Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3133322e3231362e302f32342d3234203d3e203437353835.roa
File: 34352e3133322e3231362e302f32342d3234203d3e203437353835.roa (raw, json)
Hash identifier: zXX5KIzUPLMpoL5WZ5dxh/5Elb9YEKqPzGlTC3maexc=
Subject key identifier: 4B:67:84:4F:71:D4:4C:6C:6B:99:3B:B3:99:6D:A7:DF:28:E0:A9:00
Certificate issuer: /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial: 2B85BC120E780A19716739EB36F5D3E387565D4C
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3133322e3231362e302f32342d3234203d3e203437353835.roa
Signing time: Sat 19 Apr 2025 22:59:22 +0000
ROA not before: Sat 19 Apr 2025 22:54:22 +0000
ROA not after: Sat 18 Apr 2026 22:59:22 +0000
asID: 47585
IP address blocks: 45.132.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 19:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:85:bc:12:0e:78:0a:19:71:67:39:eb:36:f5:d3:e3:87:56:5d:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Validity
Not Before: Apr 19 22:54:22 2025 GMT
Not After : Apr 18 22:59:22 2026 GMT
Subject: CN=4B67844F71D44C6C6B993BB3996DA7DF28E0A900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a2:c8:cb:07:f6:6f:94:6c:c6:20:ff:12:33:
b2:cc:70:ae:d9:10:b0:98:32:17:b5:5f:7f:8d:ad:
f6:a1:22:85:b8:de:9a:1c:bd:d4:b7:74:a7:59:20:
9d:2e:15:17:c6:30:b8:29:4c:38:ee:3b:32:ca:3e:
21:47:52:2c:47:36:2c:04:ae:3c:36:1c:6d:fb:e0:
a7:dd:62:0a:19:10:b8:cc:c2:e5:a7:bd:ee:15:ab:
24:09:18:1e:3c:d7:4b:d9:5f:25:05:e5:73:74:b5:
be:0c:13:e1:af:18:bd:6c:df:0a:5d:1b:6e:db:32:
9d:b0:08:2f:a7:13:45:02:e4:9e:ad:df:ea:ed:84:
b8:2d:13:e8:90:09:e6:1e:f0:87:a4:3f:64:fb:5d:
90:b5:8a:d2:e7:68:98:5f:c3:d9:2a:ea:76:eb:fa:
47:51:fc:b2:1d:dc:0c:b0:23:ec:66:e4:55:45:00:
b6:9d:85:e1:c7:74:c4:58:f4:51:9f:51:4e:ea:d5:
4d:1d:27:fd:e8:de:f7:24:4c:6f:38:31:ef:11:d9:
ed:14:81:ee:e1:30:c5:37:2a:78:88:cf:2b:42:18:
8d:60:1e:19:88:f5:98:a9:f7:46:be:d8:21:b2:3b:
73:15:89:be:5d:67:28:5c:e8:9b:c0:f0:2c:2c:67:
fb:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:67:84:4F:71:D4:4C:6C:6B:99:3B:B3:99:6D:A7:DF:28:E0:A9:00
X509v3 Authority Key Identifier:
keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3133322e3231362e302f32342d3234203d3e203437353835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.216.0/24
Signature Algorithm: sha256WithRSAEncryption
18:bb:25:69:49:f5:02:55:f2:02:ae:6b:8a:c4:00:e2:a9:56:
44:40:50:00:72:17:d7:91:70:6e:a2:d8:33:74:1c:86:55:aa:
a6:f8:b2:bd:a4:74:81:41:b8:c2:ac:de:03:e6:44:5f:89:6b:
b7:b6:5d:51:f2:18:79:f3:58:47:7b:ac:31:64:73:3f:ee:72:
22:44:67:25:5c:4e:96:7a:ea:63:af:31:f5:56:0e:10:1a:36:
bc:4d:dd:9c:ed:90:c8:81:e5:ef:b7:a2:3f:c1:32:20:d2:83:
5e:89:ab:f9:4f:c7:2e:ee:8b:f1:29:c7:15:52:b8:44:0e:70:
75:98:76:11:3a:a8:13:b0:c5:cd:8d:12:f8:8b:ec:64:28:b1:
d4:6f:ac:b1:8c:5f:cb:6c:bf:4d:6c:2f:f5:3e:c1:e1:7f:26:
1b:15:4b:14:22:1c:59:89:0b:54:9a:97:58:d8:7f:d8:f5:4e:
d9:2d:8f:86:e3:19:67:8f:fe:87:94:bd:ab:d9:ed:c8:63:31:
c9:d0:15:4f:35:27:2c:07:af:58:4d:c6:16:0f:d2:94:f3:3e:
26:74:d4:80:57:3a:66:4e:cc:2f:c0:35:fa:89:c0:75:44:3f:
7e:05:2a:2f:51:73:35:13:69:c0:0f:4f:43:74:75:42:3c:1e:
24:c8:db:e4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUK4W8Eg54ChlxZznrNvXT44dWXUwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yNTA0MTkyMjU0MjJaFw0yNjA0MTgyMjU5MjJaMDMxMTAvBgNV
BAMTKDRCNjc4NDRGNzFENDRDNkM2Qjk5M0JCMzk5NkRBN0RGMjhFMEE5MDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvosjLB/ZvlGzGIP8SM7LMcK7Z
ELCYMhe1X3+NrfahIoW43pocvdS3dKdZIJ0uFRfGMLgpTDjuOzLKPiFHUixHNiwE
rjw2HG374KfdYgoZELjMwuWnve4VqyQJGB4810vZXyUF5XN0tb4ME+GvGL1s3wpd
G27bMp2wCC+nE0UC5J6t3+rthLgtE+iQCeYe8IekP2T7XZC1itLnaJhfw9kq6nbr
+kdR/LId3AywI+xm5FVFALadheHHdMRY9FGfUU7q1U0dJ/3o3vckTG84Me8R2e0U
ge7hMMU3KniIzytCGI1gHhmI9Zip90a+2CGyO3MVib5dZyhc6JvA8CwsZ/vTAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUS2eET3HUTGxrmTuzmW2n3yjgqQAwHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzQzNTJlMzEzMzMyMmUzMjMx
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM3MzUzODM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYTYMA0GCSqGSIb3DQEBCwUAA4IBAQAYuyVpSfUCVfICrmuKxADiqVZEQFAAchfX
kXBuotgzdByGVaqm+LK9pHSBQbjCrN4D5kRfiWu3tl1R8hh581hHe6wxZHM/7nIi
RGclXE6WeupjrzH1Vg4QGja8Td2c7ZDIgeXvt6I/wTIg0oNeiav5T8cu7ovxKccV
UrhEDnB1mHYROqgTsMXNjRL4i+xkKLHUb6yxjF/LbL9NbC/1PsHhfyYbFUsUIhxZ
iQtUmpdY2H/Y9U7ZLY+G4xlnj/6HlL2r2e3IYzHJ0BVPNScsB69YTcYWD9KU8z4m
dNSAVzpmTswvwDX6icB1RD9+BSovUXM1E2nAD09DdHVCPB4kyNvk
-----END CERTIFICATE-----
Generated at Sun Apr 27 04:06:38 2025 by rpki-client