Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e39342e3136302e302f32322d3234203d3e20323031333431.roa
File: 34352e39342e3136302e302f32322d3234203d3e20323031333431.roa (raw, json)
Hash identifier: WqleXXxTbx0McwzvnddnQcLBDo4SLYJ2sT3B/tz2vOI=
Subject key identifier: 78:33:8F:2F:91:4F:FF:DA:A3:7F:7A:9E:2B:85:3C:79:4F:E8:F1:CD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6B7C1F7B2FE685C2A4DF7B21E86F84F0B5355DD1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e39342e3136302e302f32322d3234203d3e20323031333431.roa
Signing time: Wed 02 Apr 2025 12:45:57 +0000
ROA not before: Wed 02 Apr 2025 12:40:57 +0000
ROA not after: Wed 01 Apr 2026 12:45:57 +0000
asID: 201341
IP address blocks: 45.94.160.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:7c:1f:7b:2f:e6:85:c2:a4:df:7b:21:e8:6f:84:f0:b5:35:5d:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 2 12:40:57 2025 GMT
Not After : Apr 1 12:45:57 2026 GMT
Subject: CN=78338F2F914FFFDAA37F7A9E2B853C794FE8F1CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4a:a7:6f:5b:3f:55:ef:b4:59:6d:c9:f0:b1:
26:2b:a0:c3:3f:6b:bb:b7:77:26:f5:62:09:04:56:
c4:70:ae:62:34:05:2c:1f:23:4d:7e:e6:65:c4:e4:
16:c9:6f:b1:91:48:80:5d:62:ab:7f:66:7b:41:da:
00:3e:4b:2f:b0:e0:a7:34:09:25:4c:57:17:58:6e:
e5:e5:4b:48:62:c8:de:e8:51:93:95:4f:5d:cc:9b:
d6:bc:3e:91:ce:2b:22:0d:ee:4e:4c:f2:d8:08:c4:
75:b1:48:0b:12:9f:44:1c:bf:14:25:a2:f2:a7:8f:
5e:74:72:c1:05:16:d8:52:53:6b:96:9e:86:7d:f8:
f2:e2:b1:41:18:97:01:2c:ab:92:31:5f:04:fb:0c:
17:a6:e6:e2:db:89:9a:29:57:34:94:ee:d9:bf:bb:
59:0c:a1:e8:7c:fd:a9:b3:2e:1d:e5:83:9b:f8:8b:
e7:4c:b8:c9:3b:54:59:af:a9:b3:46:8a:22:ef:7b:
e1:02:3d:f2:38:70:01:02:54:b9:28:30:67:9d:f0:
fb:b9:9d:e9:ac:5a:a6:24:93:82:eb:c5:5b:d9:69:
eb:e7:d8:a0:38:7a:ea:1e:4e:09:12:b1:3b:82:60:
a5:e6:29:59:8d:f7:3b:1f:39:3e:fa:f5:aa:38:2e:
01:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:33:8F:2F:91:4F:FF:DA:A3:7F:7A:9E:2B:85:3C:79:4F:E8:F1:CD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e39342e3136302e302f32322d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.160.0/22
Signature Algorithm: sha256WithRSAEncryption
37:b9:a4:6c:3a:46:43:a1:88:f4:f0:6b:ae:9d:29:1a:b2:1d:
1d:f6:7a:9d:bb:f2:48:3d:c2:23:7a:01:45:48:d5:a7:ed:2f:
7c:26:02:2f:1a:4b:7d:93:f4:37:de:7b:54:7f:9e:af:7b:83:
de:26:8e:f9:63:38:a9:85:ae:60:9c:f3:84:b9:8c:5b:30:50:
bb:25:b7:17:2e:48:a2:15:dc:9e:28:25:60:9f:b8:78:fa:4a:
b7:3d:75:b9:42:83:1d:e1:8d:a1:6a:91:94:ca:cf:12:7a:4b:
51:9a:07:a6:00:df:ae:cb:c2:0a:68:29:44:66:e7:f5:85:63:
a2:de:b6:5c:41:a0:f2:d7:d5:ab:27:6c:7f:40:72:3f:fa:92:
85:5b:97:cf:ec:17:a5:b4:4e:37:92:0b:5d:1a:42:cb:f6:c8:
bd:71:36:0a:d8:19:b8:ec:4c:c2:2b:1e:01:c1:6d:c6:44:7f:
b6:24:ab:e3:b0:4d:c0:08:63:96:4a:de:42:49:b7:8a:48:d1:
4c:22:c3:ef:46:a8:be:76:0f:85:23:79:36:92:af:db:7f:27:
34:61:c5:ca:cd:e1:2a:72:81:a2:45:8e:83:b5:02:eb:a6:5c:
37:82:93:4b:7b:cc:d7:1f:99:75:d5:1f:4c:f0:94:e7:30:f0:
03:bc:50:f4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUa3wfey/mhcKk33sh6G+E8LU1XdEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA0MDIxMjQwNTdaFw0yNjA0MDExMjQ1NTdaMDMxMTAvBgNV
BAMTKDc4MzM4RjJGOTE0RkZGREFBMzdGN0E5RTJCODUzQzc5NEZFOEYxQ0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKSqdvWz9V77RZbcnwsSYroMM/
a7u3dyb1YgkEVsRwrmI0BSwfI01+5mXE5BbJb7GRSIBdYqt/ZntB2gA+Sy+w4Kc0
CSVMVxdYbuXlS0hiyN7oUZOVT13Mm9a8PpHOKyIN7k5M8tgIxHWxSAsSn0QcvxQl
ovKnj150csEFFthSU2uWnoZ9+PLisUEYlwEsq5IxXwT7DBem5uLbiZopVzSU7tm/
u1kMoeh8/amzLh3lg5v4i+dMuMk7VFmvqbNGiiLve+ECPfI4cAECVLkoMGed8Pu5
nemsWqYkk4LrxVvZaevn2KA4euoeTgkSsTuCYKXmKVmN9zsfOT769ao4LgFFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUeDOPL5FP/9qjf3qeK4U8eU/o8c0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzkzNDJlMzEzNjMw
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzMDMxMzMzNDMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
LV6gMA0GCSqGSIb3DQEBCwUAA4IBAQA3uaRsOkZDoYj08GuunSkash0d9nqdu/JI
PcIjegFFSNWn7S98JgIvGkt9k/Q33ntUf56ve4PeJo75Yzipha5gnPOEuYxbMFC7
JbcXLkiiFdyeKCVgn7h4+kq3PXW5QoMd4Y2hapGUys8SektRmgemAN+uy8IKaClE
Zuf1hWOi3rZcQaDy19WrJ2x/QHI/+pKFW5fP7BeltE43kgtdGkLL9si9cTYK2Bm4
7EzCKx4BwW3GRH+2JKvjsE3ACGOWSt5CSbeKSNFMIsPvRqi+dg+FI3k2kq/bfyc0
YcXKzeEqcoGiRY6DtQLrplw3gpNLe8zXH5l11R9M8JTnMPADvFD0
-----END CERTIFICATE-----
Generated at Mon Apr 28 00:38:26 2025 by rpki-client