Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3133322e3231392e302f32342d3234203d3e203536393133.roa
File: 34352e3133322e3231392e302f32342d3234203d3e203536393133.roa (raw, json)
Hash identifier: LgxsptwYXiKaAUBWPl2FzHApl9GRPHPCKLBon5Z4Y1I=
Subject key identifier: ED:14:7A:C0:C0:74:56:F7:14:DA:5D:A4:DF:99:04:E6:AF:00:A2:69
Certificate issuer: /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial: 378925303E47EFB93356D98A28CF3576A63BB5A7
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3133322e3231392e302f32342d3234203d3e203536393133.roa
Signing time: Wed 30 Jul 2025 13:54:13 +0000
ROA not before: Wed 30 Jul 2025 13:49:13 +0000
ROA not after: Wed 29 Jul 2026 13:54:13 +0000
asID: 56913
IP address blocks: 45.132.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 20:46:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:89:25:30:3e:47:ef:b9:33:56:d9:8a:28:cf:35:76:a6:3b:b5:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Validity
Not Before: Jul 30 13:49:13 2025 GMT
Not After : Jul 29 13:54:13 2026 GMT
Subject: CN=ED147AC0C07456F714DA5DA4DF9904E6AF00A269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6d:29:5a:19:28:01:82:41:ad:bb:59:71:9e:
fe:c1:57:5e:d6:a8:cd:ab:66:b4:61:cb:27:71:82:
75:e0:bf:f7:d3:02:37:b7:f4:e0:40:11:06:2a:6c:
44:4e:c1:e9:b0:e3:15:bc:ff:8d:3b:ee:7e:31:fd:
a3:0b:4f:a9:4a:b1:5b:97:52:8b:cd:d2:76:a8:77:
cf:54:35:1d:ad:a7:19:ca:e2:bb:0a:57:17:f7:3c:
86:f0:d7:93:93:3a:30:f3:63:3f:d9:b7:b6:b6:f4:
bb:a5:81:e1:b1:9b:42:0c:6d:3e:e4:01:73:d9:0d:
4e:b0:2d:9a:01:8a:4e:fc:fc:f3:e4:5e:37:75:6b:
8c:d8:aa:0d:68:c6:05:7e:e3:f0:4a:77:d8:4d:96:
3d:e9:a9:7e:1e:f8:c7:d9:14:e0:6c:de:01:71:82:
d1:9a:a5:cb:b5:df:68:48:48:f3:be:b4:2e:33:3d:
41:fc:27:2e:b1:10:29:b2:23:42:60:86:7f:45:7b:
8e:27:07:fc:18:d5:e3:db:62:54:48:b4:30:aa:c6:
3a:fa:1c:4a:d0:9b:66:f5:e9:25:22:5c:7f:ce:32:
9d:b6:e7:e2:5b:ac:93:95:39:fe:a0:d7:d4:af:f8:
f0:d7:b1:40:02:d7:db:ac:28:9e:5a:7c:89:22:48:
0a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:14:7A:C0:C0:74:56:F7:14:DA:5D:A4:DF:99:04:E6:AF:00:A2:69
X509v3 Authority Key Identifier:
keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3133322e3231392e302f32342d3234203d3e203536393133.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.219.0/24
Signature Algorithm: sha256WithRSAEncryption
26:6f:5a:0a:52:ba:e0:75:23:5c:ad:ad:6f:09:50:d1:38:17:
c3:29:0e:71:4f:8a:1e:81:89:de:72:e5:1c:51:15:7a:a6:63:
e2:fd:79:ba:3b:ec:24:17:a6:f6:1b:83:4a:59:a7:b9:1b:d7:
04:7f:77:62:1c:d4:19:d1:c7:1d:bb:4b:7d:64:ea:70:4e:22:
3c:72:75:8f:42:0c:a3:25:c5:7a:6b:35:59:5f:97:9e:d8:d8:
77:31:39:c5:5b:85:8a:0c:ca:8c:45:03:78:d5:b1:81:55:4d:
b5:5a:20:f7:bd:b6:c4:ca:f8:af:7a:4c:7e:be:b6:a0:82:f9:
92:1a:81:33:ed:24:36:a4:7d:46:4c:8f:e6:ff:eb:b5:34:d8:
b7:cb:05:d7:e3:c2:72:0a:46:30:15:21:02:3b:67:3c:a7:ab:
e4:01:e7:94:e0:b8:e0:8d:28:df:7e:c3:62:75:ad:38:7f:59:
68:4c:ed:0f:85:c0:5d:fa:d0:60:99:25:c7:27:b9:25:4c:96:
14:ca:0b:7d:38:8a:ab:ce:c3:fd:f2:2f:2b:3c:fd:92:2f:6b:
f2:26:5c:7c:c9:d9:1e:d4:cc:45:ba:43:30:63:8a:ef:df:7e:
1f:e0:c4:18:c9:c9:58:b9:39:00:31:84:87:f7:18:7c:79:b4:
1f:3a:a1:fd
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUN4klMD5H77kzVtmKKM81dqY7tacwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yNTA3MzAxMzQ5MTNaFw0yNjA3MjkxMzU0MTNaMDMxMTAvBgNV
BAMTKEVEMTQ3QUMwQzA3NDU2RjcxNERBNURBNERGOTkwNEU2QUYwMEEyNjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYbSlaGSgBgkGtu1lxnv7BV17W
qM2rZrRhyydxgnXgv/fTAje39OBAEQYqbEROwemw4xW8/4077n4x/aMLT6lKsVuX
UovN0naod89UNR2tpxnK4rsKVxf3PIbw15OTOjDzYz/Zt7a29LulgeGxm0IMbT7k
AXPZDU6wLZoBik78/PPkXjd1a4zYqg1oxgV+4/BKd9hNlj3pqX4e+MfZFOBs3gFx
gtGapcu132hISPO+tC4zPUH8Jy6xECmyI0Jghn9Fe44nB/wY1ePbYlRItDCqxjr6
HErQm2b16SUiXH/OMp225+JbrJOVOf6g19Sv+PDXsUAC19usKJ5afIkiSAoZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU7RR6wMB0VvcU2l2k35kE5q8AomkwHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzQzNTJlMzEzMzMyMmUzMjMx
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM2MzkzMTMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYTbMA0GCSqGSIb3DQEBCwUAA4IBAQAmb1oKUrrgdSNcra1vCVDROBfDKQ5xT4oe
gYnecuUcURV6pmPi/Xm6O+wkF6b2G4NKWae5G9cEf3diHNQZ0ccdu0t9ZOpwTiI8
cnWPQgyjJcV6azVZX5ee2Nh3MTnFW4WKDMqMRQN41bGBVU21WiD3vbbEyvivekx+
vraggvmSGoEz7SQ2pH1GTI/m/+u1NNi3ywXX48JyCkYwFSECO2c8p6vkAeeU4Ljg
jSjffsNida04f1loTO0PhcBd+tBgmSXHJ7klTJYUygt9OIqrzsP98i8rPP2SL2vy
Jlx8ydke1MxFukMwY4rv334f4MQYyclYuTkAMYSH9xh8ebQfOqH9
-----END CERTIFICATE-----
Generated at Thu Aug 7 05:09:39 2025 by rpki-client