Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/34352e3133392e3139382e302f32342d3234203d3e20323134343636.roa
File: 34352e3133392e3139382e302f32342d3234203d3e20323134343636.roa (raw, json)
Hash identifier: 9KX5zC7UuI47N7heL//vNyLO3x7YEi1CucEhFX8SUR0=
Subject key identifier: 01:FF:8C:76:33:3B:06:B6:36:18:38:8D:9A:36:41:C6:D3:F5:18:D2
Certificate issuer: /CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Certificate serial: 17B71EDB786CD157CB12DBF5AB42EEB92E2621F6
Authority key identifier: 92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/34352e3133392e3139382e302f32342d3234203d3e20323134343636.roa
Signing time: Tue 22 Apr 2025 06:57:23 +0000
ROA not before: Tue 22 Apr 2025 06:52:23 +0000
ROA not after: Tue 21 Apr 2026 06:57:23 +0000
asID: 214466
IP address blocks: 45.139.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 15 May 2025 05:21:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:b7:1e:db:78:6c:d1:57:cb:12:db:f5:ab:42:ee:b9:2e:26:21:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Validity
Not Before: Apr 22 06:52:23 2025 GMT
Not After : Apr 21 06:57:23 2026 GMT
Subject: CN=01FF8C76333B06B63618388D9A3641C6D3F518D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8c:df:55:73:fe:67:e0:f6:10:ad:46:40:91:
16:b5:e0:5b:04:21:a9:55:23:22:88:f9:f2:22:a5:
09:fb:ff:6e:f1:69:31:86:22:b8:e5:ee:91:c3:6f:
b0:a4:1c:4a:6f:37:61:fa:bd:35:b3:46:50:5b:5a:
61:fe:39:74:e0:28:38:4a:7f:55:61:8d:e3:15:6b:
6a:e4:27:44:e6:cc:c6:90:53:4f:b2:2b:e6:c5:cc:
ac:b9:4e:ac:bd:d4:cd:19:35:3e:02:35:00:a9:9f:
22:10:82:d6:a8:7f:7c:e1:6c:2e:04:b8:e1:0f:e7:
77:b9:4e:e1:d1:38:71:68:2d:51:83:95:eb:a3:6c:
cb:1c:17:19:1e:af:d3:2a:c7:51:42:a6:31:97:cb:
f8:72:bb:9e:27:e8:13:ba:73:87:91:90:cf:66:8e:
e6:76:ec:de:3e:b0:c4:16:50:f0:a8:61:ab:79:f7:
2c:00:9b:eb:4b:a7:25:58:53:8a:fe:a6:09:c4:f6:
a8:70:41:65:44:f1:e6:ad:43:79:ae:61:bf:bc:ed:
12:47:2f:fc:cc:0b:70:ee:ce:49:6c:59:75:22:e4:
9b:90:81:88:8d:0d:b1:1e:85:b7:61:07:b0:2b:59:
6f:84:a4:ad:37:eb:6b:48:28:7f:92:66:f8:fb:7d:
34:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:FF:8C:76:33:3B:06:B6:36:18:38:8D:9A:36:41:C6:D3:F5:18:D2
X509v3 Authority Key Identifier:
keyid:92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/34352e3133392e3139382e302f32342d3234203d3e20323134343636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.198.0/24
Signature Algorithm: sha256WithRSAEncryption
47:a0:7f:12:f6:22:39:80:00:a7:fc:17:8e:fc:a4:1c:8d:c6:
c1:b3:7e:12:f9:4a:5f:26:bb:62:63:90:18:f1:09:76:f8:8f:
