Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/34362e3138332e32352e302f32342d3234203d3e20323132323338.roa
File: 34362e3138332e32352e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: lxi2m0tJ4IwcIv1Qu/mxuwgzf8BGdtHdxfKNM9mKZEQ=
Subject key identifier: 60:85:EE:4A:94:0D:00:B2:A5:8A:85:0A:56:79:4A:28:A5:32:E3:6A
Certificate issuer: /CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00
Certificate serial: 32D376F310171BBC022A68B200377925C7F7781A
Authority key identifier: 24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/34362e3138332e32352e302f32342d3234203d3e20323132323338.roa
Signing time: Mon 21 Apr 2025 08:54:03 +0000
ROA not before: Mon 21 Apr 2025 08:49:03 +0000
ROA not after: Mon 20 Apr 2026 08:54:03 +0000
asID: 212238
IP address blocks: 46.183.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl
rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft
rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 17:53:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:d3:76:f3:10:17:1b:bc:02:2a:68:b2:00:37:79:25:c7:f7:78:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00
Validity
Not Before: Apr 21 08:49:03 2025 GMT
Not After : Apr 20 08:54:03 2026 GMT
Subject: CN=6085EE4A940D00B2A58A850A56794A28A532E36A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:2f:70:fc:d1:be:de:dd:8e:b7:39:4a:1a:e7:
82:9a:e2:c9:e1:83:d2:4a:c9:5a:5f:cd:36:46:9e:
d0:ad:97:53:3e:05:e4:a7:b2:a1:3c:eb:a9:ec:d4:
ae:b9:77:7a:e3:39:0b:42:08:ae:8f:a4:49:12:72:
2a:ac:e3:e2:fc:01:95:5a:65:e9:05:1f:51:f7:58:
76:c6:8d:b0:03:87:fd:98:98:6f:c4:5d:74:08:74:
53:00:55:2d:5d:a8:b9:7c:47:59:21:e1:ab:78:31:
1a:61:e7:cf:70:d0:7f:66:10:0e:db:0c:db:39:dd:
af:fe:58:80:c9:cf:2c:5b:88:5e:33:5f:1d:8f:8f:
13:c1:21:22:ab:40:1c:cb:ee:d0:56:3d:14:8e:c8:
f3:d7:d8:30:7d:9e:ee:8d:aa:bd:46:f8:c1:f7:64:
fc:83:24:a8:eb:7e:f9:85:82:bb:80:e3:df:06:44:
de:1a:64:47:65:8f:81:70:e9:ba:6d:f4:60:7d:82:
c9:35:c3:47:47:0d:26:55:b4:41:04:38:8d:aa:b5:
d1:9b:ac:62:1d:19:bd:86:8b:08:cf:16:c0:e8:7d:
42:c5:5d:fb:d6:37:38:ce:64:46:27:68:49:82:e4:
7e:64:0d:0f:b3:7b:2b:bc:a6:4b:d3:a8:89:85:80:
c8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:85:EE:4A:94:0D:00:B2:A5:8A:85:0A:56:79:4A:28:A5:32:E3:6A
X509v3 Authority Key Identifier:
keyid:24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/34362e3138332e32352e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.25.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:c2:d7:63:de:0f:c5:95:1a:19:62:4f:00:31:6c:6a:f0:b7:
