Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3134302e33372e302f32342d3234203d3e20323638363234.roa
File: 34352e3134302e33372e302f32342d3234203d3e20323638363234.roa (raw, json)
Hash identifier: FqBzJG7QyS5rhAL6kP0DnaUbBW+1O9qvi1K+fqN47FU=
Subject key identifier: EE:BF:67:74:77:90:49:50:E4:BA:77:30:16:D3:D0:1C:95:EE:EB:50
Certificate issuer: /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial: 1FFA720A166AAAB7DC587709849A8DA99B2246A2
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3134302e33372e302f32342d3234203d3e20323638363234.roa
Signing time: Wed 23 Apr 2025 17:11:50 +0000
ROA not before: Wed 23 Apr 2025 17:06:50 +0000
ROA not after: Wed 22 Apr 2026 17:11:50 +0000
asID: 268624
IP address blocks: 45.140.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 11:25:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:fa:72:0a:16:6a:aa:b7:dc:58:77:09:84:9a:8d:a9:9b:22:46:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Validity
Not Before: Apr 23 17:06:50 2025 GMT
Not After : Apr 22 17:11:50 2026 GMT
Subject: CN=EEBF677477904950E4BA773016D3D01C95EEEB50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bb:30:70:bd:e4:59:92:2a:12:95:ba:1a:58:
a2:86:c8:1e:64:e7:98:fa:97:a2:9d:6e:76:45:c8:
a8:25:de:7e:fd:c5:86:5a:14:84:f8:a0:2a:65:61:
60:7d:f7:08:16:6f:ee:fd:6c:af:c8:c9:8d:25:ee:
40:9d:92:c7:bd:a2:d6:6a:79:72:49:c6:21:25:f8:
9c:28:4a:da:95:5d:c4:f4:e4:85:d6:3b:d9:80:f8:
61:4d:92:e7:36:d2:a5:14:7a:f1:eb:1d:54:7e:1d:
c3:c0:e5:67:bc:2d:a1:bb:3c:ce:db:9a:4f:34:4d:
25:db:4b:7c:56:89:02:1f:65:51:f9:60:b2:74:3c:
0f:70:42:c8:04:f1:38:8f:85:3a:0b:4d:14:f4:c5:
b8:2d:6b:4c:30:ca:c8:8a:05:43:9c:24:08:88:ee:
d5:98:f7:e2:e8:88:41:2f:7f:e1:7d:24:29:73:d5:
d3:67:82:af:70:0f:56:05:ad:45:60:73:2d:f7:e1:
f6:ee:31:5f:94:d6:b8:14:d5:84:72:5d:0e:8d:2d:
b6:5e:81:7e:0e:b7:67:75:2f:a3:48:fa:2e:7c:6c:
0c:c9:91:15:43:ac:fe:38:1c:a6:72:64:0b:10:b5:
16:62:c7:a1:84:e8:3f:d6:bf:ee:b1:53:79:fd:e8:
0f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:BF:67:74:77:90:49:50:E4:BA:77:30:16:D3:D0:1C:95:EE:EB:50
X509v3 Authority Key Identifier:
keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3134302e33372e302f32342d3234203d3e20323638363234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.37.0/24
Signature Algorithm: sha256WithRSAEncryption
21:c6:8c:2f:cd:24:1a:d0:7c:bb:a6:92:2e:ea:24:a8:d8:d1:
5f:d0:26:a4:2c:3e:77:7b:37:c2:be:2e:db:86:41:5b:ed:a9:
7f:52:1b:1b:9d:1a:fc:fc:df:f9:0f:02:0c:80:12:0b:e4:67:
55:0c:95:9d:95:ff:0e:b2:e9:3f:4e:49:42:52:57:26:23:b3:
14:0f:a0:24:9c:7d:5c:05:33:9a:51:c4:f4:6f:3a:e2:10:6c:
e0:08:77:53:f4:96:20:c5:c5:8e:07:90:4f:9e:03:d5:ec:8e:
e1:d7:1d:96:85:98:88:13:95:38:1e:66:42:c9:0f:d9:30:69:
d9:23:7c:ce:ff:cf:ec:53:e4:f4:c1:9f:1f:b1:ce:81:c9:b6:
e7:8c:28:93:db:0c:5f:f0:81:5e:55:13:60:11:75:f3:1f:9b:
66:b5:52:88:12:01:f3:2a:ae:a9:81:64:8b:d9:98:a9:45:81:
74:48:5e:61:df:53:2a:4d:df:aa:77:57:5e:7e:d5:c7:08:04:
db:95:d9:80:85:9a:51:90:a9:7b:09:72:ff:f8:0b:20:4f:7f:
8b:ca:29:81:d9:20:35:a2:18:86:3a:d0:7f:41:45:38:bb:d0:
c2:9c:bd:d7:92:39:ce:af:df:26:e8:e7:15:60:2d:e9:aa:9d:
c5:66:cb:0f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUH/pyChZqqrfcWHcJhJqNqZsiRqIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yNTA0MjMxNzA2NTBaFw0yNjA0MjIxNzExNTBaMDMxMTAvBgNV
BAMTKEVFQkY2Nzc0Nzc5MDQ5NTBFNEJBNzczMDE2RDNEMDFDOTVFRUVCNTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9uzBwveRZkioSlboaWKKGyB5k
55j6l6KdbnZFyKgl3n79xYZaFIT4oCplYWB99wgWb+79bK/IyY0l7kCdkse9otZq
eXJJxiEl+JwoStqVXcT05IXWO9mA+GFNkuc20qUUevHrHVR+HcPA5We8LaG7PM7b
mk80TSXbS3xWiQIfZVH5YLJ0PA9wQsgE8TiPhToLTRT0xbgta0wwysiKBUOcJAiI
7tWY9+LoiEEvf+F9JClz1dNngq9wD1YFrUVgcy334fbuMV+U1rgU1YRyXQ6NLbZe
gX4Ot2d1L6NI+i58bAzJkRVDrP44HKZyZAsQtRZix6GE6D/Wv+6xU3n96A8nAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU7r9ndHeQSVDkuncwFtPQHJXu61AwHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzQzNTJlMzEzNDMwMmUzMzM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM4MzYzMjM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYwlMA0GCSqGSIb3DQEBCwUAA4IBAQAhxowvzSQa0Hy7ppIu6iSo2NFf0CakLD53
ezfCvi7bhkFb7al/UhsbnRr8/N/5DwIMgBIL5GdVDJWdlf8Osuk/TklCUlcmI7MU
D6AknH1cBTOaUcT0bzriEGzgCHdT9JYgxcWOB5BPngPV7I7h1x2WhZiIE5U4HmZC
yQ/ZMGnZI3zO/8/sU+T0wZ8fsc6BybbnjCiT2wxf8IFeVRNgEXXzH5tmtVKIEgHz
Kq6pgWSL2ZipRYF0SF5h31MqTd+qd1deftXHCATbldmAhZpRkKl7CXL/+AsgT3+L
yimB2SA1ohiGOtB/QUU4u9DCnL3XkjnOr98m6OcVYC3pqp3FZssP
-----END CERTIFICATE-----
Generated at Mon Apr 28 03:13:22 2025 by rpki-client