Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20323136303232.roa
File: 34352e382e3231372e302f32342d3234203d3e20323136303232.roa (raw, json)
Hash identifier: 8eRvRykZqahsRM0VQoPLCYYNfC1yyS358fE8muRhEDA=
Subject key identifier: B3:C8:E0:85:7A:EE:11:B4:61:4E:B1:D2:9A:D3:FA:A8:70:1C:F4:EF
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 33351945E3F50AB5F2596E1D989FF8C14E6D6472
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20323136303232.roa
Signing time: Wed 18 Jun 2025 10:22:44 +0000
ROA not before: Wed 18 Jun 2025 10:17:44 +0000
ROA not after: Wed 17 Jun 2026 10:22:44 +0000
asID: 216022
IP address blocks: 45.8.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:35:19:45:e3:f5:0a:b5:f2:59:6e:1d:98:9f:f8:c1:4e:6d:64:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jun 18 10:17:44 2025 GMT
Not After : Jun 17 10:22:44 2026 GMT
Subject: CN=B3C8E0857AEE11B4614EB1D29AD3FAA8701CF4EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d1:95:c1:a7:3a:b2:86:96:1f:8c:40:be:97:
2e:e5:59:ad:73:b4:67:16:1b:d9:0c:16:38:7a:12:
b9:b1:d4:bf:37:38:81:02:ec:6d:ef:9b:bd:a2:3b:
00:20:29:8a:a3:c1:58:27:45:47:7b:98:c0:7c:4d:
76:f2:d0:0a:f7:f2:88:07:b5:b6:5c:f0:b3:83:ed:
f8:9d:79:57:9c:31:d7:0f:4c:8c:b5:28:b7:47:aa:
cf:d9:66:a2:2e:68:06:1d:16:52:63:9a:cc:ca:94:
20:a7:89:a7:8d:f7:56:e9:0b:16:f1:07:74:d1:fc:
99:f5:16:ec:5c:4c:e9:6c:18:04:3b:d9:49:65:44:
33:3a:81:b3:d4:60:62:cb:99:e8:bf:8f:f2:b7:6a:
da:8e:db:c0:46:71:19:93:56:f1:6c:81:cc:1a:2c:
19:ec:e5:28:47:6d:f3:48:66:e4:35:31:0f:e8:38:
c4:76:0e:cb:49:c9:04:9e:af:eb:24:c8:b1:1d:8f:
9e:ec:b9:45:a1:a9:cd:6e:d5:e7:fd:5c:ea:30:c4:
6d:30:e6:d7:89:68:03:a1:e7:c0:93:79:9d:c9:3a:
80:4a:b3:8d:b7:00:8c:91:44:d7:f6:3b:d1:fa:e5:
84:e0:4b:39:73:55:97:44:17:e7:80:6a:cb:b9:2b:
11:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C8:E0:85:7A:EE:11:B4:61:4E:B1:D2:9A:D3:FA:A8:70:1C:F4:EF
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20323136303232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.217.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:de:27:91:2b:fa:b7:e4:13:bb:69:83:aa:9d:b6:e7:2f:0b:
d8:eb:0a:9e:15:48:9c:b7:ca:af:e8:26:1f:73:7f:92:c2:ec:
00:14:5d:8c:97:9f:cd:bd:d4:b8:df:d3:4b:65:be:a0:1b:a6:
04:24:05:33:48:15:bc:42:20:8e:21:ce:10:8d:42:3c:20:d0:
7e:ad:1b:54:e8:14:ff:5a:24:09:7d:9c:97:72:ad:6b:b9:51:
86:d9:e3:d5:19:70:c5:af:96:9d:81:49:93:91:5f:cd:10:56:
70:c0:b0:98:cf:f7:a7:bc:07:b2:9b:66:2c:23:1f:3e:a6:be:
13:15:93:27:1a:ea:0c:94:96:f4:01:d7:a6:60:49:03:a6:a4:
00:97:c6:b5:4e:44:63:d3:17:18:f5:36:f5:9e:b0:e9:d6:2d:
b9:39:a3:6a:fa:63:3a:06:64:01:8d:55:e5:c5:20:dc:fa:9a:
13:68:d1:65:65:2c:8a:17:db:81:46:d8:32:3b:8c:8c:09:5f:
b3:06:95:88:2a:c0:73:db:c1:38:b4:b0:78:cf:64:dd:f0:8d:
4b:34:1d:e1:0e:20:97:34:03:bd:a5:cb:1d:d0:1c:d7:24:39:
da:23:f2:b8:b7:cb:3e:25:56:69:ae:01:1d:19:74:8b:5f:d5:
e3:f9:8d:06
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUMzUZReP1CrXyWW4dmJ/4wU5tZHIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTA2MTgxMDE3NDRaFw0yNjA2MTcxMDIyNDRaMDMxMTAvBgNV
BAMTKEIzQzhFMDg1N0FFRTExQjQ2MTRFQjFEMjlBRDNGQUE4NzAxQ0Y0RUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC10ZXBpzqyhpYfjEC+ly7lWa1z
tGcWG9kMFjh6Ermx1L83OIEC7G3vm72iOwAgKYqjwVgnRUd7mMB8TXby0Ar38ogH
tbZc8LOD7fideVecMdcPTIy1KLdHqs/ZZqIuaAYdFlJjmszKlCCniaeN91bpCxbx
B3TR/Jn1FuxcTOlsGAQ72UllRDM6gbPUYGLLmei/j/K3atqO28BGcRmTVvFsgcwa
LBns5ShHbfNIZuQ1MQ/oOMR2DstJyQSer+skyLEdj57suUWhqc1u1ef9XOowxG0w
5teJaAOh58CTeZ3JOoBKs423AIyRRNf2O9H65YTgSzlzVZdEF+eAasu5KxE9AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUs8jghXruEbRhTrHSmtP6qHAc9O8wHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzgyZTMyMzEzNzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNjMwMzIzMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0I
2TANBgkqhkiG9w0BAQsFAAOCAQEAjN4nkSv6t+QTu2mDqp225y8L2OsKnhVInLfK
r+gmH3N/ksLsABRdjJefzb3UuN/TS2W+oBumBCQFM0gVvEIgjiHOEI1CPCDQfq0b
VOgU/1okCX2cl3Kta7lRhtnj1Rlwxa+WnYFJk5FfzRBWcMCwmM/3p7wHsptmLCMf
Pqa+ExWTJxrqDJSW9AHXpmBJA6akAJfGtU5EY9MXGPU29Z6w6dYtuTmjavpjOgZk
AY1V5cUg3PqaE2jRZWUsihfbgUbYMjuMjAlfswaViCrAc9vBOLSweM9k3fCNSzQd
4Q4glzQDvaXLHdAc1yQ52iPyuLfLPiVWaa4BHRl0i1/V4/mNBg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 09:04:51 2025 by rpki-client