Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/34352e3134332e3134382e302f32322d3232203d3e203630343538.roa
File: 34352e3134332e3134382e302f32322d3232203d3e203630343538.roa (raw, json)
Hash identifier: Sww7+LIBcy25xOjBNTHS8houn90nQJV29QTFkg33x0A=
Subject key identifier: 02:F4:6F:EC:06:1B:0E:0A:1F:01:B5:05:81:23:AB:10:5F:A3:A6:B0
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 1462174E363DF641FFAFE5D0760D865789CAC219
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/34352e3134332e3134382e302f32322d3232203d3e203630343538.roa
Signing time: Mon 05 May 2025 06:54:06 +0000
ROA not before: Mon 05 May 2025 06:49:06 +0000
ROA not after: Mon 04 May 2026 06:54:06 +0000
asID: 60458
IP address blocks: 45.143.148.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 07:49:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:62:17:4e:36:3d:f6:41:ff:af:e5:d0:76:0d:86:57:89:ca:c2:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: May 5 06:49:06 2025 GMT
Not After : May 4 06:54:06 2026 GMT
Subject: CN=02F46FEC061B0E0A1F01B5058123AB105FA3A6B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:93:8e:5c:21:61:b5:6a:b6:43:34:3e:03:0a:
35:f9:23:a1:6a:8a:81:63:64:b6:cf:48:e7:b1:45:
d2:04:44:c8:c4:1c:13:ef:b7:cf:2f:04:c3:37:ba:
70:cd:93:b8:bd:3f:1f:a2:78:a4:51:72:34:e5:20:
e3:24:3a:3c:e3:1c:f3:9a:23:ef:ae:37:c2:79:c8:
4c:e3:74:fa:f0:90:60:18:38:91:a7:63:2d:44:f1:
f1:94:ec:50:9e:e0:cb:48:ab:5a:25:06:8d:b7:1a:
c8:20:1a:60:fd:bc:f0:21:b4:f1:3d:ad:76:5e:90:
02:bb:f8:43:0d:e0:85:7a:29:e0:e0:e9:eb:5d:95:
c7:07:c8:ad:26:09:e4:64:5e:d3:b0:ad:5b:ef:13:
06:28:67:2e:fe:ff:82:8a:43:60:e4:9b:10:d7:2f:
0b:2d:1b:16:45:a3:95:f7:62:2d:fb:4c:36:5a:fb:
02:02:c9:c1:40:d5:af:68:a4:e4:ac:54:4f:1c:58:
89:8e:d1:72:ae:8b:81:1c:28:60:27:bc:06:2d:5a:
69:41:f8:93:53:78:1d:71:4e:2b:86:cf:86:c0:e0:
3b:9c:6d:c6:d3:39:60:4f:1e:c5:a9:cd:13:79:87:
24:54:75:d4:84:74:61:17:89:22:3a:53:b5:3c:8f:
78:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:F4:6F:EC:06:1B:0E:0A:1F:01:B5:05:81:23:AB:10:5F:A3:A6:B0
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/34352e3134332e3134382e302f32322d3232203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.148.0/22
Signature Algorithm: sha256WithRSAEncryption
db:a2:8e:f3:01:44:97:bb:10:84:99:91:97:ae:12:a3:18:de:
1d:f1:2e:19:89:ba:ef:36:d6:31:4a:b2:f0:75:ec:8b:4e:b8:
03:85:fa:11:4b:01:e1:80:3a:f0:9f:f9:29:84:b2:12:48:54:
ac:72:9b:d8:5c:d1:8c:39:82:42:58:39:40:48:b3:87:c0:7b:
1a:6a:b4:ae:eb:83:ee:e0:5e:64:06:de:d2:f3:76:ca:cc:a9:
cf:4c:df:27:e6:3a:97:a0:52:92:9b:de:a7:40:80:32:1f:9e:
1b:c9:ff:4e:2b:e9:d1:72:74:e4:f0:b0:f5:3b:10:92:85:41:
80:24:28:4b:50:60:da:ae:26:82:2e:57:1c:8a:1a:bc:0b:d8:
15:04:36:6f:d8:52:03:1e:18:c8:8f:c8:04:7c:4e:53:cd:43:
30:60:6b:d6:ff:c4:c9:90:09:b9:c9:f1:54:4e:a9:46:9e:e8:
4a:83:18:78:67:2c:04:0c:85:8a:54:f0:b7:9f:69:47:16:4a:
25:7e:41:58:38:3f:9b:53:0a:1a:ec:aa:46:5c:5e:ba:5b:49:
e2:b9:ea:65:d4:fd:3d:54:1a:1a:26:95:5d:c0:d4:c5:c1:48:
57:6f:e2:36:58:06:e0:30:89:6b:6f:81:7d:00:0d:aa:bd:dd:
a2:c2:d2:8b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFGIXTjY99kH/r+XQdg2GV4nKwhkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTA1MDUwNjQ5MDZaFw0yNjA1MDQwNjU0MDZaMDMxMTAvBgNV
BAMTKDAyRjQ2RkVDMDYxQjBFMEExRjAxQjUwNTgxMjNBQjEwNUZBM0E2QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1k45cIWG1arZDND4DCjX5I6Fq
ioFjZLbPSOexRdIERMjEHBPvt88vBMM3unDNk7i9Px+ieKRRcjTlIOMkOjzjHPOa
I++uN8J5yEzjdPrwkGAYOJGnYy1E8fGU7FCe4MtIq1olBo23GsggGmD9vPAhtPE9
rXZekAK7+EMN4IV6KeDg6etdlccHyK0mCeRkXtOwrVvvEwYoZy7+/4KKQ2DkmxDX
LwstGxZFo5X3Yi37TDZa+wICycFA1a9opOSsVE8cWImO0XKui4EcKGAnvAYtWmlB
+JNTeB1xTiuGz4bA4DucbcbTOWBPHsWpzRN5hyRUddSEdGEXiSI6U7U8j3gRAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUAvRv7AYbDgofAbUFgSOrEF+jprAwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzQzNTJlMzEzNDMzMmUzMTM0
MzgyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
LY+UMA0GCSqGSIb3DQEBCwUAA4IBAQDboo7zAUSXuxCEmZGXrhKjGN4d8S4Zibrv
NtYxSrLwdeyLTrgDhfoRSwHhgDrwn/kphLISSFSscpvYXNGMOYJCWDlASLOHwHsa
arSu64Pu4F5kBt7S83bKzKnPTN8n5jqXoFKSm96nQIAyH54byf9OK+nRcnTk8LD1
OxCShUGAJChLUGDariaCLlccihq8C9gVBDZv2FIDHhjIj8gEfE5TzUMwYGvW/8TJ
kAm5yfFUTqlGnuhKgxh4ZywEDIWKVPC3n2lHFkolfkFYOD+bUwoa7KpGXF66W0ni
uepl1P09VBoaJpVdwNTFwUhXb+I2WAbgMIlrb4F9AA2qvd2iwtKL
-----END CERTIFICATE-----
Generated at Mon May 5 13:17:08 2025 by rpki-client