Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/34352e3135312e3139322e302f32322d3232203d3e203630343538.roa
File: 34352e3135312e3139322e302f32322d3232203d3e203630343538.roa (raw, json)
Hash identifier: MsQjsESlTuEcbjS9mONurH+MDUvuc4E1Aq8WiShITro=
Subject key identifier: D3:61:AC:4E:85:E8:7D:79:EC:2C:A8:AB:47:32:A1:F9:0C:B4:A0:6E
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 3DABC925A85F8E8D23710F1D10079A5A54A8908E
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/34352e3135312e3139322e302f32322d3232203d3e203630343538.roa
Signing time: Mon 05 May 2025 06:54:05 +0000
ROA not before: Mon 05 May 2025 06:49:05 +0000
ROA not after: Mon 04 May 2026 06:54:05 +0000
asID: 60458
IP address blocks: 45.151.192.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 14:42:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:ab:c9:25:a8:5f:8e:8d:23:71:0f:1d:10:07:9a:5a:54:a8:90:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: May 5 06:49:05 2025 GMT
Not After : May 4 06:54:05 2026 GMT
Subject: CN=D361AC4E85E87D79EC2CA8AB4732A1F90CB4A06E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:12:bd:2a:66:99:ad:9f:b8:6e:81:6a:05:d2:
e7:f6:fa:39:27:0b:ca:06:c8:8d:15:06:4f:31:73:
d0:bc:4a:5b:f5:a7:84:eb:81:b2:46:97:5a:64:3a:
0b:82:14:df:fd:0f:6c:b9:7c:85:cc:7b:0f:41:d7:
33:96:dc:d4:d0:98:fe:96:70:ad:d7:d3:30:40:43:
a1:33:95:35:b1:e7:00:81:0a:c4:b6:f1:3a:b7:95:
19:6a:26:ff:c8:22:57:d1:eb:6a:99:6f:99:74:8e:
50:8d:f5:e5:2d:9d:0e:3d:0a:f7:95:da:a2:4d:20:
e9:21:9d:77:fd:54:23:ec:e0:01:1b:89:5a:b7:30:
b6:6c:37:3a:fb:c3:85:63:25:49:e0:22:a6:cd:a7:
7d:db:72:ba:b3:65:7d:c7:3c:42:5c:c3:9f:7f:f1:
5d:83:8c:89:0a:48:87:78:9a:6c:83:c2:3f:62:55:
be:64:0e:df:5d:11:b4:88:6c:95:48:46:4f:e4:be:
3a:61:17:8b:52:16:04:ed:63:37:88:00:c1:db:a1:
fa:ae:a3:72:db:6b:ab:b2:54:70:13:29:95:1c:b2:
48:ac:c8:bd:b1:e9:8d:db:de:cc:4f:15:45:ea:c4:
69:e7:be:4e:f6:59:eb:b7:54:71:c5:99:59:a2:51:
c6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:61:AC:4E:85:E8:7D:79:EC:2C:A8:AB:47:32:A1:F9:0C:B4:A0:6E
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/34352e3135312e3139322e302f32322d3232203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.192.0/22
Signature Algorithm: sha256WithRSAEncryption
ce:9a:bf:f7:73:4b:a3:69:56:a2:8e:d5:ea:53:db:0d:cb:0c:
75:48:d7:a7:ed:b7:cc:79:74:b0:fd:8c:cb:2b:21:ff:c9:29:
d7:c8:3c:c2:74:24:d6:55:aa:82:58:b0:3b:6a:c5:eb:d8:eb:
52:01:41:d5:e9:e7:40:8d:eb:f7:31:f6:59:b7:f5:44:e0:aa:
b5:6f:b7:c6:4e:5c:9d:bf:70:e5:12:0a:a2:46:f1:e8:e5:60:
49:1d:a1:35:09:c9:c3:ea:ba:23:53:a8:f7:53:5e:64:52:b3:
de:24:2c:b1:9e:b0:43:2a:75:4f:fb:a1:45:b8:26:05:fe:ad:
8b:98:c3:59:31:a1:70:44:d5:7d:f5:ce:b8:84:62:6d:81:b3:
82:1e:06:1c:0f:8e:11:d6:ff:8a:83:ab:a3:51:29:8b:e7:21:
36:ac:19:37:48:08:e0:66:de:b1:0b:8e:f9:32:d9:04:e2:fb:
74:68:8c:07:60:97:8b:82:33:dd:73:54:6d:09:7e:aa:24:8b:
cf:06:3a:d2:49:2f:54:f0:52:36:af:4a:dd:13:31:fc:1a:4a:
1f:c0:2d:c0:fe:1e:b5:02:e2:b9:b6:6c:d0:ff:33:13:0d:29:
7a:92:7c:51:8c:d8:9a:a3:5d:5c:dc:c7:a3:8c:5c:74:0d:2b:
64:0c:d2:45
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPavJJahfjo0jcQ8dEAeaWlSokI4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTA1MDUwNjQ5MDVaFw0yNjA1MDQwNjU0MDVaMDMxMTAvBgNV
BAMTKEQzNjFBQzRFODVFODdENzlFQzJDQThBQjQ3MzJBMUY5MENCNEEwNkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcEr0qZpmtn7hugWoF0uf2+jkn
C8oGyI0VBk8xc9C8Slv1p4TrgbJGl1pkOguCFN/9D2y5fIXMew9B1zOW3NTQmP6W
cK3X0zBAQ6EzlTWx5wCBCsS28Tq3lRlqJv/IIlfR62qZb5l0jlCN9eUtnQ49CveV
2qJNIOkhnXf9VCPs4AEbiVq3MLZsNzr7w4VjJUngIqbNp33bcrqzZX3HPEJcw59/
8V2DjIkKSId4mmyDwj9iVb5kDt9dEbSIbJVIRk/kvjphF4tSFgTtYzeIAMHbofqu
o3Lba6uyVHATKZUcskisyL2x6Y3b3sxPFUXqxGnnvk72Weu3VHHFmVmiUcYzAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU02GsToXofXnsLKirRzKh+Qy0oG4wHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzQzNTJlMzEzNTMxMmUzMTM5
MzIyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
LZfAMA0GCSqGSIb3DQEBCwUAA4IBAQDOmr/3c0ujaVaijtXqU9sNywx1SNen7bfM
eXSw/YzLKyH/ySnXyDzCdCTWVaqCWLA7asXr2OtSAUHV6edAjev3MfZZt/VE4Kq1
b7fGTlydv3DlEgqiRvHo5WBJHaE1CcnD6rojU6j3U15kUrPeJCyxnrBDKnVP+6FF
uCYF/q2LmMNZMaFwRNV99c64hGJtgbOCHgYcD44R1v+Kg6ujUSmL5yE2rBk3SAjg
Zt6xC475MtkE4vt0aIwHYJeLgjPdc1RtCX6qJIvPBjrSSS9U8FI2r0rdEzH8Gkof
wC3A/h61AuK5tmzQ/zMTDSl6knxRjNiao11c3MejjFx0DStkDNJF
-----END CERTIFICATE-----
Generated at Tue May 6 03:33:35 2025 by rpki-client