Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133342e3232352e302f32342d3234203d3e20323133343338.roa
File: 34352e3133342e3232352e302f32342d3234203d3e20323133343338.roa (raw, json)
Hash identifier: +B51oZJgYgSlmNvkH2V4iww7lSJCX9BQRBHOtFONXFM=
Subject key identifier: FB:34:03:01:44:DF:84:78:53:01:61:7E:86:9A:78:8C:FD:DF:59:72
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 68F12912815A8B84673D1A35EE0DDB6A91EDEA49
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133342e3232352e302f32342d3234203d3e20323133343338.roa
Signing time: Tue 13 May 2025 07:52:41 +0000
ROA not before: Tue 13 May 2025 07:47:41 +0000
ROA not after: Tue 12 May 2026 07:52:41 +0000
asID: 213438
IP address blocks: 45.134.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 20:12:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:f1:29:12:81:5a:8b:84:67:3d:1a:35:ee:0d:db:6a:91:ed:ea:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: May 13 07:47:41 2025 GMT
Not After : May 12 07:52:41 2026 GMT
Subject: CN=FB34030144DF84785301617E869A788CFDDF5972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ce:b7:09:3e:68:54:fa:9b:0b:e5:dd:1d:33:
93:db:0d:17:25:9a:17:91:62:5f:02:2c:5b:a0:ff:
d7:97:1c:31:4f:bb:0e:3f:a7:bf:0a:f6:df:80:11:
6d:6e:df:3f:c1:38:99:30:73:f7:88:4f:cd:83:4b:
68:89:cb:11:65:33:eb:79:52:12:2a:e6:dd:61:e1:
7d:2d:58:6b:97:09:4b:aa:8b:97:d0:4e:6d:63:f6:
96:9d:89:15:16:6e:cf:ac:a8:66:6e:8d:57:b5:18:
77:6b:f4:d0:b1:36:8e:8b:90:ff:87:56:46:51:16:
1d:c7:cd:bb:82:c0:3b:88:5a:6d:8b:b5:22:40:1e:
82:29:ea:15:87:44:a9:2d:ea:96:7a:0f:2a:95:ba:
26:79:54:4d:3e:f6:59:34:f9:1a:23:d8:4c:12:c3:
3a:21:0b:7d:b5:e8:c8:8c:83:5f:c9:47:10:dd:61:
79:a5:c4:cc:9d:87:ec:95:c0:fb:d6:41:37:d8:42:
f0:57:bc:44:a4:47:c4:8c:74:51:2f:74:45:4f:dc:
c8:fc:b3:01:fa:80:a5:c0:1b:99:5c:54:c2:1d:ed:
0a:d2:f0:e5:41:25:4f:78:e6:e4:05:37:90:3b:4d:
5e:af:87:ed:1d:da:64:f6:7b:dd:02:e4:ea:6b:d9:
b6:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:34:03:01:44:DF:84:78:53:01:61:7E:86:9A:78:8C:FD:DF:59:72
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133342e3232352e302f32342d3234203d3e20323133343338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.225.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:56:72:35:b0:f8:c6:08:0e:f5:41:3f:4e:ee:b5:a3:b8:27:
2b:b1:dd:18:fb:94:77:77:13:76:d1:38:13:a3:97:be:a7:e3:
94:0d:b2:0e:72:ba:ce:af:3b:84:21:a2:4f:bd:21:e2:dc:4d:
70:92:6e:61:3b:ef:39:e0:e9:d6:f9:7d:a7:e4:64:b4:18:85:
17:a8:8a:f9:92:95:66:1f:84:ca:6a:ba:23:72:7a:49:9b:49:
72:16:84:32:e0:41:a0:d8:4e:a6:a5:53:b5:08:fb:42:a6:07:
50:05:a9:21:81:c4:35:c8:19:62:d7:fe:1c:ec:d8:cf:4a:c8:
02:d5:e5:b3:5c:7b:00:89:f5:c3:ed:04:2f:64:7c:9e:9f:13:
a6:8e:69:43:31:66:83:01:fb:74:1c:c2:b1:c7:2c:b1:f3:e3:
68:6b:b5:c9:00:e3:77:e6:32:61:2b:26:29:88:02:38:89:70:
60:d0:33:14:30:58:b2:06:31:f9:cc:48:09:fd:8c:c1:d9:44:
4b:da:07:f6:93:38:aa:3f:62:d7:0d:17:7b:70:30:9a:1a:5a:
30:b5:50:db:39:25:e0:e6:47:86:bf:b3:e3:ee:1f:bd:e8:be:
7c:23:fb:dd:7c:de:f8:5c:97:74:1f:97:03:9e:5e:2f:34:66:
9a:40:8c:fa
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUaPEpEoFai4RnPRo17g3bapHt6kkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA1MTMwNzQ3NDFaFw0yNjA1MTIwNzUyNDFaMDMxMTAvBgNV
BAMTKEZCMzQwMzAxNDRERjg0Nzg1MzAxNjE3RTg2OUE3ODhDRkRERjU5NzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4zrcJPmhU+psL5d0dM5PbDRcl
mheRYl8CLFug/9eXHDFPuw4/p78K9t+AEW1u3z/BOJkwc/eIT82DS2iJyxFlM+t5
UhIq5t1h4X0tWGuXCUuqi5fQTm1j9padiRUWbs+sqGZujVe1GHdr9NCxNo6LkP+H
VkZRFh3HzbuCwDuIWm2LtSJAHoIp6hWHRKkt6pZ6DyqVuiZ5VE0+9lk0+Roj2EwS
wzohC3216MiMg1/JRxDdYXmlxMydh+yVwPvWQTfYQvBXvESkR8SMdFEvdEVP3Mj8
swH6gKXAG5lcVMId7QrS8OVBJU945uQFN5A7TV6vh+0d2mT2e90C5Opr2bZNAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU+zQDAUTfhHhTAWF+hpp4jP3fWXIwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMzMzQy
ZTMyMzIzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMzM0MzMzOC5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAC2G4TANBgkqhkiG9w0BAQsFAAOCAQEAC1ZyNbD4xggO9UE/Tu61o7gn
K7HdGPuUd3cTdtE4E6OXvqfjlA2yDnK6zq87hCGiT70h4txNcJJuYTvvOeDp1vl9
p+RktBiFF6iK+ZKVZh+Eymq6I3J6SZtJchaEMuBBoNhOpqVTtQj7QqYHUAWpIYHE
NcgZYtf+HOzYz0rIAtXls1x7AIn1w+0EL2R8np8Tpo5pQzFmgwH7dBzCsccssfPj
aGu1yQDjd+YyYSsmKYgCOIlwYNAzFDBYsgYx+cxICf2MwdlES9oH9pM4qj9i1w0X
e3AwmhpaMLVQ2zkl4OZHhr+z4+4fvei+fCP73Xze+FyXdB+XA55eLzRmmkCM+g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:02:34 2025 by rpki-client