Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3135392e3232302e302f32332d3332203d3e203531313637.roa
File: 34352e3135392e3232302e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: 3VQYJJ6lTZk0av7HmP79ekvv6P+mCaNQ2WPN11gdpkg=
Subject key identifier: 43:7D:C0:56:DF:5C:33:1B:A3:FB:09:0F:C3:C0:F1:D6:04:74:AD:91
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 2918758484171545327D373F223BD73DCCB58C22
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3135392e3232302e302f32332d3332203d3e203531313637.roa
Signing time: Wed 23 Apr 2025 13:46:08 +0000
ROA not before: Wed 23 Apr 2025 13:41:08 +0000
ROA not after: Wed 22 Apr 2026 13:46:08 +0000
asID: 51167
IP address blocks: 45.159.220.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:18:75:84:84:17:15:45:32:7d:37:3f:22:3b:d7:3d:cc:b5:8c:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Apr 23 13:41:08 2025 GMT
Not After : Apr 22 13:46:08 2026 GMT
Subject: CN=437DC056DF5C331BA3FB090FC3C0F1D60474AD91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c2:d9:6b:e9:de:42:92:63:17:0d:77:87:81:
4a:7f:41:3f:94:26:b3:62:42:33:f1:98:bd:bb:cc:
42:22:fb:d5:ce:a5:07:a0:e4:52:7b:61:93:f6:42:
5e:9c:c3:bd:1c:6b:cc:37:f8:35:10:a8:e2:e4:cb:
8e:79:27:3f:b8:f2:61:92:03:d2:c7:a7:a4:11:a6:
c6:89:3a:ba:e5:1d:28:b6:a9:03:a4:9a:24:85:de:
e2:22:68:97:aa:06:fa:95:6d:fe:e5:fd:4d:c2:65:
e2:b4:75:0a:5a:16:cb:40:cf:02:dc:83:d1:7c:b8:
2e:76:d6:c1:5a:0c:16:e4:4c:e0:4f:ad:3a:76:eb:
f7:25:3d:a6:25:ec:06:2e:6e:13:53:e8:a4:f0:0d:
7d:1d:a3:3c:bf:10:f2:75:47:1c:75:d1:52:7c:04:
5e:52:bc:10:8e:d1:ab:e2:2f:be:a1:2d:66:2d:6b:
c8:e5:61:87:fb:bc:2d:59:ba:9e:af:7e:c3:fc:07:
54:9d:89:0d:2e:77:30:28:cb:fa:c0:d1:d0:6d:41:
ba:a5:6b:2c:b3:ad:b7:21:42:ff:46:d5:26:7b:28:
77:46:f1:3d:12:66:e2:a4:77:e9:d2:c4:d1:05:c6:
0a:ec:3b:0a:29:16:9d:25:7f:7b:18:aa:4e:8d:95:
f2:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:7D:C0:56:DF:5C:33:1B:A3:FB:09:0F:C3:C0:F1:D6:04:74:AD:91
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3135392e3232302e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.220.0/23
Signature Algorithm: sha256WithRSAEncryption
14:93:98:df:03:12:01:bd:40:83:bb:3e:49:61:3a:a8:59:33:
7c:e6:c5:d5:15:e2:c4:59:2e:d5:94:de:10:c1:7c:15:80:c9:
76:d3:f5:01:5c:e2:3b:f9:96:62:0b:a2:68:f3:7a:cb:b5:76:
b3:bb:5b:84:d3:b1:1e:19:88:42:3b:fc:25:65:b7:87:81:1f:
50:04:f2:12:c2:c8:8a:81:87:21:0b:da:ba:e6:d7:19:d0:90:
23:36:20:23:34:a8:be:ce:f8:6b:71:b5:65:3d:1d:17:a6:bc:
4c:e7:f3:96:e8:29:93:ce:26:83:f3:08:e6:4a:29:cb:c0:55:
ef:43:1b:e3:4e:db:68:35:45:37:75:70:8f:60:73:0f:da:76:
f6:cd:3f:99:59:21:53:df:f2:d3:af:aa:63:64:46:2c:38:a2:
82:76:55:8e:8a:76:ea:3a:c5:83:11:6f:d5:88:f0:6a:cf:63:
f3:7c:95:1b:62:2b:66:11:6a:55:d3:9a:e6:c9:7a:ce:e8:42:
61:b8:ae:63:86:0e:4c:22:16:e1:f8:c1:11:f1:ff:5f:70:ec:
e7:e4:f2:5b:da:cf:f6:85:ea:3a:a6:bf:1d:f3:94:e0:14:4b:
10:5e:89:83:05:64:84:39:af:46:5e:e9:19:6d:00:27:fa:33:
76:16:e8:23
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKRh1hIQXFUUyfTc/IjvXPcy1jCIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTA0MjMxMzQxMDhaFw0yNjA0MjIxMzQ2MDhaMDMxMTAvBgNV
BAMTKDQzN0RDMDU2REY1QzMzMUJBM0ZCMDkwRkMzQzBGMUQ2MDQ3NEFEOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWwtlr6d5CkmMXDXeHgUp/QT+U
JrNiQjPxmL27zEIi+9XOpQeg5FJ7YZP2Ql6cw70ca8w3+DUQqOLky455Jz+48mGS
A9LHp6QRpsaJOrrlHSi2qQOkmiSF3uIiaJeqBvqVbf7l/U3CZeK0dQpaFstAzwLc
g9F8uC521sFaDBbkTOBPrTp26/clPaYl7AYubhNT6KTwDX0dozy/EPJ1Rxx10VJ8
BF5SvBCO0aviL76hLWYta8jlYYf7vC1Zup6vfsP8B1SdiQ0udzAoy/rA0dBtQbql
ayyzrbchQv9G1SZ7KHdG8T0SZuKkd+nSxNEFxgrsOwopFp0lf3sYqk6NlfIbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUQ33AVt9cMxuj+wkPw8Dx1gR0rZEwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNTM5MmUzMjMy
MzAyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
LZ/cMA0GCSqGSIb3DQEBCwUAA4IBAQAUk5jfAxIBvUCDuz5JYTqoWTN85sXVFeLE
WS7VlN4QwXwVgMl20/UBXOI7+ZZiC6Jo83rLtXazu1uE07EeGYhCO/wlZbeHgR9Q
BPISwsiKgYchC9q65tcZ0JAjNiAjNKi+zvhrcbVlPR0XprxM5/OW6CmTziaD8wjm
SinLwFXvQxvjTttoNUU3dXCPYHMP2nb2zT+ZWSFT3/LTr6pjZEYsOKKCdlWOinbq
OsWDEW/ViPBqz2PzfJUbYitmEWpV05rmyXrO6EJhuK5jhg5MIhbh+MER8f9fcOzn
5PJb2s/2heo6pr8d85TgFEsQXomDBWSEOa9GXukZbQAn+jN2Fugj
-----END CERTIFICATE-----
Generated at Sun Apr 27 12:34:24 2025 by rpki-client