Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3135302e302f32342d3234203d3e20333937333733.roa
File: 34352e36362e3135302e302f32342d3234203d3e20333937333733.roa (raw, json)
Hash identifier: 5DUJVA+pSWGfl0obwZfoWi9lZoQLdECnA4H9VJT+xbw=
Subject key identifier: CC:A9:61:A8:44:D7:46:D2:54:63:FC:CE:8A:51:B4:FC:BF:C8:0A:C6
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 4C8029ACCF4F9FCE4DA972F9B7494FB3075BE5A2
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3135302e302f32342d3234203d3e20333937333733.roa
Signing time: Thu 08 May 2025 16:54:07 +0000
ROA not before: Thu 08 May 2025 16:49:07 +0000
ROA not after: Thu 07 May 2026 16:54:07 +0000
asID: 397373
IP address blocks: 45.66.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 15:24:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:80:29:ac:cf:4f:9f:ce:4d:a9:72:f9:b7:49:4f:b3:07:5b:e5:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: May 8 16:49:07 2025 GMT
Not After : May 7 16:54:07 2026 GMT
Subject: CN=CCA961A844D746D25463FCCE8A51B4FCBFC80AC6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8b:10:13:86:e5:1c:ac:e2:48:70:d3:3c:e1:
65:c2:36:77:1b:97:1e:80:ad:13:5c:c9:ac:45:a7:
9c:86:86:c2:5a:3d:0c:e8:ba:c7:45:40:1f:3d:61:
51:d1:36:85:63:d4:f9:3f:fa:2d:23:75:da:40:eb:
63:c3:29:4b:37:3f:43:91:1e:47:c2:96:ce:c7:a3:
0b:18:b7:8e:40:6c:cc:15:39:8a:64:7f:2a:fe:6d:
13:9e:d6:29:dd:ab:de:fd:87:0a:cb:8d:36:85:c0:
e5:d5:4a:ef:bd:8d:1f:78:d3:fa:ad:ea:90:fa:a8:
7d:5b:e9:22:eb:f6:f9:62:b8:d5:8c:b4:37:13:a1:
e0:36:ca:6b:95:b1:db:bd:28:0b:ee:82:8c:f5:81:
a8:e6:74:ab:25:ed:a7:92:56:90:44:ce:b5:02:56:
41:d4:0a:d8:e0:2a:2a:ab:a5:76:4f:ed:9b:6b:0e:
1f:c6:2a:2b:9d:39:f8:ee:c4:77:c8:64:82:14:63:
c1:66:f8:8d:1f:b3:37:fb:8e:80:09:6a:e7:3e:2a:
ff:98:af:1e:ab:a0:df:24:88:ba:62:be:bb:ec:b6:
80:f2:bb:e4:52:c5:6c:a3:b1:70:93:52:5c:cc:59:
7c:03:d6:97:30:01:39:e0:c1:e2:0c:14:9d:7a:31:
3f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:A9:61:A8:44:D7:46:D2:54:63:FC:CE:8A:51:B4:FC:BF:C8:0A:C6
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3135302e302f32342d3234203d3e20333937333733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.150.0/24
Signature Algorithm: sha256WithRSAEncryption
25:59:0d:6f:1d:4a:ad:c2:5e:a8:eb:d1:84:91:9b:b8:56:a6:
69:e2:67:fe:5c:76:a4:d8:3f:b8:73:fa:48:9e:3f:df:45:d2:
02:0c:8d:77:f9:2d:aa:61:07:6e:eb:dc:37:0b:96:ce:c2:e1:
5e:d8:2c:01:a2:16:ec:6e:d4:0d:e2:cf:d7:89:65:4a:14:1c:
86:cf:45:38:7f:34:ba:b7:16:8d:e2:18:d1:ae:a8:a6:3f:cc:
e1:05:a1:f0:0e:c4:58:d0:90:cb:a8:8a:29:78:4f:c9:0e:29:
75:41:29:fc:91:19:4d:36:32:e2:8e:98:5a:ac:de:d7:3d:88:
f1:7a:63:2c:90:d8:7d:dc:e1:a8:32:7b:31:eb:fa:f4:70:3e:
a3:a4:af:a6:29:96:7d:8c:e0:76:96:99:c3:9d:f0:06:d9:12:
eb:af:ae:34:b6:c3:ab:4b:a8:f3:55:77:92:dc:21:a1:f7:bb:
1c:1b:0b:43:6a:3c:07:78:ca:7f:6a:90:82:10:fe:6a:65:ef:
36:34:1e:1e:d8:6d:6e:66:6a:6f:69:20:68:44:dc:d3:85:6b:
07:55:fe:4c:50:e2:a5:2e:7f:5d:b4:eb:50:35:c1:10:5e:e8:
81:bb:fe:31:84:1d:f0:d1:a2:b9:92:0b:34:67:da:09:09:ca:
7e:ba:93:d1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTIAprM9Pn85NqXL5t0lPswdb5aIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTA1MDgxNjQ5MDdaFw0yNjA1MDcxNjU0MDdaMDMxMTAvBgNV
BAMTKENDQTk2MUE4NDRENzQ2RDI1NDYzRkNDRThBNTFCNEZDQkZDODBBQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9ixAThuUcrOJIcNM84WXCNncb
lx6ArRNcyaxFp5yGhsJaPQzousdFQB89YVHRNoVj1Pk/+i0jddpA62PDKUs3P0OR
HkfCls7HowsYt45AbMwVOYpkfyr+bROe1indq979hwrLjTaFwOXVSu+9jR940/qt
6pD6qH1b6SLr9vliuNWMtDcToeA2ymuVsdu9KAvugoz1gajmdKsl7aeSVpBEzrUC
VkHUCtjgKiqrpXZP7ZtrDh/GKiudOfjuxHfIZIIUY8Fm+I0fszf7joAJauc+Kv+Y
rx6roN8kiLpivrvstoDyu+RSxWyjsXCTUlzMWXwD1pcwATngweIMFJ16MT9dAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUzKlhqETXRtJUY/zOilG0/L/ICsYwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzQzNTJlMzYzNjJlMzEzNTMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzOTM3MzMzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LUKWMA0GCSqGSIb3DQEBCwUAA4IBAQAlWQ1vHUqtwl6o69GEkZu4VqZp4mf+XHak
2D+4c/pInj/fRdICDI13+S2qYQdu69w3C5bOwuFe2CwBohbsbtQN4s/XiWVKFByG
z0U4fzS6txaN4hjRrqimP8zhBaHwDsRY0JDLqIopeE/JDil1QSn8kRlNNjLijpha
rN7XPYjxemMskNh93OGoMnsx6/r0cD6jpK+mKZZ9jOB2lpnDnfAG2RLrr640tsOr
S6jzVXeS3CGh97scGwtDajwHeMp/apCCEP5qZe82NB4e2G1uZmpvaSBoRNzThWsH
Vf5MUOKlLn9dtOtQNcEQXuiBu/4xhB3w0aK5kgs0Z9oJCcp+upPR
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:02:30 2025 by rpki-client