Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3135302e302f32332d3234203d3e20313532313739.roa
File: 34352e38392e3135302e302f32332d3234203d3e20313532313739.roa (raw, json)
Hash identifier: hd+a1khpY29A3GDYfNLzWao9yX3aCS4vUId7ZnXPCC4=
Subject key identifier: 23:8B:43:8D:56:99:3F:29:23:A9:EE:8F:1C:F9:4A:2A:43:9B:13:90
Certificate issuer: /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial: 5914BCEF1FA29B9177BB42450A3180D8B136643F
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3135302e302f32332d3234203d3e20313532313739.roa
Signing time: Tue 17 Jun 2025 14:54:10 +0000
ROA not before: Tue 17 Jun 2025 14:49:10 +0000
ROA not after: Tue 16 Jun 2026 14:54:10 +0000
asID: 152179
IP address blocks: 45.89.150.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 11:37:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:14:bc:ef:1f:a2:9b:91:77:bb:42:45:0a:31:80:d8:b1:36:64:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Validity
Not Before: Jun 17 14:49:10 2025 GMT
Not After : Jun 16 14:54:10 2026 GMT
Subject: CN=238B438D56993F2923A9EE8F1CF94A2A439B1390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:9a:02:2e:e2:3a:85:c9:71:48:11:c2:97:4b:
19:38:5d:b1:6a:13:d3:62:08:4c:37:16:fc:71:d8:
41:cd:34:93:ea:ae:5f:0b:92:ac:90:22:82:88:7e:
48:ff:5d:19:9b:b5:aa:54:38:59:cc:57:16:8d:be:
d6:41:97:5d:da:7e:94:4a:8b:4e:4a:a5:d2:1f:a4:
18:d5:11:a0:a6:5c:5f:7d:5a:bd:7b:31:1e:89:c1:
98:e9:75:0b:9d:6a:03:42:6b:d7:d3:18:5d:bb:3e:
bd:77:02:1b:af:7f:95:f4:22:01:13:a6:88:9c:0c:
0c:d1:91:98:90:3c:96:38:34:76:19:8e:42:a0:33:
c9:f2:0a:57:3c:d5:38:09:6b:93:27:de:9f:01:35:
e1:e3:00:ae:9a:b3:c6:e6:2b:e8:9f:28:74:a1:3c:
fa:38:8b:f2:fd:12:d6:e9:70:4d:a9:44:dd:85:fb:
3c:e9:cb:7a:31:16:4b:32:ec:de:31:8f:52:66:98:
5e:cc:52:15:6a:c7:e3:77:bf:18:9e:19:55:bc:ea:
23:33:a0:69:41:6b:c0:85:25:f9:38:f2:61:31:fe:
25:cf:4d:0d:f4:ca:65:7c:7a:a6:4e:12:aa:4c:e9:
d0:e2:80:fe:6f:e7:71:7c:81:13:97:08:b1:da:63:
84:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:8B:43:8D:56:99:3F:29:23:A9:EE:8F:1C:F9:4A:2A:43:9B:13:90
X509v3 Authority Key Identifier:
keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3135302e302f32332d3234203d3e20313532313739.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.150.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:7a:f9:36:af:f9:b3:17:ab:58:1b:d2:86:17:bb:24:5a:0f:
66:b0:03:71:fb:e8:37:14:20:12:c9:5a:97:e9:cc:f3:18:23:
5a:67:2c:b1:3f:cb:0b:50:9c:a0:8f:ec:bd:a1:b8:8a:8d:e8:
87:fb:b2:27:63:07:a9:28:40:1d:2d:d2:33:45:e9:c2:44:38:
36:b9:b8:0f:34:81:70:9d:20:0c:19:f6:55:52:fb:a4:5f:8e:
51:a9:28:eb:28:6f:43:dc:4d:c0:ba:7f:8c:66:cd:4d:55:98:
67:cb:79:83:70:06:0f:2b:04:fd:d4:5b:86:9a:22:d5:24:76:
cc:5a:15:a7:39:79:47:a8:35:c4:97:24:0a:93:7e:3c:e4:8f:
32:57:a4:28:9e:53:17:27:ba:c3:c0:ff:fa:1c:6c:31:68:6d:
6c:c1:f5:9a:c7:e0:08:8b:ad:41:8a:2e:50:d5:81:f4:0c:b7:
9d:33:fe:cb:e9:d8:e7:e9:57:21:50:7e:bc:89:76:39:82:9b:
ca:91:c8:d6:e9:2d:0f:df:b4:11:27:af:48:3b:9d:27:d0:86:
61:2a:e6:12:39:49:a4:cc:1b:a6:23:50:31:56:8d:5b:09:d8:
21:2b:69:ec:ab:c4:dd:1e:fc:7f:8c:0d:da:0b:be:b7:6c:85:
e4:d6:b7:3b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWRS87x+im5F3u0JFCjGA2LE2ZD8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yNTA2MTcxNDQ5MTBaFw0yNjA2MTYxNDU0MTBaMDMxMTAvBgNV
BAMTKDIzOEI0MzhENTY5OTNGMjkyM0E5RUU4RjFDRjk0QTJBNDM5QjEzOTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQmgIu4jqFyXFIEcKXSxk4XbFq
E9NiCEw3Fvxx2EHNNJPqrl8LkqyQIoKIfkj/XRmbtapUOFnMVxaNvtZBl13afpRK
i05KpdIfpBjVEaCmXF99Wr17MR6JwZjpdQudagNCa9fTGF27Pr13Ahuvf5X0IgET
poicDAzRkZiQPJY4NHYZjkKgM8nyClc81TgJa5Mn3p8BNeHjAK6as8bmK+ifKHSh
PPo4i/L9EtbpcE2pRN2F+zzpy3oxFksy7N4xj1JmmF7MUhVqx+N3vxieGVW86iMz
oGlBa8CFJfk48mEx/iXPTQ30ymV8eqZOEqpM6dDigP5v53F8gROXCLHaY4QFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUI4tDjVaZPykjqe6PHPlKKkObE5AwHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzQzNTJlMzgzOTJlMzEzNTMw
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzEzNTMyMzEzNzM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
LVmWMA0GCSqGSIb3DQEBCwUAA4IBAQAbevk2r/mzF6tYG9KGF7skWg9msANx++g3
FCASyVqX6czzGCNaZyyxP8sLUJygj+y9obiKjeiH+7InYwepKEAdLdIzRenCRDg2
ubgPNIFwnSAMGfZVUvukX45RqSjrKG9D3E3Aun+MZs1NVZhny3mDcAYPKwT91FuG
miLVJHbMWhWnOXlHqDXElyQKk3485I8yV6QonlMXJ7rDwP/6HGwxaG1swfWax+AI
i61Bii5Q1YH0DLedM/7L6djn6VchUH68iXY5gpvKkcjW6S0P37QRJ69IO50n0IZh
KuYSOUmkzBumI1AxVo1bCdghK2nsq8TdHvx/jA3aC763bIXk1rc7
-----END CERTIFICATE-----
Generated at Sat Aug 9 02:47:28 2025 by rpki-client