Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31342e3231322e302f32322d3232203d3e20323031333431.roa
File: 34352e31342e3231322e302f32322d3232203d3e20323031333431.roa (raw, json)
Hash identifier: IMwAuXZo2xh7MYEuOOkrccrDC01ktmflaDRZapyE0yo=
Subject key identifier: 89:B5:95:6E:D1:F0:34:DB:91:F1:EE:E5:1D:13:EE:8F:DE:F8:D4:E2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4BA0B068A26FD5313AD7089A748BE90D5487F3C9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31342e3231322e302f32322d3232203d3e20323031333431.roa
Signing time: Wed 02 Apr 2025 12:45:57 +0000
ROA not before: Wed 02 Apr 2025 12:40:57 +0000
ROA not after: Wed 01 Apr 2026 12:45:57 +0000
asID: 201341
IP address blocks: 45.14.212.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:a0:b0:68:a2:6f:d5:31:3a:d7:08:9a:74:8b:e9:0d:54:87:f3:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 2 12:40:57 2025 GMT
Not After : Apr 1 12:45:57 2026 GMT
Subject: CN=89B5956ED1F034DB91F1EEE51D13EE8FDEF8D4E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:de:76:a1:ee:b0:80:1e:71:9a:ad:34:64:43:
47:44:ad:35:04:43:b1:42:1e:dd:ac:aa:58:58:33:
2d:2c:5a:5f:71:d8:2d:0a:0b:85:38:6d:fb:12:c2:
50:93:4e:b7:a9:83:91:20:98:9a:6c:f3:ed:69:c5:
e9:7b:4e:83:21:e0:4f:e0:5e:31:b0:9f:c5:3c:85:
e4:1e:99:14:d1:b3:2e:a5:3f:d2:32:3c:ef:70:97:
c7:c6:4c:af:b6:4d:d2:05:6c:9e:bc:b3:dd:17:84:
f0:10:7b:48:dd:be:e8:21:3a:d9:ce:47:4b:61:47:
10:64:ce:f4:c1:bf:96:df:4a:03:9a:e2:e6:a7:9e:
8f:85:d4:ac:a3:03:29:53:d9:d7:fe:e7:17:a7:c9:
05:ff:16:88:86:ef:93:01:2b:67:9d:b4:74:b8:72:
cd:47:8d:fb:e4:d5:37:d3:c1:db:4a:11:90:16:ee:
d1:78:64:68:f6:05:1d:0e:76:f3:48:39:5d:4e:fc:
10:a5:66:3b:de:7b:90:b0:3a:1a:a0:55:f3:6f:ff:
ff:ea:51:df:42:46:91:1a:65:b1:95:ca:49:8a:a9:
40:59:9c:54:7c:29:4b:4c:48:d4:0b:e3:04:72:0f:
3a:2c:1d:3f:1b:d1:65:90:86:15:6a:eb:fa:28:08:
20:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:B5:95:6E:D1:F0:34:DB:91:F1:EE:E5:1D:13:EE:8F:DE:F8:D4:E2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31342e3231322e302f32322d3232203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.212.0/22
Signature Algorithm: sha256WithRSAEncryption
86:e3:57:67:34:7b:63:3c:b0:cf:b5:30:d1:b7:2c:c9:5d:f2:
e0:10:a9:64:f5:39:9f:06:2c:1c:32:ce:bd:89:40:7a:75:e8:
8e:87:14:b4:ec:d7:2f:24:9a:4f:de:05:67:b3:9e:8d:4c:02:
a5:66:72:16:55:d4:ed:2b:e5:d3:13:77:a1:4a:1c:73:99:cc:
da:7a:66:ae:06:00:8d:60:11:df:e1:bc:16:7e:fa:1c:d1:89:
17:fa:40:2f:02:97:26:64:b9:e3:f2:5b:52:d0:a0:c7:d7:43:
15:23:c8:20:62:07:9c:ae:45:9f:53:1e:d6:92:ad:b1:f9:af:
32:70:03:e2:18:5a:f9:67:17:f2:cb:ee:74:58:3c:83:88:25:
a9:46:ea:6c:b8:ff:08:80:e0:3f:c3:74:8f:4c:6f:e9:86:44:
28:1f:e6:54:ff:6c:10:40:45:9e:de:b0:e6:1d:0e:de:07:1e:
eb:33:9d:f8:5c:33:3a:34:12:65:f9:be:ce:0d:e7:28:32:40:
fd:06:06:44:1a:16:c2:04:c7:df:f6:f1:e2:e4:43:a1:7a:39:
03:f3:2b:9a:26:5a:89:db:24:d4:48:69:6e:0b:43:78:67:db:
23:b6:2e:2f:32:41:72:d9:d8:04:aa:4d:0e:00:d8:a1:58:8f:
6b:4b:80:77
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUS6CwaKJv1TE61wiadIvpDVSH88kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA0MDIxMjQwNTdaFw0yNjA0MDExMjQ1NTdaMDMxMTAvBgNV
BAMTKDg5QjU5NTZFRDFGMDM0REI5MUYxRUVFNTFEMTNFRThGREVGOEQ0RTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL3nah7rCAHnGarTRkQ0dErTUE
Q7FCHt2sqlhYMy0sWl9x2C0KC4U4bfsSwlCTTrepg5EgmJps8+1pxel7ToMh4E/g
XjGwn8U8heQemRTRsy6lP9IyPO9wl8fGTK+2TdIFbJ68s90XhPAQe0jdvughOtnO
R0thRxBkzvTBv5bfSgOa4uanno+F1KyjAylT2df+5xenyQX/FoiG75MBK2edtHS4
cs1Hjfvk1TfTwdtKEZAW7tF4ZGj2BR0OdvNIOV1O/BClZjvee5CwOhqgVfNv///q
Ud9CRpEaZbGVykmKqUBZnFR8KUtMSNQL4wRyDzosHT8b0WWQhhVq6/ooCCCFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUibWVbtHwNNuR8e7lHRPuj9741OIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzNDJlMzIzMTMy
MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzMDMxMzMzNDMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
LQ7UMA0GCSqGSIb3DQEBCwUAA4IBAQCG41dnNHtjPLDPtTDRtyzJXfLgEKlk9Tmf
BiwcMs69iUB6deiOhxS07NcvJJpP3gVns56NTAKlZnIWVdTtK+XTE3ehShxzmcza
emauBgCNYBHf4bwWfvoc0YkX+kAvApcmZLnj8ltS0KDH10MVI8ggYgecrkWfUx7W
kq2x+a8ycAPiGFr5Zxfyy+50WDyDiCWpRupsuP8IgOA/w3SPTG/phkQoH+ZU/2wQ
QEWe3rDmHQ7eBx7rM534XDM6NBJl+b7ODecoMkD9BgZEGhbCBMff9vHi5EOhejkD
8yuaJlqJ2yTUSGluC0N4Z9sjti4vMkFy2dgEqk0OANihWI9rS4B3
-----END CERTIFICATE-----
Generated at Sun Apr 27 11:23:59 2025 by rpki-client