Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e36362e3133382e302f32342d3234203d3e20313336373837.roa
File: 34352e36362e3133382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: xRkhyM4C/on6GHnG9HTnWhZOw3ucyAIYgoIzXVmp29g=
Subject key identifier: 80:9E:F3:B6:AC:66:65:AC:09:9B:14:E5:8C:E6:85:22:99:90:0C:CD
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 6CBAE7DA8A69D2438684F2EE55D0C88C82A56C88
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e36362e3133382e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 13 Feb 2024 12:54:23 +0000
ROA not before: Tue 13 Feb 2024 12:49:23 +0000
ROA not after: Tue 11 Feb 2025 12:54:23 +0000
asID: 136787
IP address blocks: 45.66.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:ba:e7:da:8a:69:d2:43:86:84:f2:ee:55:d0:c8:8c:82:a5:6c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Feb 13 12:49:23 2024 GMT
Not After : Feb 11 12:54:23 2025 GMT
Subject: CN=809EF3B6AC6665AC099B14E58CE6852299900CCD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:30:31:e6:cf:7f:fc:0f:c2:11:9c:d8:0e:b3:
6b:71:3a:23:92:b3:c3:20:63:24:ea:37:8e:67:23:
e1:95:d4:a2:8b:ca:8c:7a:af:67:84:48:1a:f7:9a:
59:5a:b8:7c:f5:1d:7b:d4:e7:16:04:3c:1a:45:88:
c8:cc:b5:c8:00:eb:0e:b1:9b:15:83:3d:12:92:1f:
48:fe:35:6d:f3:f0:ba:5a:ae:15:de:5d:3f:e8:b7:
bc:4a:e0:51:fc:34:15:54:31:1f:c3:cc:2e:7a:c1:
68:49:b4:99:5d:83:7e:a1:3e:ce:cd:a0:05:11:cb:
1e:d4:cb:78:7f:50:dd:f2:6e:94:42:ef:99:e9:73:
43:d1:87:bc:fe:a1:8b:29:8e:66:31:5e:21:d6:59:
b0:21:95:11:09:fc:b7:fb:f4:83:8c:e0:9c:55:eb:
ec:cb:ef:33:c3:22:e8:e5:7e:13:a5:f9:57:70:cd:
e2:42:e1:56:41:b5:39:c7:64:35:ac:2a:05:1b:17:
36:18:12:84:25:1d:a8:d4:a1:d0:d9:50:a8:1e:fb:
42:e1:73:58:73:6c:0a:9a:dd:02:9e:64:2e:a1:cb:
78:a0:07:7a:c2:85:5c:d3:af:2c:82:a4:25:a8:d6:
13:9a:5e:15:0e:f7:5b:06:54:4b:0a:2d:7d:24:86:
52:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:9E:F3:B6:AC:66:65:AC:09:9B:14:E5:8C:E6:85:22:99:90:0C:CD
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e36362e3133382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.138.0/24
Signature Algorithm: sha256WithRSAEncryption
70:f3:17:75:f0:2a:71:6a:03:b4:ca:e7:da:ba:95:41:56:9e:
4a:43:de:9d:a7:80:8c:89:b8:fc:b5:4c:a2:d2:3e:d5:b6:a9:
2b:0b:d3:ec:bf:35:f7:d1:a6:8c:c7:f5:31:09:a3:cb:7b:c5:
82:c4:d1:08:7f:a1:5d:71:4c:18:2a:fd:46:5c:cc:f0:9a:4f:
35:65:a2:d5:08:85:18:4a:14:28:ce:5e:9c:9d:87:03:21:bc:
c6:5f:76:84:dd:8c:7e:d0:52:ff:15:f9:99:04:1d:0e:4a:7a:
ce:bd:27:df:16:1d:9c:96:6e:6f:89:9e:ea:da:6e:87:76:c3:
da:d1:1b:75:4d:a1:05:22:56:29:57:8e:22:88:34:96:b6:44:
df:83:9f:2c:ee:83:a0:ee:32:54:c9:1a:5f:cd:ee:ba:96:3c:
90:43:9e:47:65:4b:1d:0d:90:0e:f7:0f:8e:ac:9d:f0:62:6f:
6e:a4:3e:fe:c9:a4:3b:eb:ec:77:ef:54:fc:1b:5d:00:f2:4c:
10:eb:8c:5c:55:51:88:e4:d2:a2:0f:dc:8b:25:f3:9f:cd:bc:
39:b4:60:08:90:c1:c5:a4:b5:5e:12:34:b1:59:a9:58:d7:1a:
d8:b1:30:af:69:e7:78:7d:4f:98:47:93:85:55:d3:e1:64:20:
8c:bb:02:ae
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbLrn2opp0kOGhPLuVdDIjIKlbIgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDAyMTMxMjQ5MjNaFw0yNTAyMTExMjU0MjNaMDMxMTAvBgNV
BAMTKDgwOUVGM0I2QUM2NjY1QUMwOTlCMTRFNThDRTY4NTIyOTk5MDBDQ0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3MDHmz3/8D8IRnNgOs2txOiOS
s8MgYyTqN45nI+GV1KKLyox6r2eESBr3mllauHz1HXvU5xYEPBpFiMjMtcgA6w6x
mxWDPRKSH0j+NW3z8LparhXeXT/ot7xK4FH8NBVUMR/DzC56wWhJtJldg36hPs7N
oAURyx7Uy3h/UN3ybpRC75npc0PRh7z+oYspjmYxXiHWWbAhlREJ/Lf79IOM4JxV
6+zL7zPDIujlfhOl+VdwzeJC4VZBtTnHZDWsKgUbFzYYEoQlHajUodDZUKge+0Lh
c1hzbAqa3QKeZC6hy3igB3rChVzTryyCpCWo1hOaXhUO91sGVEsKLX0khlIxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUgJ7ztqxmZawJmxTljOaFIpmQDM0wHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzQzNTJlMzYzNjJlMzEzMzM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LUKKMA0GCSqGSIb3DQEBCwUAA4IBAQBw8xd18CpxagO0yufaupVBVp5KQ96dp4CM
ibj8tUyi0j7VtqkrC9PsvzX30aaMx/UxCaPLe8WCxNEIf6FdcUwYKv1GXMzwmk81
ZaLVCIUYShQozl6cnYcDIbzGX3aE3Yx+0FL/FfmZBB0OSnrOvSffFh2clm5viZ7q
2m6HdsPa0Rt1TaEFIlYpV44iiDSWtkTfg58s7oOg7jJUyRpfze66ljyQQ55HZUsd
DZAO9w+OrJ3wYm9upD7+yaQ76+x371T8G10A8kwQ64xcVVGI5NKiD9yLJfOfzbw5
tGAIkMHFpLVeEjSxWalY1xrYsTCvaed4fU+YR5OFVdPhZCCMuwKu
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:55 2024 by rpki-client on console-ams.rpki-client.org