Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/34352e3134392e3135342e302f32342d3234203d3e203138383131.roa
File: 34352e3134392e3135342e302f32342d3234203d3e203138383131.roa (raw, json)
Hash identifier: 4uff0q80448WswwoPJbFY3idRfw+pxcMp30vGLvVGdk=
Subject key identifier: B1:B3:ED:47:23:63:F1:FF:6E:C8:2F:56:B2:77:41:4F:4C:61:8E:15
Certificate issuer: /CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Certificate serial: 101361798A3FA89F688BE8369709E8374C4951E7
Authority key identifier: E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/34352e3134392e3135342e302f32342d3234203d3e203138383131.roa
Signing time: Fri 20 Jun 2025 09:35:12 +0000
ROA not before: Fri 20 Jun 2025 09:30:12 +0000
ROA not after: Fri 19 Jun 2026 09:35:12 +0000
asID: 18811
IP address blocks: 45.149.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 19:15:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:13:61:79:8a:3f:a8:9f:68:8b:e8:36:97:09:e8:37:4c:49:51:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Validity
Not Before: Jun 20 09:30:12 2025 GMT
Not After : Jun 19 09:35:12 2026 GMT
Subject: CN=B1B3ED472363F1FF6EC82F56B277414F4C618E15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9d:05:9f:6a:ba:b0:bb:7d:4d:67:8b:75:e4:
28:f9:98:b5:c2:6c:07:e2:3c:86:af:4f:fb:19:9a:
53:fd:05:3c:f1:b7:b6:fd:bd:2b:bf:e7:69:6c:9a:
41:f9:39:6e:52:b6:c2:b7:e7:74:ba:7e:ce:32:8e:
1a:8b:2f:8a:94:95:c6:9c:0b:e1:47:b5:bb:1e:de:
c9:e8:79:67:c0:32:ed:0b:7a:20:29:bc:fd:23:3d:
af:82:d1:1c:68:d1:be:fd:f1:69:16:32:e1:e8:25:
05:80:b2:ea:1e:79:b1:23:a7:24:4e:ca:ce:c2:77:
31:9d:98:6d:c2:89:b0:f2:56:e1:6c:fc:67:a1:26:
76:f9:61:da:d7:c0:4d:36:ff:60:5f:92:af:be:a5:
81:4c:9d:e0:01:98:3c:c5:ff:38:96:bf:16:73:e5:
e4:d4:39:37:d4:be:fe:54:5b:f6:ee:23:c8:4b:fb:
60:bf:b6:f9:74:db:73:34:1c:45:75:57:ec:51:9e:
29:6a:0d:5d:df:ee:78:df:be:d8:95:08:c1:2c:bc:
05:be:df:ac:81:da:38:a6:c5:e0:47:11:26:52:64:
54:26:bb:8f:66:cc:65:f9:de:59:92:37:b6:4b:66:
83:50:7e:6b:99:a7:3a:6d:9d:09:42:bf:41:58:03:
1c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:B3:ED:47:23:63:F1:FF:6E:C8:2F:56:B2:77:41:4F:4C:61:8E:15
X509v3 Authority Key Identifier:
keyid:E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/34352e3134392e3135342e302f32342d3234203d3e203138383131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.154.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:6d:a1:c5:ff:9e:e2:80:70:69:f1:62:22:28:c3:cd:ce:01:
60:6b:8d:8d:81:72:13:bd:16:40:6e:4c:f8:39:32:de:58:67:
