Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3135302e302f32332d3234203d3e20323130353432.roa
File: 34352e38392e3135302e302f32332d3234203d3e20323130353432.roa (raw, json)
Hash identifier: Ymdbnf0H8VIDp2h5OwlBLkLPkpG++nC20m+3X7rdp/E=
Subject key identifier: 0C:31:6C:57:BA:48:94:5C:0C:B6:19:90:5A:AE:8B:A3:8C:51:36:3D
Certificate issuer: /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial: 495265758713B1E4AB8D8AACB60389514F86234C
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3135302e302f32332d3234203d3e20323130353432.roa
Signing time: Tue 17 Jun 2025 14:54:09 +0000
ROA not before: Tue 17 Jun 2025 14:49:09 +0000
ROA not after: Tue 16 Jun 2026 14:54:09 +0000
asID: 210542
IP address blocks: 45.89.150.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Jun 2025 16:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:52:65:75:87:13:b1:e4:ab:8d:8a:ac:b6:03:89:51:4f:86:23:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Validity
Not Before: Jun 17 14:49:09 2025 GMT
Not After : Jun 16 14:54:09 2026 GMT
Subject: CN=0C316C57BA48945C0CB619905AAE8BA38C51363D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:65:e7:5a:96:d7:3c:a9:ae:8b:3b:b0:c7:6d:
6c:9a:9f:c7:41:30:70:90:9e:9f:a0:70:a1:0d:f6:
45:5e:1b:9f:fc:0b:f0:da:2e:44:35:f3:c9:79:dc:
58:26:bd:aa:9e:b5:24:2e:ea:cb:94:1a:0c:99:20:
04:65:33:60:95:c7:de:b0:58:d4:59:1c:57:59:6e:
39:46:28:49:8d:6b:61:10:4f:3d:6e:dc:0e:20:75:
a9:f2:c6:71:03:34:c4:3a:57:f8:a6:25:2f:fc:32:
74:4e:87:86:9b:5a:be:a2:51:6d:52:83:31:13:24:
75:ff:79:8d:e5:bc:ef:97:53:a1:ee:69:26:42:4c:
3b:38:87:9b:3f:2a:31:03:ec:b1:38:c3:25:95:be:
8c:26:f3:19:33:4d:30:58:94:fe:65:24:44:19:1d:
7e:f4:17:c8:14:de:f5:b2:d1:45:67:d9:6d:89:d1:
27:64:ad:34:e3:9c:52:9b:27:42:e3:48:d0:f3:08:
88:62:a8:e0:e3:73:3b:2c:18:22:30:f0:da:bf:f2:
73:13:4e:11:ad:a4:b7:ca:51:bd:bf:22:c7:42:ca:
f4:3b:34:b8:c4:41:b1:88:1a:96:d1:8c:28:e1:94:
a6:cb:79:c4:7b:d5:ad:e8:7f:ce:66:66:d3:f0:47:
8f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:31:6C:57:BA:48:94:5C:0C:B6:19:90:5A:AE:8B:A3:8C:51:36:3D
X509v3 Authority Key Identifier:
keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3135302e302f32332d3234203d3e20323130353432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.150.0/23
Signature Algorithm: sha256WithRSAEncryption
54:56:98:b3:72:aa:24:b4:a4:4d:d6:41:d9:9e:17:9a:98:c3:
22:ef:b1:1c:1d:21:e7:06:1e:05:ab:a4:e4:d8:a9:2d:2c:2c:
47:d9:aa:78:59:b6:a6:bb:a8:15:7b:61:f7:be:f1:22:6e:69:
68:c3:25:c2:18:7a:c6:9e:a1:da:cb:8c:db:bf:f5:87:dc:b8:
60:54:85:82:45:c0:9d:c1:64:8c:bf:f4:e0:01:92:56:68:e2:
6b:f6:13:19:4a:3f:8a:fb:34:14:08:8d:c4:04:f5:46:d5:eb:
d9:04:31:1d:1d:be:77:61:84:47:4f:30:00:09:6a:4e:72:45:
d4:10:a0:8c:dd:2d:e3:82:3f:52:42:40:bb:a5:7b:eb:e1:92:
3b:0b:e3:57:54:d1:e6:ec:2b:66:e5:fd:07:55:e5:c3:43:09:
35:01:ea:6d:c6:3d:a8:88:1e:e5:a3:c1:78:de:a9:ec:1d:46:
b1:45:0f:30:6d:bc:a2:03:7d:c4:8f:f3:f6:09:c4:b6:bb:17:
e1:f1:ec:67:3b:b4:87:6a:ba:9b:98:59:ae:35:67:7f:c5:23:
31:62:85:9f:62:bb:52:6f:51:b3:d8:9d:3b:14:31:20:9c:5f:
20:2c:9e:ba:f8:a4:14:8d:08:22:7c:c0:d5:d4:5b:ac:b5:c0:
14:47:aa:1a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSVJldYcTseSrjYqstgOJUU+GI0wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yNTA2MTcxNDQ5MDlaFw0yNjA2MTYxNDU0MDlaMDMxMTAvBgNV
BAMTKDBDMzE2QzU3QkE0ODk0NUMwQ0I2MTk5MDVBQUU4QkEzOEM1MTM2M0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8Zedaltc8qa6LO7DHbWyan8dB
MHCQnp+gcKEN9kVeG5/8C/DaLkQ188l53FgmvaqetSQu6suUGgyZIARlM2CVx96w
WNRZHFdZbjlGKEmNa2EQTz1u3A4gdanyxnEDNMQ6V/imJS/8MnROh4abWr6iUW1S
gzETJHX/eY3lvO+XU6HuaSZCTDs4h5s/KjED7LE4wyWVvowm8xkzTTBYlP5lJEQZ
HX70F8gU3vWy0UVn2W2J0SdkrTTjnFKbJ0LjSNDzCIhiqODjczssGCIw8Nq/8nMT
ThGtpLfKUb2/IsdCyvQ7NLjEQbGIGpbRjCjhlKbLecR71a3of85mZtPwR49NAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUDDFsV7pIlFwMthmQWq6Lo4xRNj0wHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzQzNTJlMzgzOTJlMzEzNTMw
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzMTMwMzUzNDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
LVmWMA0GCSqGSIb3DQEBCwUAA4IBAQBUVpizcqoktKRN1kHZnheamMMi77EcHSHn
Bh4Fq6Tk2KktLCxH2ap4Wbamu6gVe2H3vvEibmlowyXCGHrGnqHay4zbv/WH3Lhg
VIWCRcCdwWSMv/TgAZJWaOJr9hMZSj+K+zQUCI3EBPVG1evZBDEdHb53YYRHTzAA
CWpOckXUEKCM3S3jgj9SQkC7pXvr4ZI7C+NXVNHm7Ctm5f0HVeXDQwk1Aeptxj2o
iB7lo8F43qnsHUaxRQ8wbbyiA33Ej/P2CcS2uxfh8exnO7SHarqbmFmuNWd/xSMx
YoWfYrtSb1Gz2J07FDEgnF8gLJ66+KQUjQgifMDV1FustcAUR6oa
-----END CERTIFICATE-----
Generated at Wed Jun 18 08:27:06 2025 by rpki-client