Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231362e302f32342d3234203d3e20323132333834.roa
File: 34352e382e3231362e302f32342d3234203d3e20323132333834.roa (raw, json)
Hash identifier: A1j+LbNuBb8MeFvlQDvvVkVer3lHzQ8b3CPtY22jros=
Subject key identifier: 66:24:75:88:AA:DC:0A:7B:18:8C:DA:AB:1D:96:B2:76:40:5E:E6:68
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 3A9D9A28A9D79F8F8EFB2EDA112E3C88FA4E8262
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231362e302f32342d3234203d3e20323132333834.roa
Signing time: Fri 18 Apr 2025 08:18:28 +0000
ROA not before: Fri 18 Apr 2025 08:13:28 +0000
ROA not after: Fri 17 Apr 2026 08:18:28 +0000
asID: 212384
IP address blocks: 45.8.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 04:36:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:9d:9a:28:a9:d7:9f:8f:8e:fb:2e:da:11:2e:3c:88:fa:4e:82:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Apr 18 08:13:28 2025 GMT
Not After : Apr 17 08:18:28 2026 GMT
Subject: CN=66247588AADC0A7B188CDAAB1D96B276405EE668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e0:b5:bd:ec:b4:55:6d:90:c5:85:6a:d9:3a:
69:06:a8:a9:18:3d:9b:f5:12:60:92:f9:29:7e:5e:
09:06:cb:95:16:b1:cc:5e:c7:b8:5e:1d:87:a8:1f:
6b:25:dd:2d:f2:cf:30:5b:27:87:d7:7d:7b:96:5a:
36:2b:92:9d:0d:51:2e:d0:c5:66:99:c7:5e:8f:c7:
1b:f1:75:d4:81:e3:a8:d3:b1:78:d0:79:20:70:a4:
55:1b:62:4b:08:4d:be:ed:e1:9c:f1:26:5d:5c:ba:
10:e5:0e:6a:09:55:6a:a3:49:ee:0b:49:72:a4:c8:
38:4a:e0:bf:de:7c:8a:79:ad:c0:6a:83:50:da:27:
73:f6:ea:e3:6d:24:f1:5e:b9:b0:ff:6f:d5:47:16:
d2:79:85:9c:d6:bf:57:1e:e8:d9:1a:0d:a4:d2:20:
ba:6a:dd:97:ba:00:d6:17:f6:23:26:d4:97:4a:5e:
f9:e3:2d:f9:9b:0d:f3:55:81:e0:e1:e1:7f:51:38:
48:94:77:f5:34:6b:84:37:17:19:aa:cd:e7:aa:51:
a0:50:c5:52:36:b7:d5:c2:23:65:5e:c0:0b:ac:8f:
0c:54:50:67:d3:58:b4:a3:18:48:38:0b:05:01:61:
7b:d0:ae:d7:c6:d3:e0:96:ee:be:06:c5:2c:c0:12:
a7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:24:75:88:AA:DC:0A:7B:18:8C:DA:AB:1D:96:B2:76:40:5E:E6:68
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231362e302f32342d3234203d3e20323132333834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.216.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:d8:aa:94:c3:37:0b:56:11:54:bf:5d:74:96:0e:35:18:79:
53:3f:a2:90:d0:b0:fc:8a:b2:5e:0b:a2:bf:72:28:ff:b3:7a:
9c:b1:2d:24:05:68:8e:ad:dc:32:80:c5:fd:89:0a:65:9f:a1:
d5:9b:3a:f5:a0:d8:ac:41:8b:2d:d4:cf:86:6e:81:02:5e:f8:
3a:5a:09:60:bc:63:d1:36:bd:7e:47:0d:d5:f9:29:35:03:5b:
dc:06:b9:bf:25:0b:8a:2d:04:9a:6b:0b:2f:ac:4a:ed:45:d0:
af:db:49:89:28:68:59:fd:7e:fd:44:ba:f4:f2:4a:f1:d2:a4:
e5:a6:18:74:0c:a6:35:26:11:4c:8c:c5:93:48:a7:d3:50:e3:
47:08:d9:72:ef:da:ed:81:ea:a2:82:d8:ce:21:1f:c5:a6:c7:
de:7f:9f:af:cb:da:4b:75:f8:4f:ff:0a:6f:5a:2f:82:51:56:
27:6e:f5:36:94:1e:56:fe:11:7d:c0:3e:7a:50:1f:e3:d1:3f:
28:52:08:75:fb:37:6c:41:cc:ce:89:01:86:ae:4c:a5:24:a3:
22:1f:41:b4:7f:bd:f5:b9:7e:54:77:82:d8:be:5a:af:16:f5:
2a:19:21:fd:a0:20:39:e2:63:af:85:ef:61:f0:86:e1:f8:94:
56:fb:1a:4d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUOp2aKKnXn4+O+y7aES48iPpOgmIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTA0MTgwODEzMjhaFw0yNjA0MTcwODE4MjhaMDMxMTAvBgNV
BAMTKDY2MjQ3NTg4QUFEQzBBN0IxODhDREFBQjFEOTZCMjc2NDA1RUU2NjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCb4LW97LRVbZDFhWrZOmkGqKkY
PZv1EmCS+Sl+XgkGy5UWscxex7heHYeoH2sl3S3yzzBbJ4fXfXuWWjYrkp0NUS7Q
xWaZx16PxxvxddSB46jTsXjQeSBwpFUbYksITb7t4ZzxJl1cuhDlDmoJVWqjSe4L
SXKkyDhK4L/efIp5rcBqg1DaJ3P26uNtJPFeubD/b9VHFtJ5hZzWv1ce6NkaDaTS
ILpq3Ze6ANYX9iMm1JdKXvnjLfmbDfNVgeDh4X9ROEiUd/U0a4Q3FxmqzeeqUaBQ
xVI2t9XCI2VewAusjwxUUGfTWLSjGEg4CwUBYXvQrtfG0+CW7r4GxSzAEqdPAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUZiR1iKrcCnsYjNqrHZaydkBe5mgwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzgyZTMyMzEzNjJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMzMzgzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0I
2DANBgkqhkiG9w0BAQsFAAOCAQEAqNiqlMM3C1YRVL9ddJYONRh5Uz+ikNCw/Iqy
Xguiv3Io/7N6nLEtJAVojq3cMoDF/YkKZZ+h1Zs69aDYrEGLLdTPhm6BAl74OloJ
YLxj0Ta9fkcN1fkpNQNb3Aa5vyULii0EmmsLL6xK7UXQr9tJiShoWf1+/US69PJK
8dKk5aYYdAymNSYRTIzFk0in01DjRwjZcu/a7YHqooLYziEfxabH3n+fr8vaS3X4
T/8Kb1ovglFWJ271NpQeVv4RfcA+elAf49E/KFIIdfs3bEHMzokBhq5MpSSjIh9B
tH+99bl+VHeC2L5arxb1Khkh/aAgOeJjr4XvYfCG4fiUVvsaTQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:57:24 2025 by rpki-client