Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e36362e3133362e302f32342d3234203d3e20313336373837.roa
File: 34352e36362e3133362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: JYs5b6Pg7xbiF8VP73aHFa8i3hjXCKs4m1mEJUsh4Zc=
Subject key identifier: 93:68:0D:F3:43:40:E8:32:54:46:46:32:CD:E7:50:CB:5C:D3:DF:6F
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 4A3BCD1BF907A3891796B2425A5072F1BC8F3D91
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e36362e3133362e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 13 Feb 2024 12:54:20 +0000
ROA not before: Tue 13 Feb 2024 12:49:20 +0000
ROA not after: Tue 11 Feb 2025 12:54:20 +0000
asID: 136787
IP address blocks: 45.66.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:3b:cd:1b:f9:07:a3:89:17:96:b2:42:5a:50:72:f1:bc:8f:3d:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Feb 13 12:49:20 2024 GMT
Not After : Feb 11 12:54:20 2025 GMT
Subject: CN=93680DF34340E83254464632CDE750CB5CD3DF6F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:7c:b7:f6:e9:e4:ed:78:4d:d1:28:b4:e8:28:
1d:37:1b:40:02:b7:17:9a:a1:16:07:85:f9:44:7f:
1f:4c:6b:a2:fe:36:be:6f:d2:ad:96:16:87:d0:ee:
f5:9c:b5:ec:b4:25:8f:52:63:9f:ab:f2:3f:43:01:
53:32:6b:22:ed:16:aa:1b:a2:94:46:c6:88:8c:f8:
30:81:d9:08:af:2f:71:68:b2:53:db:96:2c:5b:aa:
35:ff:5f:8f:fc:59:64:ca:d4:ae:61:f2:f8:11:a1:
c3:b9:14:00:be:ef:e8:c4:71:b3:e1:6f:11:06:c3:
7f:1e:d5:8a:1f:86:1a:21:d2:02:a5:36:13:05:7e:
f6:f2:d2:31:a4:4d:33:f9:58:af:92:e1:7c:26:2f:
87:b3:e0:4b:d3:52:43:73:07:bc:a9:97:26:e6:9b:
e0:14:9d:77:ef:86:dd:ea:ca:29:b4:f7:f4:87:47:
4b:d6:f2:7c:80:d9:82:c7:30:20:af:29:21:f3:0a:
b1:1b:7a:cf:f0:9d:a7:9b:3f:96:99:50:8d:fc:b6:
e7:16:37:c5:7e:00:4a:8e:2f:00:f6:9d:cb:fb:1c:
da:3f:db:5d:c6:ef:74:34:63:84:d3:92:4a:35:73:
61:26:8f:b2:01:e5:91:5a:90:af:0c:f4:7a:dd:ea:
eb:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:68:0D:F3:43:40:E8:32:54:46:46:32:CD:E7:50:CB:5C:D3:DF:6F
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e36362e3133362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.136.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:02:14:94:ea:fa:4c:2c:d5:de:cd:70:5e:cb:15:7d:4c:e0:
ee:7b:e2:60:62:71:cc:31:7c:af:0f:df:24:e2:19:aa:eb:d3:
3f:02:0c:98:b1:c5:2d:6f:fd:34:a8:3b:ac:d6:28:5f:7b:5e:
68:8b:2a:99:3a:cd:77:79:79:f4:e3:27:90:44:d6:25:59:08:
c6:fc:1d:fd:83:f5:6c:60:8f:c1:59:37:b1:49:1f:1d:9a:30:
61:28:da:44:93:5f:33:02:52:23:31:b2:40:4b:15:2b:ad:cc:
5b:d4:b4:25:76:82:85:47:ed:86:52:5e:ae:9e:8e:b6:0b:9e:
c9:19:8a:23:f0:1c:76:e5:9f:17:22:5f:df:43:62:f4:8b:99:
cf:87:d0:06:bb:af:aa:4c:d1:38:1e:61:9f:f7:63:24:3f:21:
51:cb:a0:06:e3:be:e7:89:42:ef:3d:ea:6b:64:d1:62:18:cd:
48:a2:ed:91:6d:5e:4d:7a:fa:e7:9b:33:a1:b8:7c:68:16:0c:
44:18:4b:51:d6:cc:8f:54:5d:ca:3c:2e:13:94:5d:6b:c4:97:
fc:50:d6:67:c8:fc:a2:b0:a2:99:e9:a5:f7:28:30:a2:b7:79:
65:fd:18:8d:9e:24:5b:e2:7e:51:03:0f:f7:e7:28:23:ea:76:
df:75:fd:4d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSjvNG/kHo4kXlrJCWlBy8byPPZEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDAyMTMxMjQ5MjBaFw0yNTAyMTExMjU0MjBaMDMxMTAvBgNV
BAMTKDkzNjgwREYzNDM0MEU4MzI1NDQ2NDYzMkNERTc1MENCNUNEM0RGNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5fLf26eTteE3RKLToKB03G0AC
txeaoRYHhflEfx9Ma6L+Nr5v0q2WFofQ7vWctey0JY9SY5+r8j9DAVMyayLtFqob
opRGxoiM+DCB2QivL3FoslPblixbqjX/X4/8WWTK1K5h8vgRocO5FAC+7+jEcbPh
bxEGw38e1Yofhhoh0gKlNhMFfvby0jGkTTP5WK+S4XwmL4ez4EvTUkNzB7yplybm
m+AUnXfvht3qyim09/SHR0vW8nyA2YLHMCCvKSHzCrEbes/wnaebP5aZUI38tucW
N8V+AEqOLwD2ncv7HNo/213G73Q0Y4TTkko1c2Emj7IB5ZFakK8M9Hrd6usFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUk2gN80NA6DJURkYyzedQy1zT328wHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzQzNTJlMzYzNjJlMzEzMzM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LUKIMA0GCSqGSIb3DQEBCwUAA4IBAQAaAhSU6vpMLNXezXBeyxV9TODue+JgYnHM
MXyvD98k4hmq69M/AgyYscUtb/00qDus1ihfe15oiyqZOs13eXn04yeQRNYlWQjG
/B39g/VsYI/BWTexSR8dmjBhKNpEk18zAlIjMbJASxUrrcxb1LQldoKFR+2GUl6u
no62C57JGYoj8Bx25Z8XIl/fQ2L0i5nPh9AGu6+qTNE4HmGf92MkPyFRy6AG477n
iULvPeprZNFiGM1Iou2RbV5NevrnmzOhuHxoFgxEGEtR1syPVF3KPC4TlF1rxJf8
UNZnyPyisKKZ6aX3KDCit3ll/RiNniRb4n5RAw/35ygj6nbfdf1N
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org