Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130362e302f32342d3234203d3e203230343733.roa
File: 34352e3134362e3130362e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: j1+kXBcGMaP2oFQxgaC+Q0ODPrGAfzaO+vnZvFgUrlo=
Subject key identifier: 11:10:CB:1A:4F:49:0E:85:49:E4:7D:6B:30:16:6F:18:05:73:83:2D
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 21DF388DF88ABF57CC05F6AA1108CD6A3D7DB08C
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130362e302f32342d3234203d3e203230343733.roa
Signing time: Mon 12 May 2025 13:47:07 +0000
ROA not before: Mon 12 May 2025 13:42:07 +0000
ROA not after: Mon 11 May 2026 13:47:07 +0000
asID: 20473
IP address blocks: 45.146.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:df:38:8d:f8:8a:bf:57:cc:05:f6:aa:11:08:cd:6a:3d:7d:b0:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: May 12 13:42:07 2025 GMT
Not After : May 11 13:47:07 2026 GMT
Subject: CN=1110CB1A4F490E8549E47D6B30166F180573832D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b5:ce:49:f9:b0:18:24:ca:d0:2b:ba:6f:dd:
2c:db:ab:ac:37:ef:c8:63:6e:5d:b1:d6:01:46:1a:
36:75:4a:83:c7:6e:dc:59:87:28:16:0d:ae:00:c7:
51:6f:c1:85:55:33:5a:4c:c1:d0:58:be:bd:91:4c:
a1:84:eb:35:40:f6:48:22:85:81:16:99:02:16:20:
bd:d5:2e:44:6c:de:ee:17:2d:a8:54:9a:11:5c:31:
e1:f1:f9:e9:1c:85:05:f3:9c:29:cb:c9:b8:ce:b0:
92:00:8c:3d:bd:cc:f8:77:99:2a:af:be:08:3a:f2:
a9:73:c9:96:12:5e:e7:a5:c0:19:e5:7e:84:32:05:
a8:4b:ae:6e:cf:49:00:9d:ca:d9:60:28:85:36:a0:
8b:da:5f:bf:bf:85:9c:66:1e:9a:00:20:10:40:27:
90:b0:b3:19:58:68:7e:b8:6f:c5:51:9e:fb:f7:01:
7b:93:a2:ae:4e:01:78:2d:13:41:a8:44:b3:ff:96:
9c:83:45:da:00:08:ee:a4:62:3d:d8:76:db:01:49:
9d:04:df:d4:08:ab:7e:d8:57:d1:ca:70:a0:d6:69:
99:b4:7f:4d:db:3a:17:5c:42:05:28:f0:7f:2b:16:
8b:c9:2c:19:c4:61:27:92:f3:52:b4:78:45:55:b5:
01:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:10:CB:1A:4F:49:0E:85:49:E4:7D:6B:30:16:6F:18:05:73:83:2D
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130362e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.106.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:3e:44:1a:64:92:ef:ee:27:46:1a:1c:dd:8f:06:86:aa:95:
08:38:cb:c0:e2:84:fb:bb:e6:db:12:42:c9:5b:80:f2:60:4b:
72:26:e7:dd:67:d1:20:4a:be:71:f1:f1:13:bb:11:15:43:62:
b6:cd:61:60:ba:96:89:7b:67:d6:0b:df:a9:8c:e1:21:c5:27:
0f:77:e6:a1:88:2a:0a:0e:81:70:99:f3:77:cf:ea:af:07:53:
af:74:f2:d4:f0:1d:a8:c6:5b:77:af:f0:f2:a8:51:9e:a2:ec:
70:63:dc:58:99:d9:26:34:86:18:0a:c4:53:d1:0b:a7:11:4e:
ca:6f:f8:8a:9a:dd:7b:fc:30:84:69:df:dc:64:6e:95:1d:8b:
c1:2e:aa:70:ea:bc:71:9b:aa:15:94:bb:f1:80:f1:4c:de:8c:
fa:89:b5:45:d5:62:e0:85:e4:86:53:62:55:3e:a2:41:7c:c7:
67:71:12:4b:c6:60:3a:9f:4e:3c:00:08:ed:45:85:06:b5:07:
d1:2e:49:7b:27:0f:8d:0c:ce:fb:f6:a1:3f:0e:6f:87:b4:86:
88:74:58:46:dc:8c:7c:78:81:3b:ac:01:08:15:13:95:92:f5:
f1:7d:bb:75:06:87:3e:46:76:ff:dc:c6:4d:31:78:35:51:5d:
5a:d0:00:1e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUId84jfiKv1fMBfaqEQjNaj19sIwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTA1MTIxMzQyMDdaFw0yNjA1MTExMzQ3MDdaMDMxMTAvBgNV
BAMTKDExMTBDQjFBNEY0OTBFODU0OUU0N0Q2QjMwMTY2RjE4MDU3MzgzMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDItc5J+bAYJMrQK7pv3Szbq6w3
78hjbl2x1gFGGjZ1SoPHbtxZhygWDa4Ax1FvwYVVM1pMwdBYvr2RTKGE6zVA9kgi
hYEWmQIWIL3VLkRs3u4XLahUmhFcMeHx+ekchQXznCnLybjOsJIAjD29zPh3mSqv
vgg68qlzyZYSXuelwBnlfoQyBahLrm7PSQCdytlgKIU2oIvaX7+/hZxmHpoAIBBA
J5CwsxlYaH64b8VRnvv3AXuToq5OAXgtE0GoRLP/lpyDRdoACO6kYj3YdtsBSZ0E
39QIq37YV9HKcKDWaZm0f03bOhdcQgUo8H8rFovJLBnEYSeS81K0eEVVtQGVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUERDLGk9JDoVJ5H1rMBZvGAVzgy0wHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzEzNDM2MmUzMTMw
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZJqMA0GCSqGSIb3DQEBCwUAA4IBAQDFPkQaZJLv7idGGhzdjwaGqpUIOMvA4oT7
u+bbEkLJW4DyYEtyJufdZ9EgSr5x8fETuxEVQ2K2zWFgupaJe2fWC9+pjOEhxScP
d+ahiCoKDoFwmfN3z+qvB1OvdPLU8B2oxlt3r/DyqFGeouxwY9xYmdkmNIYYCsRT
0QunEU7Kb/iKmt17/DCEad/cZG6VHYvBLqpw6rxxm6oVlLvxgPFM3oz6ibVF1WLg
heSGU2JVPqJBfMdncRJLxmA6n048AAjtRYUGtQfRLkl7Jw+NDM779qE/Dm+HtIaI
dFhG3Ix8eIE7rAEIFROVkvXxfbt1Boc+Rnb/3MZNMXg1UV1a0AAe
-----END CERTIFICATE-----
Generated at Tue Jul 1 18:37:32 2025 by rpki-client