d7:f9:6a:99:04:bb:2e:74:af:28:f8:04:94:f4:b8:e0:a7:03:
7c:cf:27:e9:50:9c:ca:b1:04:22:86:76:4b:ac:0c:e6:13:c2:
12:cc:a2:be:e6:98:49:65:79:d8:d5:60:12:ec:bd:82:85:16:
06:ce:f7:f6:69:c0:06:cf:a0:e2:87:03:70:9f:31:df:e6:38:
c9:03:03:15:32:8b:49:fb:b5:7b:92:a6:54:0c:7a:cb:56:b1:
fa:47:0c:4d:28:0d:3a:f3:77:4a:40:73:22:c0:6d:ab:46:2d:
e3:f8:dd:76:27:65:00:56:19:d2:ee:41:3f:44:c7:da:74:ba:
f6:fd:9b:14:dc:a5:10:b9:7e:ae:65:2e:24:d3:13:39:54:b9:
eb:d0:22:7a:28:8a:97:47:9e:b5:9b:ed:78:bd:0e:39:bd:c0:
54:66:06:2e:59:a7:a0:56:bb:db:b2:47:7b:2b:7a:e7:2e:33:
36:ac:28:1e:7e:58:61:f3:4c:77:fd:5a:7a:df:85:3a:78:81:
3c:ea:5d:23:98:a3:af:95:7d:fc:8a:cf:21:f9:b7:7b:e6:93:
49:4e:81:e5:7e:09:1d:f8:cb:7e:53:4f:77:33:5d:00:99:3d:
66:e5:5d:c1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMtN28xAXG7wCKmiyADd5Jcf3eBowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjRlNTM3ODhiZDRlZmEyM2IxYTgyMDdiN2U3NGE4ZTFj
YzY3N2IwMDAeFw0yNTA0MjEwODQ5MDNaFw0yNjA0MjAwODU0MDNaMDMxMTAvBgNV
BAMTKDYwODVFRTRBOTQwRDAwQjJBNThBODUwQTU2Nzk0QTI4QTUzMkUzNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmL3D80b7e3Y63OUoa54Ka4snh
g9JKyVpfzTZGntCtl1M+BeSnsqE866ns1K65d3rjOQtCCK6PpEkSciqs4+L8AZVa
ZekFH1H3WHbGjbADh/2YmG/EXXQIdFMAVS1dqLl8R1kh4at4MRph589w0H9mEA7b
DNs53a/+WIDJzyxbiF4zXx2PjxPBISKrQBzL7tBWPRSOyPPX2DB9nu6Nqr1G+MH3
ZPyDJKjrfvmFgruA498GRN4aZEdlj4Fw6bpt9GB9gsk1w0dHDSZVtEEEOI2qtdGb
rGIdGb2GiwjPFsDofULFXfvWNzjOZEYnaEmC5H5kDQ+zeyu8pkvTqImFgMjVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUYIXuSpQNALKlioUKVnlKKKUy42owHwYDVR0j
BBgwFoAUJOU3iL1O+iOxqCB7fnSo4cxnewAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMTZhY2I5YTAtNmQxZS00YWU0LTkxNzctZDkzOGU5ODA0
Mzk1LzAvMjRFNTM3ODhCRDRFRkEyM0IxQTgyMDdCN0U3NEE4RTFDQzY3N0IwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0pPVTNpTDFPLWlPeHFDQjdmblNvNGN4
bmV3QS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMTZhY2I5YTAt
NmQxZS00YWU0LTkxNzctZDkzOGU5ODA0Mzk1LzAvMzQzNjJlMzEzODMzMmUzMjM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LrcZMA0GCSqGSIb3DQEBCwUAA4IBAQA+wtdj3g/FlRoZYk8AMWxq8LfX+WqZBLsu
dK8o+ASU9LjgpwN8zyfpUJzKsQQihnZLrAzmE8ISzKK+5phJZXnY1WAS7L2ChRYG
zvf2acAGz6DihwNwnzHf5jjJAwMVMotJ+7V7kqZUDHrLVrH6RwxNKA0683dKQHMi
wG2rRi3j+N12J2UAVhnS7kE/RMfadLr2/ZsU3KUQuX6uZS4k0xM5VLnr0CJ6KIqX
R561m+14vQ45vcBUZgYuWaegVrvbskd7K3rnLjM2rCgeflhh80x3/Vp634U6eIE8
6l0jmKOvlX38is8h+bd75pNJToHlfgkd+Mt+U093M10AmT1m5V3B
-----END CERTIFICATE-----
Generated at Fri May 9 23:47:58 2025 by rpki-client