:c9:97:3c:56:ca:9d:d1:25:d2:37:b4:
42:74:ff:c4:dc:2b:e7:84:43:95:30:ac:3c:2d:48:f0:f3:47:
f8:4d:3d:46:08:8e:2d:b0:a2:b7:a4:02:c0:15:6c:a0:79:b5:
a3:9f:ef:28:b1:19:ab:db:a9:7f:10:05:57:9e:8d:d2:6b:b3:
10:d7:e5:a8:ae:ee:62:7d:7d:3a:53:df:0f:00:e4:3d:93:18:
1f:e8:56:72:e6:70:b3:40:35:34:e4:24:fd:8d:37:8c:c9:aa:
73:5f:f2:27:76:c1:a8:34:81:28:92:df:f2:16:ef:c8:dc:10:
46:28:cb:a3:e1:79:71:fc:85:03:4a:75:02:c3:2b:27:4a:d8:
34:b3:ca:90:7d:b5:9a:3f:49:fb:a4:09:a2:57:a1:ee:7b:0b:
53:b6:e6:6b:1a:22:46:af:e4:c1:02:32:0e:b0:6c:7a:53:24:
04:3a:66:5f:be:db:d0:eb:9c:c1:1e:b5:c5:65:12:44:ba:bb:
cd:22:57:52:6d:c4:2c:55:31:39:11:89:51:51:45:50:f2:66:
0d:cd:dc:9c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdMP05ivGTcn3H0VVLu8SXAgYL5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDAyMjYwODQ4NTBaFw0yNTAyMjQwODUzNTBaMDMxMTAvBgNV
BAMTKDhGMkJGQzk2MzQ0RDQzQjY3MThBMkYyQjA0RTQyODcwNUU5MzUwRjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2//5CfYxz56qUpqU5Vx47JBg3
JVn7igXlGiw0aujpOZPKrMScSZVIpTnON/B9wp7bMcim+PcKOaUBIDMq0TaikutB
YDVcU8hc6HYsGpRcEyUKkaU9ZW/wzZIXkG8gbfUrZg6BQlC/Ni4zskQ/m5qQ3jHa
wMprxrn0J5/n8AZHz0NGpPsVby5worCNjxxQNU6t7hFe4wsr54Hs1FkLdlKqQ8LP
oBBQjkIUJVckzG3+T8vRR5ZRwbd5nboVmUz/RHWPX6hk5FZGa1ZL0jpCwlLyVahG
b8VOQNo+rFYVR0B4lAmG5pmMEe0GdlE7Da3nrTa+4PU/t2ZUt8DBhKdRtke1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUjyv8ljRNQ7Zxii8rBOQocF6TUPYwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzQzNTJlMzEzNDMxMmUzMjMy
MzAyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAItjdwwDQYJKoZIhvcNAQELBQADggEBAA0VuyxZmPwE17ZcksndqNoMnupa+FOW
wWfjm+G2iCQdI0bS8k1LxA7pb2TJlzxWyp3RJdI3tEJ0/8TcK+eEQ5UwrDwtSPDz
R/hNPUYIji2worekAsAVbKB5taOf7yixGavbqX8QBVeejdJrsxDX5aiu7mJ9fTpT
3w8A5D2TGB/oVnLmcLNANTTkJP2NN4zJqnNf8id2wag0gSiS3/IW78jcEEYoy6Ph
eXH8hQNKdQLDKydK2DSzypB9tZo/SfukCaJXoe57C1O25msaIkav5MECMg6wbHpT
JAQ6Zl++29DrnMEetcVlEkS6u80iV1JtxCxVMTkRiVFRRVDyZg3N3Jw=
-----END CERTIFICATE-----
Generated at Sat May 11 08:13:55 2024 by rpki-client on console-ams.rpki-client.org