Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3134302e33392e302f32342d3234203d3e20323132333834.roa
File: 34352e3134302e33392e302f32342d3234203d3e20323132333834.roa (raw, json)
Hash identifier: L7EHGwvWSSXWjiN+ge5rSBcePeV6DFnXvflhKIMhGIM=
Subject key identifier: 08:7A:A7:72:FB:04:35:CE:D4:26:2A:A9:9E:D2:E9:FA:30:38:03:03
Certificate issuer: /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial: 2E1CFA1523C79EC738C5F0A08B6A9B886156E6BB
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3134302e33392e302f32342d3234203d3e20323132333834.roa
Signing time: Thu 17 Apr 2025 09:54:01 +0000
ROA not before: Thu 17 Apr 2025 09:49:01 +0000
ROA not after: Thu 16 Apr 2026 09:54:01 +0000
asID: 212384
IP address blocks: 45.140.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 17:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:1c:fa:15:23:c7:9e:c7:38:c5:f0:a0:8b:6a:9b:88:61:56:e6:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Validity
Not Before: Apr 17 09:49:01 2025 GMT
Not After : Apr 16 09:54:01 2026 GMT
Subject: CN=087AA772FB0435CED4262AA99ED2E9FA30380303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:03:33:57:67:f1:fa:5e:ea:a3:8f:df:e1:ac:
8a:f0:ce:67:99:79:6d:28:08:48:d4:0b:8f:a2:5b:
6e:b1:6b:5e:a7:af:77:c0:5f:92:17:00:d9:cd:14:
41:4b:e6:ae:cd:14:08:bb:08:f4:f3:41:ab:6a:16:
e2:ad:ea:ef:53:0b:da:51:ce:42:d8:46:f7:dd:67:
8b:42:90:14:1d:92:c2:8a:0a:3f:32:1c:92:67:7e:
78:09:d8:a4:53:a8:2a:fd:c7:83:37:be:cd:ff:51:
40:21:17:42:15:83:aa:ed:44:bf:d8:2f:ca:02:3b:
09:28:2e:e2:b5:ae:bc:83:77:a1:96:04:e7:1f:1e:
6f:51:7d:a7:06:3f:61:62:87:1f:09:cf:d7:f4:78:
fd:74:c5:14:3b:d3:2b:9e:08:93:58:95:e2:ac:be:
04:05:fe:e0:8d:8d:2d:ef:d2:83:73:22:f7:c2:a6:
1f:ce:36:91:f0:b5:d0:c9:89:5a:e7:6b:5d:44:44:
a6:ed:e1:4d:cf:6e:50:43:f6:02:bd:f3:ec:02:9d:
2b:2f:96:4b:e8:25:29:f3:d6:59:27:a8:c0:43:c3:
f2:d1:45:72:e6:20:ed:55:be:c1:31:15:70:fe:6f:
eb:25:b7:e2:9c:32:dd:84:72:93:0f:2e:42:dc:a8:
00:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:7A:A7:72:FB:04:35:CE:D4:26:2A:A9:9E:D2:E9:FA:30:38:03:03
X509v3 Authority Key Identifier:
keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3134302e33392e302f32342d3234203d3e20323132333834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.39.0/24
Signature Algorithm: sha256WithRSAEncryption
38:4e:b8:1f:60:8d:55:30:f5:94:f0:f8:e8:c1:dc:72:29:02:
d5:6a:f0:e8:12:3c:4f:b5:96:f6:19:cf:65:0b:50:7c:bf:ab:
a4:93:db:09:48:a4:17:7a:1a:ce:f9:41:ca:c1:20:25:3c:b8:
3e:b1:00:4d:82:9f:32:eb:20:3c:2e:53:f4:60:56:e5:f3:3f:
fc:9e:14:11:38:40:c4:47:aa:22:3c:fc:9c:24:27:69:68:e0:
95:8d:c8:0a:e1:39:44:0b:7c:f1:1b:be:7f:17:9d:e4:95:85:
3f:ed:42:f9:b9:b4:50:18:a5:e3:a9:78:aa:76:03:e0:c1:ab:
b9:81:a6:3a:87:20:07:fa:96:5d:ac:02:46:11:02:6d:99:0a:
61:64:d6:c6:25:78:c7:de:0b:f7:74:35:16:10:11:5f:a7:b1:
5d:e0:d5:bc:9f:8a:ab:41:b2:41:bd:e6:00:94:36:a5:42:63:
83:c3:75:12:1b:13:47:d2:fa:7b:1f:c1:bf:38:8c:bb:c7:db:
43:2b:27:7c:78:12:58:cb:44:4e:e1:f0:88:b9:9b:f5:9c:79:
b4:72:4b:64:72:c3:70:3c:bc:7d:80:b9:96:ff:87:35:73:81:
0a:4f:6f:59:d6:18:ce:ea:b7:ff:3d:fd:f0:b7:2d:7e:f3:a7:
b0:1e:71:ec
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULhz6FSPHnsc4xfCgi2qbiGFW5rswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yNTA0MTcwOTQ5MDFaFw0yNjA0MTYwOTU0MDFaMDMxMTAvBgNV
BAMTKDA4N0FBNzcyRkIwNDM1Q0VENDI2MkFBOTlFRDJFOUZBMzAzODAzMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnAzNXZ/H6Xuqjj9/hrIrwzmeZ
eW0oCEjUC4+iW26xa16nr3fAX5IXANnNFEFL5q7NFAi7CPTzQatqFuKt6u9TC9pR
zkLYRvfdZ4tCkBQdksKKCj8yHJJnfngJ2KRTqCr9x4M3vs3/UUAhF0IVg6rtRL/Y
L8oCOwkoLuK1rryDd6GWBOcfHm9RfacGP2Fihx8Jz9f0eP10xRQ70yueCJNYleKs
vgQF/uCNjS3v0oNzIvfCph/ONpHwtdDJiVrna11ERKbt4U3PblBD9gK98+wCnSsv
lkvoJSnz1lknqMBDw/LRRXLmIO1VvsExFXD+b+slt+KcMt2EcpMPLkLcqAA5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUCHqncvsENc7UJiqpntLp+jA4AwMwHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzQzNTJlMzEzNDMwMmUzMzM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzMzODM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYwnMA0GCSqGSIb3DQEBCwUAA4IBAQA4TrgfYI1VMPWU8PjowdxyKQLVavDoEjxP
tZb2Gc9lC1B8v6ukk9sJSKQXehrO+UHKwSAlPLg+sQBNgp8y6yA8LlP0YFbl8z/8
nhQROEDER6oiPPycJCdpaOCVjcgK4TlEC3zxG75/F53klYU/7UL5ubRQGKXjqXiq
dgPgwau5gaY6hyAH+pZdrAJGEQJtmQphZNbGJXjH3gv3dDUWEBFfp7Fd4NW8n4qr
QbJBveYAlDalQmODw3USGxNH0vp7H8G/OIy7x9tDKyd8eBJYy0RO4fCIuZv1nHm0
cktkcsNwPLx9gLmW/4c1c4EKT29Z1hjO6rf/Pf3wty1+86ewHnHs
-----END CERTIFICATE-----
Generated at Sat Apr 26 23:02:08 2025 by rpki-client