a6:da:6f:76:ff:12:b6:a5:91:a6:92:e7:95:85:f7:48:fb:87:
99:c2:9f:17:1f:c3:a2:1a:ef:ff:00:0a:d6:69:24:9b:76:cd:
be:d8:7f:4e:2e:43:4c:36:8c:43:3d:4a:38:b2:08:7b:e5:b7:
b2:bb:5a:51:69:00:80:d9:64:ec:d2:a3:e6:7b:aa:cb:c9:fa:
5e:43:a9:ba:43:be:f3:9a:14:39:43:e1:75:f5:a6:e0:78:4e:
4c:a7:96:47:b0:90:ab:eb:35:a2:7d:77:fe:52:c7:97:b9:52:
0c:1a:40:3e:78:ab:6c:d3:1d:70:1c:67:75:04:6c:c6:d5:ae:
2b:33:4c:d5:09:65:2c:0b:f2:2e:90:4c:73:df:87:88:34:2e:
86:ec:9e:5e:a0:2a:95:ee:8b:c2:6b:5b:2b:81:cf:08:48:63:
4f:a7:bc:73:79:3b:cd:8f:3e:fc:0c:e6:01:2a:7e:91:16:5e:
e3:4c:6e:39:ed:25:ec:7d:fe:ac:29:12:b1:aa:7c:52:0a:c4:
63:41:fa:18:f0:60:79:18:19:c5:f6:35:97:13:90:9e:d1:cb:
33:6d:6f:c0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUF7ce23hs0VfLEtv1q0LuuS4mIfYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTJmNDlkZTg2ODRmMTI4N2Y0ZjZjYjE4NWQ1Y2Y3ZGU4
MGM5MGI5NDAeFw0yNTA0MjIwNjUyMjNaFw0yNjA0MjEwNjU3MjNaMDMxMTAvBgNV
BAMTKDAxRkY4Qzc2MzMzQjA2QjYzNjE4Mzg4RDlBMzY0MUM2RDNGNTE4RDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWjN9Vc/5n4PYQrUZAkRa14FsE
IalVIyKI+fIipQn7/27xaTGGIrjl7pHDb7CkHEpvN2H6vTWzRlBbWmH+OXTgKDhK
f1VhjeMVa2rkJ0TmzMaQU0+yK+bFzKy5Tqy91M0ZNT4CNQCpnyIQgtaof3zhbC4E
uOEP53e5TuHROHFoLVGDleujbMscFxker9Mqx1FCpjGXy/hyu54n6BO6c4eRkM9m
juZ27N4+sMQWUPCoYat59ywAm+tLpyVYU4r+pgnE9qhwQWVE8eatQ3muYb+87RJH
L/zMC3DuzklsWXUi5JuQgYiNDbEehbdhB7ArWW+EpK0362tIKH+SZvj7fTQRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUAf+MdjM7BrY2GDiNmjZBxtP1GNIwHwYDVR0j
BBgwFoAUkvSd6GhPEof09ssYXVz33oDJC5QwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjA5MjMzODktMmJkZS00M2UwLWIwZDUtZmMyNDRhNjMw
M2QwLzAvOTJGNDlERTg2ODRGMTI4N0Y0RjZDQjE4NUQ1Q0Y3REU4MEM5MEI5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2t2U2Q2R2hQRW9mMDlzc1lYVnozM29E
SkM1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjA5MjMzODkt
MmJkZS00M2UwLWIwZDUtZmMyNDRhNjMwM2QwLzAvMzQzNTJlMzEzMzM5MmUzMTM5
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzNDM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAti8YwDQYJKoZIhvcNAQELBQADggEBAEegfxL2IjmAAKf8F478pByNxsGzfhL5
Sl8mu2JjkBjxCXb4j6bab3b/EralkaaS55WF90j7h5nCnxcfw6Ia7/8ACtZpJJt2
zb7Yf04uQ0w2jEM9SjiyCHvlt7K7WlFpAIDZZOzSo+Z7qsvJ+l5DqbpDvvOaFDlD
4XX1puB4TkynlkewkKvrNaJ9d/5Sx5e5UgwaQD54q2zTHXAcZ3UEbMbVriszTNUJ
ZSwL8i6QTHPfh4g0Lobsnl6gKpXui8JrWyuBzwhIY0+nvHN5O82PPvwM5gEqfpEW
XuNMbjntJex9/qwpErGqfFIKxGNB+hjwYHkYGcX2NZcTkJ7RyzNtb8A=
-----END CERTIFICATE-----
Generated at Wed May 14 11:23:06 2025 by rpki-client