Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e3134332e38322e302f32342d3234203d3e20313336373837.roa
File: 34352e3134332e38322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: k6wok928dkWT9FxR9z2jrEGklCSiEexXnoM8laht7V0=
Subject key identifier: 72:E2:26:D9:21:AA:84:0C:D2:7E:5F:18:1D:DF:30:4C:AA:C6:8E:61
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 60C8529B2995C5CE31C54EE182D1D2A56A48B1F3
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e3134332e38322e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:48 +0000
ROA not before: Mon 26 Feb 2024 08:48:48 +0000
ROA not after: Mon 24 Feb 2025 08:53:48 +0000
asID: 136787
IP address blocks: 45.143.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:c8:52:9b:29:95:c5:ce:31:c5:4e:e1:82:d1:d2:a5:6a:48:b1:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Feb 26 08:48:48 2024 GMT
Not After : Feb 24 08:53:48 2025 GMT
Subject: CN=72E226D921AA840CD27E5F181DDF304CAAC68E61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:c8:0b:16:ca:b8:42:a9:29:06:d3:cc:cc:f5:
a1:5f:17:8c:a7:8f:34:ac:97:f4:88:0b:9b:49:d3:
c8:42:72:35:65:63:10:ba:0a:48:da:06:a9:94:b8:
f3:71:ae:d1:4e:4b:7a:75:c9:6c:74:4e:ce:45:c1:
0c:1a:64:81:8e:12:b1:23:81:65:04:af:f6:5a:f8:
6e:c9:37:35:87:71:53:5f:55:bb:64:15:c4:27:c8:
ba:6d:66:49:c0:25:42:d4:b9:90:0f:09:ad:10:0c:
f2:45:86:c8:5a:98:f7:3c:cb:3c:34:72:7d:61:d5:
cd:b5:56:2b:4d:4e:62:9c:76:2c:0b:12:0b:42:c9:
b1:66:f1:e5:4a:ca:d7:95:2f:ef:06:21:91:da:2b:
2f:0f:39:08:66:d7:b9:5e:4f:28:85:be:7b:29:14:
dc:23:c1:17:b4:89:d8:14:f8:f4:f2:6e:95:1d:15:
47:bf:14:17:4f:81:ba:ba:e7:d6:0d:82:ae:99:86:
5d:d2:7d:2a:b4:37:e1:ed:79:35:13:41:29:a2:3e:
30:c9:5e:ca:1c:fd:9d:1d:8e:64:32:7a:d4:9f:be:
7e:ed:dd:4f:f7:80:f9:ca:52:e7:e5:e2:cd:e8:6b:
76:74:c7:96:82:21:cb:07:e1:4b:fe:28:ef:2d:be:
19:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:E2:26:D9:21:AA:84:0C:D2:7E:5F:18:1D:DF:30:4C:AA:C6:8E:61
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e3134332e38322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.82.0/24
Signature Algorithm: sha256WithRSAEncryption
01:41:c7:0f:b7:de:2a:e1:5e:eb:6f:7c:a3:cf:ef:16:85:8d:
50:db:64:a8:cd:f6:5d:18:3c:68:45:1e:2c:06:0f:64:66:0e:
24:0e:35:ef:57:62:4c:ec:c5:e5:bf:14:f6:ce:88:31:26:33:
40:01:e3:91:c5:08:6b:35:54:25:04:2e:9c:fa:60:fe:7d:fc:
2d:f1:bd:ec:6a:07:1b:65:b3:8c:2e:c5:30:34:59:16:48:96:
5e:b7:72:b8:35:2e:c5:b1:24:99:1c:14:dc:e5:31:3f:ef:6e:
9e:96:97:f2:71:92:63:35:7d:f6:89:48:1b:2d:be:44:52:56:
62:4a:ba:61:92:6a:c2:8d:c3:28:1c:1d:0a:16:16:7e:ce:22:
ed:3b:c3:40:ca:e0:a7:4f:f8:69:c4:cf:de:27:b6:61:97:2a:
c9:a1:d1:cf:17:2b:44:bd:be:eb:7f:96:24:29:20:cf:84:20:
71:3b:47:de:31:16:c9:bc:a0:31:c3:70:e5:cb:67:0a:1a:e1:
dc:bc:be:9e:6a:b9:7c:84:3b:1a:cc:60:73:1f:c9:ac:1a:f5:
ff:d6:25:eb:63:3a:d3:bb:01:d5:04:d2:1b:82:b8:6a:77:e3:
13:96:ff:e2:f9:c0:8c:f3:3c:fc:4e:8e:84:e1:90:9e:6f:e6:
bd:87:32:eb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYMhSmymVxc4xxU7hgtHSpWpIsfMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDAyMjYwODQ4NDhaFw0yNTAyMjQwODUzNDhaMDMxMTAvBgNV
BAMTKDcyRTIyNkQ5MjFBQTg0MENEMjdFNUYxODFEREYzMDRDQUFDNjhFNjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhyAsWyrhCqSkG08zM9aFfF4yn
jzSsl/SIC5tJ08hCcjVlYxC6CkjaBqmUuPNxrtFOS3p1yWx0Ts5FwQwaZIGOErEj
gWUEr/Za+G7JNzWHcVNfVbtkFcQnyLptZknAJULUuZAPCa0QDPJFhshamPc8yzw0
cn1h1c21VitNTmKcdiwLEgtCybFm8eVKyteVL+8GIZHaKy8POQhm17leTyiFvnsp
FNwjwRe0idgU+PTybpUdFUe/FBdPgbq659YNgq6Zhl3SfSq0N+HteTUTQSmiPjDJ
Xsoc/Z0djmQyetSfvn7t3U/3gPnKUufl4s3oa3Z0x5aCIcsH4Uv+KO8tvhljAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUcuIm2SGqhAzSfl8YHd8wTKrGjmEwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzQzNTJlMzEzNDMzMmUzODMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LY9SMA0GCSqGSIb3DQEBCwUAA4IBAQABQccPt94q4V7rb3yjz+8WhY1Q22SozfZd
GDxoRR4sBg9kZg4kDjXvV2JM7MXlvxT2zogxJjNAAeORxQhrNVQlBC6c+mD+ffwt
8b3sagcbZbOMLsUwNFkWSJZet3K4NS7FsSSZHBTc5TE/726elpfycZJjNX32iUgb
Lb5EUlZiSrphkmrCjcMoHB0KFhZ+ziLtO8NAyuCnT/hpxM/eJ7ZhlyrJodHPFytE
vb7rf5YkKSDPhCBxO0feMRbJvKAxw3Dly2cKGuHcvL6earl8hDsazGBzH8msGvX/
1iXrYzrTuwHVBNIbgrhqd+MTlv/i+cCM8zz8To6E4ZCeb+a9hzLr
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:55 2024 by rpki-client on console-ams.rpki-client.org