42:50:d9:dd:fd:55:ea:32:a5:d1:a1:3b:6e:4e:50:b8:a8:21:
5d:35:59:fb:57:8c:e8:1a:86:99:66:19:6a:bd:d3:90:dc:3c:
0a:49:6f:cc:03:76:6a:43:22:93:0b:d4:94:d1:2c:68:35:84:
c8:d9:fd:08:f9:41:14:7f:98:9d:90:96:00:3a:e8:b3:d6:73:
81:c6:e5:6c:07:cc:43:6b:cc:0d:a8:e0:aa:4d:90:2b:60:03:
76:01:38:74:49:60:d0:85:1e:f6:78:8b:f2:4c:03:05:3b:45:
73:16:e1:94:20:7c:9d:c4:38:8c:cd:36:45:69:e7:fd:b2:d4:
a6:a8:4d:7f:7c:bf:0a:2a:d5:92:d0:3e:1d:31:34:46:c5:71:
58:fd:25:80:20:d0:9b:98:28:48:40:7a:04:f6:78:78:bd:81:
fe:78:85:37:47:1b:21:1a:56:38:9f:72:06:62:bc:f0:c0:53:
46:1a:2b:c7:a4:b1:50:6e:a4:d3:54:4a:49:f7:41:fa:fe:3b:
16:df:0a:f9:c7:45:3f:25:54:70:96:7a:ea:f6:d1:5d:b0:15:
35:45:bf:cd
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEBNheYo/qJ9oi+g2lwnoN0xJUecwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTFmMzUxMmY1MWRjNDJiYjllYjEyYWJjMGJiNTI5NjY4
YjJlZGVlNDAeFw0yNTA2MjAwOTMwMTJaFw0yNjA2MTkwOTM1MTJaMDMxMTAvBgNV
BAMTKEIxQjNFRDQ3MjM2M0YxRkY2RUM4MkY1NkIyNzc0MTRGNEM2MThFMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBnQWfarqwu31NZ4t15Cj5mLXC
bAfiPIavT/sZmlP9BTzxt7b9vSu/52lsmkH5OW5StsK353S6fs4yjhqLL4qUlcac
C+FHtbse3snoeWfAMu0LeiApvP0jPa+C0Rxo0b798WkWMuHoJQWAsuoeebEjpyRO
ys7CdzGdmG3CibDyVuFs/GehJnb5YdrXwE02/2Bfkq++pYFMneABmDzF/ziWvxZz
5eTUOTfUvv5UW/buI8hL+2C/tvl023M0HEV1V+xRnilqDV3f7njfvtiVCMEsvAW+
36yB2jimxeBHESZSZFQmu49mzGX53lmSN7ZLZoNQfmuZpzptnQlCv0FYAxzDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUsbPtRyNj8f9uyC9WsndBT0xhjhUwHwYDVR0j
BBgwFoAU4fNRL1HcQruesSq8C7UpZosu3uQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgtZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3
OWE3LzAvRTFGMzUxMkY1MURDNDJCQjlFQjEyQUJDMEJCNTI5NjY4QjJFREVFNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmTlJMMUhjUXJ1ZXNTcThDN1VwWm9z
dTN1US5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgt
ZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3OWE3LzAvMzQzNTJlMzEzNDM5MmUzMTM1
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM4MzgzMTMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZWaMA0GCSqGSIb3DQEBCwUAA4IBAQAObaHF/57igHBp8WIiKMPNzgFga42NgXIT
vRZAbkz4OTLeWGdCUNnd/VXqMqXRoTtuTlC4qCFdNVn7V4zoGoaZZhlqvdOQ3DwK
SW/MA3ZqQyKTC9SU0SxoNYTI2f0I+UEUf5idkJYAOuiz1nOBxuVsB8xDa8wNqOCq
TZArYAN2ATh0SWDQhR72eIvyTAMFO0VzFuGUIHydxDiMzTZFaef9stSmqE1/fL8K
KtWS0D4dMTRGxXFY/SWAINCbmChIQHoE9nh4vYH+eIU3RxshGlY4n3IGYrzwwFNG
GivHpLFQbqTTVEpJ90H6/jsW3wr5x0U/JVRwlnrq9tFdsBU1Rb/N
-----END CERTIFICATE-----
Generated at Tue Jul 1 06:08:33 2025 by rpki-client