Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3135392e3232382e302f32332d3332203d3e203531313637.roa
File: 34352e3135392e3232382e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: 1scB5+RxIV/dD/GrxCi4YmWv4/pLsvNvZ4sNpOx54uk=
Subject key identifier: EF:79:BB:11:88:61:A3:31:87:AA:60:2B:14:E7:6F:F4:81:BF:47:B5
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 5B600DFA47057BE1B950931EC09CC88C1CFA6A57
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3135392e3232382e302f32332d3332203d3e203531313637.roa
Signing time: Wed 23 Apr 2025 13:46:08 +0000
ROA not before: Wed 23 Apr 2025 13:41:08 +0000
ROA not after: Wed 22 Apr 2026 13:46:08 +0000
asID: 51167
IP address blocks: 45.159.228.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 08:04:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:60:0d:fa:47:05:7b:e1:b9:50:93:1e:c0:9c:c8:8c:1c:fa:6a:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Apr 23 13:41:08 2025 GMT
Not After : Apr 22 13:46:08 2026 GMT
Subject: CN=EF79BB118861A33187AA602B14E76FF481BF47B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c5:3d:12:ca:8f:53:69:7e:1b:e9:08:ff:25:
4f:13:4a:67:5b:86:7b:da:c9:83:df:6c:09:72:05:
85:db:14:34:11:5a:e5:dc:41:0f:c3:2e:2e:cf:23:
fc:75:8f:a8:d0:41:01:f2:57:8d:88:88:12:25:74:
54:73:c8:0c:ab:4d:be:93:22:2b:f4:78:61:8a:5d:
c7:7e:63:67:30:e0:ba:e2:dc:64:e7:8b:48:1f:ed:
bf:38:cb:68:00:c4:30:7e:92:e5:a0:c7:09:72:5e:
a8:28:32:49:79:e4:2f:af:87:2d:bc:e5:55:3f:dd:
44:b5:5a:52:b5:26:47:95:bc:8a:c4:34:91:a1:e5:
30:05:cf:49:50:47:9c:56:be:97:e6:d4:ee:8b:2d:
be:85:20:8f:c1:4c:27:13:77:aa:5f:19:a8:a7:38:
c7:e1:fb:9c:0c:34:b9:71:30:d0:4c:cb:8c:6b:2a:
8f:d7:ab:c6:38:df:be:56:e9:3c:2f:12:fb:24:31:
a4:21:69:1e:f0:05:41:9e:c1:8d:a5:16:fc:5e:6c:
89:97:be:f4:3c:b1:e1:f8:d3:1c:03:92:98:f9:c4:
fe:45:9c:84:a0:ab:88:dd:f0:d1:82:03:1b:2d:62:
45:75:2b:9d:3e:ce:ea:d5:34:17:0e:72:03:1b:52:
2a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:79:BB:11:88:61:A3:31:87:AA:60:2B:14:E7:6F:F4:81:BF:47:B5
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3135392e3232382e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.228.0/23
Signature Algorithm: sha256WithRSAEncryption
63:95:6c:19:f3:db:df:80:6f:fb:0c:99:8d:20:e5:d1:ff:e9:
aa:81:13:ea:b5:b5:29:dd:8f:d2:66:08:c5:2b:d8:60:43:98:
57:57:89:3c:eb:05:73:9a:8a:66:52:bf:4e:13:14:0c:30:b3:
8c:73:6a:01:5f:d0:62:46:96:e9:dc:6b:62:01:80:a1:22:d7:
d3:54:0d:cb:de:be:d1:d7:7c:ff:14:57:e5:09:0a:48:d3:3a:
47:25:ab:1b:e1:ce:a0:6b:dc:01:9c:58:92:7a:c9:c2:8e:a5:
f3:97:14:03:a0:bb:eb:1b:0d:22:96:0e:ab:10:b1:a6:8d:59:
4c:aa:1e:67:ad:2e:60:96:ac:32:79:fd:9b:22:8c:2d:02:17:
6d:5d:bc:15:4f:b7:83:a5:64:15:9e:3f:fe:50:17:90:0e:5f:
f7:9b:9a:97:ff:b0:5b:9b:4f:5d:7a:df:a8:0d:ba:3e:6a:96:
a2:db:76:bd:e1:01:f1:20:bf:e0:6d:a2:2f:20:e7:b5:bd:9f:
31:3d:86:c7:33:fb:f3:0c:7f:c1:13:3b:24:af:60:4a:eb:c6:
c5:2c:81:88:17:d1:08:5d:39:cd:64:b6:77:e5:bc:3a:bf:dc:
09:14:35:a7:ef:aa:ef:c3:b6:08:84:e9:12:87:ff:0f:ec:2a:
6e:7c:97:b8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUW2AN+kcFe+G5UJMewJzIjBz6alcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTA0MjMxMzQxMDhaFw0yNjA0MjIxMzQ2MDhaMDMxMTAvBgNV
BAMTKEVGNzlCQjExODg2MUEzMzE4N0FBNjAyQjE0RTc2RkY0ODFCRjQ3QjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGxT0Syo9TaX4b6Qj/JU8TSmdb
hnvayYPfbAlyBYXbFDQRWuXcQQ/DLi7PI/x1j6jQQQHyV42IiBIldFRzyAyrTb6T
Iiv0eGGKXcd+Y2cw4Lri3GTni0gf7b84y2gAxDB+kuWgxwlyXqgoMkl55C+vhy28
5VU/3US1WlK1JkeVvIrENJGh5TAFz0lQR5xWvpfm1O6LLb6FII/BTCcTd6pfGain
OMfh+5wMNLlxMNBMy4xrKo/Xq8Y4375W6TwvEvskMaQhaR7wBUGewY2lFvxebImX
vvQ8seH40xwDkpj5xP5FnISgq4jd8NGCAxstYkV1K50+zurVNBcOcgMbUiqnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU73m7EYhhozGHqmArFOdv9IG/R7UwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNTM5MmUzMjMy
MzgyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
LZ/kMA0GCSqGSIb3DQEBCwUAA4IBAQBjlWwZ89vfgG/7DJmNIOXR/+mqgRPqtbUp
3Y/SZgjFK9hgQ5hXV4k86wVzmopmUr9OExQMMLOMc2oBX9BiRpbp3GtiAYChItfT
VA3L3r7R13z/FFflCQpI0zpHJasb4c6ga9wBnFiSesnCjqXzlxQDoLvrGw0ilg6r
ELGmjVlMqh5nrS5glqwyef2bIowtAhdtXbwVT7eDpWQVnj/+UBeQDl/3m5qX/7Bb
m09det+oDbo+apai23a94QHxIL/gbaIvIOe1vZ8xPYbHM/vzDH/BEzskr2BK68bF
LIGIF9EIXTnNZLZ35bw6v9wJFDWn76rvw7YIhOkSh/8P7CpufJe4
-----END CERTIFICATE-----
Generated at Thu May 8 18:56:16 2025 by rpki-client