Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e38382e31302e302f32342d3234203d3e20383334.roa
File: 34352e38382e31302e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: NX11PMov/bsW5NFsuG0fCaSaVZzm/kSD66FKH2H6HqI=
Subject key identifier: 86:3A:F4:AF:11:92:53:44:49:DC:7E:31:C9:86:D4:06:67:2C:A4:FF
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 7010F5E6A451ABB2EE96788D2111947F2D7DD1F6
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e38382e31302e302f32342d3234203d3e20383334.roa
Signing time: Fri 13 Jun 2025 00:00:39 +0000
ROA not before: Thu 12 Jun 2025 23:55:39 +0000
ROA not after: Fri 12 Jun 2026 00:00:39 +0000
asID: 834
IP address blocks: 45.88.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 22:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:10:f5:e6:a4:51:ab:b2:ee:96:78:8d:21:11:94:7f:2d:7d:d1:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Jun 12 23:55:39 2025 GMT
Not After : Jun 12 00:00:39 2026 GMT
Subject: CN=863AF4AF1192534449DC7E31C986D406672CA4FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ea:6f:97:aa:dc:14:8c:74:78:c3:f9:8b:5f:
68:27:96:db:4c:3b:02:78:42:c8:35:51:90:c7:55:
d8:f3:af:f9:73:f8:43:4b:6e:80:c3:d2:ae:c6:df:
20:87:33:c8:4a:e4:e1:7f:da:fd:28:45:86:64:12:
62:d1:a8:58:16:3a:25:df:8a:5e:17:99:27:a8:7e:
f4:71:5b:66:75:4a:bb:dc:37:0d:86:be:52:e4:00:
9f:22:b2:d2:2f:cd:18:61:0b:cb:e4:a1:b7:1e:84:
c7:ac:25:a7:9b:5c:b6:06:e8:4c:c0:17:cd:9f:5c:
8f:e0:3a:fc:cc:7d:e2:94:e9:cf:08:dc:ac:a3:69:
37:23:1f:24:8b:65:7c:01:c6:93:ce:a9:1b:74:dd:
b5:91:98:ea:f7:4b:af:e7:a6:33:82:06:a7:bd:1e:
b3:a2:c2:92:e7:66:07:39:2e:2d:7d:68:3a:6c:26:
ee:59:70:19:38:68:e9:c8:15:23:25:a6:3a:78:01:
9d:9a:d9:60:f7:4c:3b:24:71:48:ea:44:ba:3e:5e:
0a:ee:a9:7d:d6:64:30:d5:b9:18:dd:bb:aa:fb:5c:
c2:39:cb:e9:42:1d:0a:43:47:8d:1b:1d:0a:55:1e:
12:3a:a6:0b:f5:4c:12:fc:d6:e4:52:bb:ea:bf:ec:
6b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:3A:F4:AF:11:92:53:44:49:DC:7E:31:C9:86:D4:06:67:2C:A4:FF
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e38382e31302e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.10.0/24
Signature Algorithm: sha256WithRSAEncryption
97:e6:ce:ea:7f:38:5d:cc:69:97:0c:91:6e:66:8c:5d:f2:88:
f9:ea:50:cc:77:08:ff:20:c0:52:72:95:d6:37:11:33:d0:28:
bc:cc:6f:4c:ce:63:53:62:f4:e5:cc:0a:a8:44:b5:0f:07:71:
59:b2:c1:7c:dc:95:de:41:76:ab:88:48:27:d5:8d:e8:28:e4:
00:1c:50:c8:35:1a:14:63:21:4b:09:d9:d6:5d:94:31:71:d8:
62:36:db:49:1e:91:8b:74:d7:59:36:89:e0:75:45:e0:27:14:
a5:a8:43:e5:46:8e:03:53:a2:21:33:45:10:07:c6:64:e2:b3:
2b:53:67:16:86:32:06:70:f3:b6:c1:db:05:d0:17:c7:db:01:
29:75:f9:bd:ac:68:39:0e:34:f3:05:0b:3b:b8:88:ce:e2:7b:
49:20:00:64:33:04:0a:48:a2:dd:ec:66:00:33:ef:49:b1:29:
e2:d9:fd:f7:0f:aa:78:39:df:f2:86:e0:b9:2e:5f:fa:7e:cd:
04:1a:73:a5:29:f8:81:97:74:c1:0f:5d:af:ff:9f:56:fc:3b:
fe:38:b2:97:2d:c0:b8:98:50:0d:af:b2:31:96:62:e5:06:d9:
de:03:cf:1f:e5:54:f3:21:65:ac:50:f7:8c:ee:e4:0b:d4:04:
30:7d:f0:e0
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUcBD15qRRq7LulniNIRGUfy190fYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNTA2MTIyMzU1MzlaFw0yNjA2MTIwMDAwMzlaMDMxMTAvBgNV
BAMTKDg2M0FGNEFGMTE5MjUzNDQ0OURDN0UzMUM5ODZENDA2NjcyQ0E0RkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQ6m+XqtwUjHR4w/mLX2gnlttM
OwJ4Qsg1UZDHVdjzr/lz+ENLboDD0q7G3yCHM8hK5OF/2v0oRYZkEmLRqFgWOiXf
il4XmSeofvRxW2Z1SrvcNw2GvlLkAJ8istIvzRhhC8vkobcehMesJaebXLYG6EzA
F82fXI/gOvzMfeKU6c8I3KyjaTcjHySLZXwBxpPOqRt03bWRmOr3S6/npjOCBqe9
HrOiwpLnZgc5Li19aDpsJu5ZcBk4aOnIFSMlpjp4AZ2a2WD3TDskcUjqRLo+Xgru
qX3WZDDVuRjdu6r7XMI5y+lCHQpDR40bHQpVHhI6pgv1TBL81uRSu+q/7GvrAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUhjr0rxGSU0RJ3H4xyYbUBmcspP8wHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzgzODJlMzEzMDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1YCjANBgkq
hkiG9w0BAQsFAAOCAQEAl+bO6n84XcxplwyRbmaMXfKI+epQzHcI/yDAUnKV1jcR
M9AovMxvTM5jU2L05cwKqES1DwdxWbLBfNyV3kF2q4hIJ9WN6CjkABxQyDUaFGMh
SwnZ1l2UMXHYYjbbSR6Ri3TXWTaJ4HVF4CcUpahD5UaOA1OiITNFEAfGZOKzK1Nn
FoYyBnDztsHbBdAXx9sBKXX5vaxoOQ408wULO7iIzuJ7SSAAZDMECkii3exmADPv
SbEp4tn99w+qeDnf8obguS5f+n7NBBpzpSn4gZd0wQ9dr/+fVvw7/jiyly3AuJhQ
Da+yMZZi5QbZ3gPPH+VU8yFlrFD3jO7kC9QEMH3w4A==
-----END CERTIFICATE-----
Generated at Sun Jun 15 07:45:26 2025 by rpki-client