Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e3134372e37322e302f32322d3232203d3e20323033303230.roa
File: 34352e3134372e37322e302f32322d3232203d3e20323033303230.roa (raw, json)
Hash identifier: jmGKnqmKdHMAVSPbgT4LcMoCG4ZRac3ysc1pMdrLTCg=
Subject key identifier: 0B:11:95:CC:C7:AB:BA:A9:2D:D3:71:7C:E9:17:20:5D:94:39:D1:EB
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 46F3EA14496AC6FFA2B11BD4A5CC5EA3269C9B46
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e3134372e37322e302f32322d3232203d3e20323033303230.roa
Signing time: Wed 14 Aug 2024 08:01:41 +0000
ROA not before: Wed 14 Aug 2024 07:56:41 +0000
ROA not after: Wed 13 Aug 2025 08:01:41 +0000
asID: 203020
IP address blocks: 45.147.72.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:f3:ea:14:49:6a:c6:ff:a2:b1:1b:d4:a5:cc:5e:a3:26:9c:9b:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Aug 14 07:56:41 2024 GMT
Not After : Aug 13 08:01:41 2025 GMT
Subject: CN=0B1195CCC7ABBAA92DD3717CE917205D9439D1EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:29:e1:4b:92:af:ca:c2:87:25:f9:0c:f4:88:
dc:94:0b:19:78:1e:ff:eb:aa:3c:ee:59:1d:3f:37:
e0:56:47:ab:b2:2b:4b:9b:e4:28:c7:a8:13:cc:8b:
50:e5:62:22:a7:f2:70:0d:9d:be:b7:77:09:45:f2:
09:14:af:ac:1b:12:be:89:2f:44:32:60:c4:9d:f8:
3c:3c:77:83:0b:94:a1:dd:0d:c5:63:a7:83:79:84:
6c:1a:2d:75:03:47:4b:70:74:b4:bb:73:04:23:9f:
81:d7:58:23:eb:7d:9b:da:a7:db:a8:4c:44:f3:35:
89:2b:c6:39:19:18:22:42:93:cd:38:0f:90:88:3b:
15:2b:ce:ca:17:fa:f0:9c:52:75:bf:eb:b9:5f:75:
b1:97:90:23:7b:73:9f:ea:39:c0:9e:1f:96:ce:f5:
d3:98:c0:f4:7e:92:f0:2a:4c:13:cc:8e:ea:45:46:
9a:f8:1e:a1:ba:b7:23:17:7b:43:83:5d:be:15:fd:
70:fe:a6:6f:47:ff:09:86:50:7b:92:4c:d8:38:23:
a8:41:7a:6a:d1:22:8a:8d:40:0d:3a:27:bf:5f:db:
cc:bc:db:ba:36:3e:ef:5b:7c:d9:b8:ce:c5:76:de:
eb:8d:00:a1:0f:38:5f:5c:db:d6:15:fe:fb:cb:86:
a5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:11:95:CC:C7:AB:BA:A9:2D:D3:71:7C:E9:17:20:5D:94:39:D1:EB
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e3134372e37322e302f32322d3232203d3e20323033303230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.72.0/22
Signature Algorithm: sha256WithRSAEncryption
71:bd:71:93:1d:27:13:6d:5b:c1:01:ef:ef:53:58:f4:65:49:
90:b0:75:7d:25:a2:e1:93:05:76:3a:37:31:89:60:e4:31:55:
e4:30:5f:15:3d:e0:59:c3:66:1f:27:a3:b2:0a:ed:f9:fc:46:
3a:b1:87:6c:aa:40:82:f4:d7:17:29:b5:3a:55:51:7a:1b:94:
63:a6:05:7b:45:91:35:85:4b:9c:9b:53:37:21:e1:de:bd:41:
81:e6:e3:dc:13:fa:33:3c:b0:fa:9d:43:ba:2b:d8:e2:4f:1c:
17:ec:1a:9b:84:19:cd:7a:96:ac:e6:83:8a:78:4c:b0:e9:fd:
82:73:3c:eb:ce:0c:6b:97:75:bd:48:7b:90:2f:52:6f:e9:38:
51:5d:8a:85:17:d0:04:a4:3a:38:28:e5:74:7d:07:a8:ed:b6:
b3:e5:6f:cc:1a:91:e1:9f:58:53:62:68:a4:b8:80:5c:8a:88:
55:3e:46:ae:39:37:dc:59:bb:be:cb:47:12:59:67:07:9e:cc:
04:45:80:6a:b4:e2:ba:08:47:82:c5:f7:44:58:49:4d:9b:bc:
33:4f:46:9d:af:c7:6a:5a:a3:4a:6a:0b:97:6c:8a:dc:fd:d4:
7a:a8:c3:c6:89:8d:9a:6a:37:a6:d6:cc:f9:e1:07:b0:ec:1c:
fb:67:77:7e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURvPqFElqxv+isRvUpcxeoyacm0YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDA4MTQwNzU2NDFaFw0yNTA4MTMwODAxNDFaMDMxMTAvBgNV
BAMTKDBCMTE5NUNDQzdBQkJBQTkyREQzNzE3Q0U5MTcyMDVEOTQzOUQxRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0KeFLkq/Kwocl+Qz0iNyUCxl4
Hv/rqjzuWR0/N+BWR6uyK0ub5CjHqBPMi1DlYiKn8nANnb63dwlF8gkUr6wbEr6J
L0QyYMSd+Dw8d4MLlKHdDcVjp4N5hGwaLXUDR0twdLS7cwQjn4HXWCPrfZvap9uo
TETzNYkrxjkZGCJCk804D5CIOxUrzsoX+vCcUnW/67lfdbGXkCN7c5/qOcCeH5bO
9dOYwPR+kvAqTBPMjupFRpr4HqG6tyMXe0ODXb4V/XD+pm9H/wmGUHuSTNg4I6hB
emrRIoqNQA06J79f28y827o2Pu9bfNm4zsV23uuNAKEPOF9c29YV/vvLhqU5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUCxGVzMeruqkt03F86RcgXZQ50eswHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzQzNTJlMzEzNDM3MmUzNzMy
MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzMDMzMzAzMjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
LZNIMA0GCSqGSIb3DQEBCwUAA4IBAQBxvXGTHScTbVvBAe/vU1j0ZUmQsHV9JaLh
kwV2OjcxiWDkMVXkMF8VPeBZw2YfJ6OyCu35/EY6sYdsqkCC9NcXKbU6VVF6G5Rj
pgV7RZE1hUucm1M3IeHevUGB5uPcE/ozPLD6nUO6K9jiTxwX7BqbhBnNepas5oOK
eEyw6f2Cczzrzgxrl3W9SHuQL1Jv6ThRXYqFF9AEpDo4KOV0fQeo7baz5W/MGpHh
n1hTYmikuIBciohVPkauOTfcWbu+y0cSWWcHnswERYBqtOK6CEeCxfdEWElNm7wz
T0adr8dqWqNKaguXbIrc/dR6qMPGiY2aajem1sz54Qew7Bz7Z3d+
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:27 2024 by rpki-client on console-ams.rpki-client.org