Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39392e302f32342d3234203d3e20323030303137.roa
File: 34352e3133322e39392e302f32342d3234203d3e20323030303137.roa (raw, json)
Hash identifier: 1e6KGKJ5HwO24hcbCuLCEbl9bSZRGHbgSZb9IcX6KlU=
Subject key identifier: 53:94:E7:B8:38:02:48:54:68:CC:99:D9:04:4C:2D:49:3B:6F:56:6C
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 0859ACB3C6D0EB41537CD51E85513A0B350B6CD3
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39392e302f32342d3234203d3e20323030303137.roa
Signing time: Thu 12 Jun 2025 13:32:51 +0000
ROA not before: Thu 12 Jun 2025 13:27:51 +0000
ROA not after: Thu 11 Jun 2026 13:32:51 +0000
asID: 200017
IP address blocks: 45.132.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:59:ac:b3:c6:d0:eb:41:53:7c:d5:1e:85:51:3a:0b:35:0b:6c:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Jun 12 13:27:51 2025 GMT
Not After : Jun 11 13:32:51 2026 GMT
Subject: CN=5394E7B83802485468CC99D9044C2D493B6F566C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:68:20:19:7a:92:95:87:bb:82:ca:a4:30:63:
ac:8e:5c:37:fb:56:c8:f2:4f:88:34:47:03:d4:73:
cd:f3:17:5e:bf:ac:1c:e1:40:78:00:b3:3a:4a:f7:
41:29:1f:6e:65:6f:cd:64:1f:4b:43:88:d2:44:64:
6f:96:e5:bc:2b:b0:b8:ce:8d:5e:55:c4:0b:4a:a2:
57:8b:c6:f0:28:6c:37:f5:9e:97:8f:ae:97:d7:44:
5d:b2:cc:4a:21:39:5b:6a:1c:bd:23:33:45:f9:f2:
98:b5:74:62:e1:87:60:02:c5:b3:10:40:a3:20:1d:
0b:a8:21:fd:90:2e:38:43:fe:4c:31:25:bb:be:e3:
7e:f0:7a:7e:10:0a:eb:98:6e:4d:fd:ad:fe:6e:3c:
d8:a4:52:8a:77:8e:df:f3:9f:c9:22:92:05:68:3a:
bc:8d:98:0e:1e:9a:57:cf:24:ea:30:60:53:c4:9c:
0b:90:7a:82:e0:0e:4c:b5:a7:80:ea:91:94:05:46:
e4:86:c4:31:1a:12:20:9e:7b:0d:74:63:6a:9a:9b:
be:bf:96:8f:13:09:dc:c7:09:f3:27:b5:78:6f:6d:
b7:34:db:95:d5:aa:95:75:6a:2a:e4:24:96:d6:55:
ee:9c:0c:0a:f3:2c:90:1b:cf:11:72:eb:fc:1b:2f:
97:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:94:E7:B8:38:02:48:54:68:CC:99:D9:04:4C:2D:49:3B:6F:56:6C
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39392e302f32342d3234203d3e20323030303137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.99.0/24
Signature Algorithm: sha256WithRSAEncryption
43:94:78:2f:41:dd:27:57:92:94:33:ad:82:c6:d6:93:f8:67:
28:65:0f:e8:f9:db:91:5f:93:64:d3:b6:5f:0a:c9:9e:a9:dd:
e3:7c:e2:67:0a:c6:66:cd:39:99:3e:89:15:66:9f:f5:e6:38:
24:4c:d0:35:3a:fc:4e:de:e8:13:87:a8:bf:5b:75:33:74:5a:
a2:9f:58:2e:e3:e4:97:ad:5c:5a:c5:5e:95:a8:8a:ce:33:b3:
2d:ce:d0:3e:35:75:f3:12:f8:41:b5:b2:4d:23:c1:df:a4:81:
89:c1:31:ec:74:10:68:9a:86:ca:ea:0f:cb:b6:dd:6f:ce:bf:
cb:6d:41:95:f0:1e:44:92:b7:fd:56:c8:ba:fd:f7:9c:94:33:
f9:44:72:67:59:a6:c3:f3:c8:45:12:c0:9e:11:86:e1:35:a2:
3d:6d:6c:1a:3e:fe:d7:9e:76:2d:b1:ec:3f:3d:0a:f0:c9:93:
09:9c:78:00:63:8d:4a:b9:ad:eb:28:ac:1c:7d:81:a5:ca:da:
15:b0:a5:09:2b:6e:11:35:ba:4f:2e:69:6c:46:1a:a1:79:62:
34:17:b7:fa:c4:cf:87:af:8a:d5:d5:cd:15:04:94:7d:3c:89:
69:96:c4:56:12:e9:34:66:60:9a:00:d2:ad:f4:84:6f:a7:dc:
11:7c:f7:b0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCFmss8bQ60FTfNUehVE6CzULbNMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTA2MTIxMzI3NTFaFw0yNjA2MTExMzMyNTFaMDMxMTAvBgNV
BAMTKDUzOTRFN0I4MzgwMjQ4NTQ2OENDOTlEOTA0NEMyRDQ5M0I2RjU2NkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQaCAZepKVh7uCyqQwY6yOXDf7
VsjyT4g0RwPUc83zF16/rBzhQHgAszpK90EpH25lb81kH0tDiNJEZG+W5bwrsLjO
jV5VxAtKoleLxvAobDf1npePrpfXRF2yzEohOVtqHL0jM0X58pi1dGLhh2ACxbMQ
QKMgHQuoIf2QLjhD/kwxJbu+437wen4QCuuYbk39rf5uPNikUop3jt/zn8kikgVo
OryNmA4emlfPJOowYFPEnAuQeoLgDky1p4DqkZQFRuSGxDEaEiCeew10Y2qam76/
lo8TCdzHCfMntXhvbbc025XVqpV1airkJJbWVe6cDArzLJAbzxFy6/wbL5eHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUU5TnuDgCSFRozJnZBEwtSTtvVmwwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzEzMzMyMmUzOTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzAzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYRjMA0GCSqGSIb3DQEBCwUAA4IBAQBDlHgvQd0nV5KUM62CxtaT+GcoZQ/o+duR
X5Nk07ZfCsmeqd3jfOJnCsZmzTmZPokVZp/15jgkTNA1OvxO3ugTh6i/W3UzdFqi
n1gu4+SXrVxaxV6VqIrOM7MtztA+NXXzEvhBtbJNI8HfpIGJwTHsdBBomobK6g/L
tt1vzr/LbUGV8B5Ekrf9Vsi6/feclDP5RHJnWabD88hFEsCeEYbhNaI9bWwaPv7X
nnYtsew/PQrwyZMJnHgAY41Kua3rKKwcfYGlytoVsKUJK24RNbpPLmlsRhqheWI0
F7f6xM+Hr4rV1c0VBJR9PIlplsRWEuk0ZmCaANKt9IRvp9wRfPew
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:08:13 2025 by rpki-client