Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e36362e3133392e302f32342d3234203d3e20313336373837.roa
File: 34352e36362e3133392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: bBdDUTdM+0BFWnd4t/U2PpEOzuUP7CKx1kPSdN7qj38=
Subject key identifier: 49:09:5E:54:0C:42:9E:FA:8A:D2:87:6F:D1:DA:C3:F1:A1:12:C8:0D
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 1C836400CB8DC45C0E5532A35BB5027522D49E4F
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e36362e3133392e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 13 Feb 2024 12:54:24 +0000
ROA not before: Tue 13 Feb 2024 12:49:24 +0000
ROA not after: Tue 11 Feb 2025 12:54:24 +0000
asID: 136787
IP address blocks: 45.66.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:83:64:00:cb:8d:c4:5c:0e:55:32:a3:5b:b5:02:75:22:d4:9e:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Feb 13 12:49:24 2024 GMT
Not After : Feb 11 12:54:24 2025 GMT
Subject: CN=49095E540C429EFA8AD2876FD1DAC3F1A112C80D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f2:a2:55:49:aa:5b:72:7b:a2:57:11:6a:b8:
ff:1b:d8:36:ec:2b:14:b6:dd:9e:1b:04:5a:a8:67:
aa:cf:4a:2a:e5:08:56:da:d7:f3:ef:16:93:45:51:
31:67:bd:09:28:87:97:27:21:00:35:16:ae:04:86:
42:79:ec:95:de:69:28:44:72:ae:c3:ec:78:ea:7c:
07:dd:89:ac:29:05:8b:af:17:cb:f4:5b:61:04:3f:
f5:3f:37:6d:fc:58:ab:2f:2f:46:a3:1a:88:d8:1b:
d9:89:f7:e8:17:9d:10:af:ba:59:78:77:b6:7d:87:
a1:42:68:10:55:69:38:bb:30:43:9b:c7:a3:43:5e:
8b:f5:74:c4:5b:17:b7:d5:5a:68:ce:30:fb:11:e0:
7a:00:81:29:fe:68:7f:18:5f:4e:e7:4f:6e:70:e4:
e0:12:5c:de:99:5a:3d:4c:60:5e:74:20:68:8d:57:
03:22:58:fb:84:47:2c:4f:d6:8b:fd:9a:b5:97:f8:
50:25:b5:8e:f4:c7:fa:88:45:24:23:af:19:ab:aa:
4a:ec:29:2c:22:f8:20:19:cc:5c:4c:0b:97:8a:a7:
8b:77:e7:94:ba:8e:88:04:ee:dd:f7:87:4f:16:3d:
f0:91:04:98:48:ea:8c:12:63:0f:41:d8:ce:1b:41:
9b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:09:5E:54:0C:42:9E:FA:8A:D2:87:6F:D1:DA:C3:F1:A1:12:C8:0D
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e36362e3133392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.139.0/24
Signature Algorithm: sha256WithRSAEncryption
45:7d:18:a0:2e:bf:5e:fc:78:62:0f:77:15:98:e5:a5:39:a5:
1f:bf:ae:b2:6f:02:6c:f5:50:be:fe:bd:63:ca:70:9a:42:a7:
13:23:4f:2d:04:74:4e:13:22:59:df:1d:83:86:b9:ad:f6:88:
5a:e0:98:0d:4a:c5:8d:ca:b8:62:ab:18:9e:cd:ee:11:e2:f7:
0f:c0:5a:8e:46:7d:bb:c6:e6:50:64:b5:5e:e9:2c:69:36:e9:
2d:82:d5:51:9c:89:2d:26:e2:f9:c6:b9:24:c5:2e:0c:55:e8:
4e:38:b6:77:02:97:c5:71:bd:8a:e4:97:d2:1d:1f:59:e0:f0:
7a:e6:2f:9a:30:b8:38:4c:97:33:aa:65:84:67:00:1d:bd:56:
2e:00:83:76:95:04:3d:9d:d4:0c:4e:fa:a7:77:81:ee:e2:c1:
74:26:df:5a:07:3f:2f:c6:93:72:b4:0c:09:80:16:53:00:49:
f8:46:8a:03:49:22:bc:53:ff:2b:99:16:b9:01:e0:11:8a:ec:
34:00:bd:9e:ce:c5:6e:72:ba:74:ab:30:db:de:4e:ea:4e:7d:
81:84:3e:d7:e1:88:69:23:bf:c2:0a:e3:69:7c:3f:06:50:f4:
a3:4f:38:77:85:31:13:f4:01:1f:cf:79:f2:ba:6d:2a:1e:10:
2a:be:03:53
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHINkAMuNxFwOVTKjW7UCdSLUnk8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDAyMTMxMjQ5MjRaFw0yNTAyMTExMjU0MjRaMDMxMTAvBgNV
BAMTKDQ5MDk1RTU0MEM0MjlFRkE4QUQyODc2RkQxREFDM0YxQTExMkM4MEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP8qJVSapbcnuiVxFquP8b2Dbs
KxS23Z4bBFqoZ6rPSirlCFba1/PvFpNFUTFnvQkoh5cnIQA1Fq4EhkJ57JXeaShE
cq7D7HjqfAfdiawpBYuvF8v0W2EEP/U/N238WKsvL0ajGojYG9mJ9+gXnRCvull4
d7Z9h6FCaBBVaTi7MEObx6NDXov1dMRbF7fVWmjOMPsR4HoAgSn+aH8YX07nT25w
5OASXN6ZWj1MYF50IGiNVwMiWPuERyxP1ov9mrWX+FAltY70x/qIRSQjrxmrqkrs
KSwi+CAZzFxMC5eKp4t355S6jogE7t33h08WPfCRBJhI6owSYw9B2M4bQZs7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUSQleVAxCnvqK0odv0drD8aESyA0wHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzQzNTJlMzYzNjJlMzEzMzM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LUKLMA0GCSqGSIb3DQEBCwUAA4IBAQBFfRigLr9e/HhiD3cVmOWlOaUfv66ybwJs
9VC+/r1jynCaQqcTI08tBHROEyJZ3x2Dhrmt9oha4JgNSsWNyrhiqxieze4R4vcP
wFqORn27xuZQZLVe6SxpNuktgtVRnIktJuL5xrkkxS4MVehOOLZ3ApfFcb2K5JfS
HR9Z4PB65i+aMLg4TJczqmWEZwAdvVYuAIN2lQQ9ndQMTvqnd4Hu4sF0Jt9aBz8v
xpNytAwJgBZTAEn4RooDSSK8U/8rmRa5AeARiuw0AL2ezsVucrp0qzDb3k7qTn2B
hD7X4YhpI7/CCuNpfD8GUPSjTzh3hTET9AEfz3nyum0qHhAqvgNT
-----END CERTIFICATE-----
Generated at Wed May 8 11:33:00 2024 by rpki-client on console-ams.rpki-client.org