Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS34927.roa
File: AS34927.roa (raw, json)
Hash identifier: d5pSQAD5Yr7TYezeGWCAC/MpbAnJUPajcz4COPXxPcE=
Subject key identifier: E8:34:52:AA:75:D6:CF:11:17:78:56:48:FB:35:3B:F7:39:3C:04:3B
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2BEF7F95812187CAD7AF5751578C8CFDC97E46F8
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS34927.roa
Signing time: Thu 26 Jun 2025 03:42:22 +0000
ROA not before: Thu 26 Jun 2025 03:37:22 +0000
ROA not after: Thu 25 Jun 2026 03:42:22 +0000
asID: 34927
IP address blocks: 82.22.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:ef:7f:95:81:21:87:ca:d7:af:57:51:57:8c:8c:fd:c9:7e:46:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 26 03:37:22 2025 GMT
Not After : Jun 25 03:42:22 2026 GMT
Subject: CN=E83452AA75D6CF1117785648FB353BF7393C043B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:55:e8:0b:90:72:d2:0a:b9:3e:9e:51:2c:31:
7a:96:cd:f2:06:c8:58:d2:17:0d:9d:db:28:9d:b0:
fb:be:a2:65:aa:49:05:2b:3a:76:be:da:0e:9d:59:
e9:e9:99:45:3b:f0:41:2d:4b:0d:6d:fb:f4:ba:f8:
bd:3d:4c:4c:e0:d8:fe:81:d2:40:aa:58:6f:a1:5d:
1b:26:fc:96:1d:c5:5a:84:a6:b3:bd:38:34:13:69:
1b:cd:2a:89:6d:d3:f9:a8:8a:17:c2:00:d4:2a:46:
ed:39:56:0f:e7:51:12:5f:99:f2:35:7b:f5:fa:ed:
a0:21:b0:ec:6f:35:59:74:ea:b0:10:19:de:0a:52:
e0:72:ec:83:5c:10:2f:18:f3:d9:35:6a:57:f9:2b:
7a:86:f9:86:5f:b6:a7:36:aa:90:4f:3b:e6:2d:62:
28:3c:43:19:36:f0:f3:6c:46:fa:83:2b:37:b5:66:
21:7e:88:b0:f1:c6:82:51:3d:c3:31:30:33:bf:2c:
0a:b1:e6:42:0b:4a:81:5b:10:70:13:a6:23:65:c1:
57:4d:35:97:9d:13:6c:7f:d4:27:56:e9:38:d7:4a:
39:5a:3c:15:e8:93:b9:7b:0d:b5:c0:79:1e:e8:29:
37:28:62:26:54:64:65:fd:26:c7:57:d0:36:f0:80:
d0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:34:52:AA:75:D6:CF:11:17:78:56:48:FB:35:3B:F7:39:3C:04:3B
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS34927.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.99.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:30:3f:7f:89:6b:c9:36:03:1c:b5:1d:af:31:88:f5:b8:79:
d9:75:73:e6:b8:61:fc:9f:ba:76:07:2b:e1:b8:53:70:41:88:
be:b6:c0:09:17:c1:90:af:08:68:b9:9a:ce:e3:c0:d6:49:cf:
9e:76:69:8a:85:92:2b:46:b3:84:f4:1e:f9:b8:c2:c7:9c:c0:
bb:41:ca:6b:1f:37:b0:c1:5a:97:7d:06:64:1c:5f:84:9d:a9:
08:f6:87:9d:1b:c5:d4:6c:c4:bb:79:55:a7:58:ee:c8:2a:b0:
2d:f0:f9:85:10:7a:7c:ec:1c:fb:8f:41:31:40:f7:77:fe:fc:
de:2c:a9:ec:d6:25:51:19:77:cc:a4:94:d2:1a:ac:9a:c4:56:
50:54:59:39:fc:fc:f2:14:9c:26:34:37:17:07:70:3e:8c:15:
18:2d:fd:3f:14:92:a1:7b:fd:c8:fe:de:54:c6:16:2d:8b:63:
3d:e6:4d:ed:ff:09:fa:49:29:08:08:6f:f0:f7:b3:0a:bd:dc:
0c:19:58:26:1b:a3:79:8a:69:9d:0a:51:9d:1b:47:74:20:77:
26:08:a0:be:32:24:33:5d:18:04:7c:92:82:ca:4d:ad:1f:73:
f0:db:ab:43:4f:f2:96:01:d9:38:33:31:94:90:79:95:2c:0e:
b5:5b:1e:f0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUK+9/lYEhh8rXr1dRV4yM/cl+RvgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MjYwMzM3MjJaFw0yNjA2MjUwMzQyMjJaMDMxMTAvBgNV
BAMTKEU4MzQ1MkFBNzVENkNGMTExNzc4NTY0OEZCMzUzQkY3MzkzQzA0M0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCGVegLkHLSCrk+nlEsMXqWzfIG
yFjSFw2d2yidsPu+omWqSQUrOna+2g6dWenpmUU78EEtSw1t+/S6+L09TEzg2P6B
0kCqWG+hXRsm/JYdxVqEprO9ODQTaRvNKolt0/moihfCANQqRu05Vg/nURJfmfI1
e/X67aAhsOxvNVl06rAQGd4KUuBy7INcEC8Y89k1alf5K3qG+YZftqc2qpBPO+Yt
Yig8Qxk28PNsRvqDKze1ZiF+iLDxxoJRPcMxMDO/LAqx5kILSoFbEHATpiNlwVdN
NZedE2x/1CdW6TjXSjlaPBXok7l7DbXAeR7oKTcoYiZUZGX9JsdX0DbwgNBDAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU6DRSqnXWzxEXeFZI+zU79zk8BDswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzQ5Mjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSFmMw
DQYJKoZIhvcNAQELBQADggEBAB4wP3+Ja8k2Axy1Ha8xiPW4edl1c+a4YfyfunYH
K+G4U3BBiL62wAkXwZCvCGi5ms7jwNZJz552aYqFkitGs4T0Hvm4wsecwLtBymsf
N7DBWpd9BmQcX4SdqQj2h50bxdRsxLt5VadY7sgqsC3w+YUQenzsHPuPQTFA93f+
/N4sqezWJVEZd8yklNIarJrEVlBUWTn8/PIUnCY0NxcHcD6MFRgt/T8UkqF7/cj+
3lTGFi2LYz3mTe3/CfpJKQgIb/D3swq93AwZWCYbo3mKaZ0KUZ0bR3QgdyYIoL4y
JDNdGAR8koLKTa0fc/Dbq0NP8pYB2TgzMZSQeZUsDrVbHvA=
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:48:34 2025 by rpki-client