Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3135302e302f32332d3234203d3e20313338393937.roa
File: 34352e38392e3135302e302f32332d3234203d3e20313338393937.roa (raw, json)
Hash identifier: smn3sboQyoA3CPmf3JjoxNaRPhD1ofeV3o7i3x5m8hU=
Subject key identifier: C5:FD:0C:21:81:36:D5:26:CE:02:B5:05:FC:FE:22:06:32:66:D6:E4
Certificate issuer: /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial: 1E704C4D1DA5B220AF02C3261FD954CE34FE416B
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3135302e302f32332d3234203d3e20313338393937.roa
Signing time: Tue 17 Jun 2025 14:54:09 +0000
ROA not before: Tue 17 Jun 2025 14:49:09 +0000
ROA not after: Tue 16 Jun 2026 14:54:09 +0000
asID: 138997
IP address blocks: 45.89.150.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Jun 2025 16:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:70:4c:4d:1d:a5:b2:20:af:02:c3:26:1f:d9:54:ce:34:fe:41:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Validity
Not Before: Jun 17 14:49:09 2025 GMT
Not After : Jun 16 14:54:09 2026 GMT
Subject: CN=C5FD0C218136D526CE02B505FCFE22063266D6E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:70:5e:62:09:f5:bb:5b:5d:92:6b:d8:c7:c1:
48:ed:23:00:4d:49:da:bf:74:25:cf:3e:28:3a:7d:
c8:e0:a7:2f:52:98:fa:1b:2d:06:48:fe:3c:dd:ca:
75:b6:f2:e8:40:18:ac:29:27:77:6c:33:70:f6:b5:
a0:e4:40:00:2f:07:29:0c:ec:7e:f6:f8:71:32:3d:
94:1a:88:79:63:c3:3d:f0:83:f3:d2:61:78:6b:28:
a8:05:48:43:94:94:d2:bb:01:c8:50:32:18:fc:d8:
eb:73:35:ac:5b:fd:a5:38:e3:06:72:0e:cb:f5:52:
03:35:3d:e3:25:0d:ec:17:1f:23:9d:ed:53:fd:f0:
8c:5f:c2:45:7f:9e:8c:2c:2a:23:1e:41:c3:70:6a:
3e:ec:dc:4e:b2:fb:f7:20:8a:54:83:d4:c5:7c:05:
06:a0:f2:1b:e6:6e:a0:66:00:6d:62:f4:8f:f2:ea:
84:11:67:93:3a:e8:6f:f2:b0:e9:a9:5e:28:e7:17:
56:fe:8b:71:51:41:36:73:b5:d1:1c:0f:a1:fb:43:
dd:3d:93:21:c6:27:49:eb:f4:c3:e0:c6:ba:94:ef:
9c:bb:f7:98:03:d8:b7:3c:a7:df:b7:51:f7:c6:b8:
ca:c2:21:08:97:62:5d:59:07:35:54:85:3e:a6:40:
e1:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:FD:0C:21:81:36:D5:26:CE:02:B5:05:FC:FE:22:06:32:66:D6:E4
X509v3 Authority Key Identifier:
keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3135302e302f32332d3234203d3e20313338393937.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.150.0/23
Signature Algorithm: sha256WithRSAEncryption
55:b0:01:b3:7e:13:ce:b9:dd:37:1a:d1:d8:ff:5c:31:4b:03:
75:7c:b8:01:6e:5e:63:5b:51:12:1d:a0:2b:74:de:75:a6:85:
fa:b5:cb:78:ca:8e:b2:0f:1a:f3:8e:9a:2f:f3:8f:e3:b9:6f:
a8:02:e4:68:c1:66:6e:47:09:0a:e5:51:bd:64:8c:1f:a2:ff:
21:12:5e:7b:98:aa:95:c2:41:1d:82:0c:50:35:ac:ee:3b:ae:
c6:68:ed:73:ac:8a:81:21:7f:0e:85:29:4e:2b:cd:f7:be:6d:
c1:d3:d9:2c:9b:48:9b:25:f6:d3:20:88:42:53:03:5e:07:83:
10:ac:e1:c8:7c:00:20:97:f6:9c:a9:ea:70:28:26:01:0a:fa:
d1:39:78:a9:96:06:87:47:18:85:3a:32:23:41:4d:13:8b:5f:
42:3d:63:19:d8:55:c1:75:e1:98:8e:28:74:bf:ba:3a:94:d6:
fe:3d:74:0b:8d:69:9f:80:2a:f0:a8:4f:10:95:05:8f:3a:fb:
0c:f6:38:39:48:23:0d:5a:7f:80:58:5f:c7:a6:c3:82:c2:10:
e5:7f:56:24:3b:a0:60:5a:80:a6:bd:f0:aa:0c:cd:9f:e4:a8:
7e:15:32:a8:f3:bd:9f:94:94:70:72:4f:2e:14:ce:a7:e7:76:
40:32:2c:dc
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHnBMTR2lsiCvAsMmH9lUzjT+QWswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yNTA2MTcxNDQ5MDlaFw0yNjA2MTYxNDU0MDlaMDMxMTAvBgNV
BAMTKEM1RkQwQzIxODEzNkQ1MjZDRTAyQjUwNUZDRkUyMjA2MzI2NkQ2RTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCcF5iCfW7W12Sa9jHwUjtIwBN
Sdq/dCXPPig6fcjgpy9SmPobLQZI/jzdynW28uhAGKwpJ3dsM3D2taDkQAAvBykM
7H72+HEyPZQaiHljwz3wg/PSYXhrKKgFSEOUlNK7AchQMhj82OtzNaxb/aU44wZy
Dsv1UgM1PeMlDewXHyOd7VP98IxfwkV/nowsKiMeQcNwaj7s3E6y+/cgilSD1MV8
BQag8hvmbqBmAG1i9I/y6oQRZ5M66G/ysOmpXijnF1b+i3FRQTZztdEcD6H7Q909
kyHGJ0nr9MPgxrqU75y795gD2Lc8p9+3UffGuMrCIQiXYl1ZBzVUhT6mQOG/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUxf0MIYE21SbOArUF/P4iBjJm1uQwHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzQzNTJlMzgzOTJlMzEzNTMw
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzEzMzM4MzkzOTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
LVmWMA0GCSqGSIb3DQEBCwUAA4IBAQBVsAGzfhPOud03GtHY/1wxSwN1fLgBbl5j
W1ESHaArdN51poX6tct4yo6yDxrzjpov84/juW+oAuRowWZuRwkK5VG9ZIwfov8h
El57mKqVwkEdggxQNazuO67GaO1zrIqBIX8OhSlOK833vm3B09ksm0ibJfbTIIhC
UwNeB4MQrOHIfAAgl/acqepwKCYBCvrROXiplgaHRxiFOjIjQU0Ti19CPWMZ2FXB
deGYjih0v7o6lNb+PXQLjWmfgCrwqE8QlQWPOvsM9jg5SCMNWn+AWF/HpsOCwhDl
f1YkO6BgWoCmvfCqDM2f5Kh+FTKo872flJRwck8uFM6n53ZAMizc
-----END CERTIFICATE-----
Generated at Wed Jun 18 05:15:50 2025 by rpki-client