Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133302e3232342e302f32322d3234203d3e20323031333431.roa
File: 34352e3133302e3232342e302f32322d3234203d3e20323031333431.roa (raw, json)
Hash identifier: re2tjP+x9CBh5kHD/pkMsWhm6QAC64mrm4OLS9s/xp0=
Subject key identifier: BC:55:D2:78:F4:63:9A:F5:C3:00:A2:71:97:28:73:A3:D2:07:AE:DB
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6C475D4FA0868E8B29E21418638E9E8A800C8220
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133302e3232342e302f32322d3234203d3e20323031333431.roa
Signing time: Thu 03 Jul 2025 15:46:47 +0000
ROA not before: Thu 03 Jul 2025 15:41:47 +0000
ROA not after: Thu 02 Jul 2026 15:46:47 +0000
asID: 201341
IP address blocks: 45.130.224.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:47:5d:4f:a0:86:8e:8b:29:e2:14:18:63:8e:9e:8a:80:0c:82:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 3 15:41:47 2025 GMT
Not After : Jul 2 15:46:47 2026 GMT
Subject: CN=BC55D278F4639AF5C300A271972873A3D207AEDB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3d:be:12:e7:0e:d4:42:54:97:d2:d7:96:83:
65:5f:27:a0:bf:d2:63:6f:8b:28:8d:cc:3e:ce:2d:
91:dd:32:96:6e:b9:b5:c3:28:82:b9:91:3a:de:cb:
53:57:b5:22:ed:77:88:88:b1:15:04:67:4a:fc:2d:
b6:07:cd:39:2f:b1:72:b2:3b:9c:4c:12:8d:72:08:
24:de:2f:a2:10:03:b4:52:1b:da:9a:89:d8:a9:a3:
fd:9a:83:60:73:2c:26:c7:c0:41:d9:05:12:35:55:
ad:be:8d:ae:36:77:ae:33:33:79:39:ae:b8:f5:3b:
e6:bd:f7:f8:31:f0:c9:61:3a:41:64:14:0e:a8:22:
03:bc:95:e8:44:fa:7e:32:67:68:13:8d:c8:8f:5d:
2b:fe:4a:3a:60:8a:64:34:3a:83:41:82:2c:89:e7:
9e:33:24:df:b4:c7:0e:d0:8c:23:a1:fa:68:b4:2d:
52:6d:f0:9a:8c:b7:04:5a:ad:c7:c6:84:07:b5:fe:
c8:ac:42:34:b0:a8:e2:7c:47:2e:5f:cf:9a:d4:69:
34:96:4f:b9:e0:80:3b:cc:a9:01:21:0f:cf:2b:10:
01:bc:0b:fb:5d:d5:33:9c:49:f3:0e:b6:3f:a7:60:
b7:21:46:cb:d3:8a:35:d9:72:8c:0a:cc:b2:d0:24:
2f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:55:D2:78:F4:63:9A:F5:C3:00:A2:71:97:28:73:A3:D2:07:AE:DB
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133302e3232342e302f32322d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.224.0/22
Signature Algorithm: sha256WithRSAEncryption
41:78:ff:4d:34:a3:12:fd:27:f2:00:62:49:1f:85:a2:8a:1f:
71:e9:a1:e1:8b:30:dc:77:0b:64:e0:6c:6f:df:7c:c8:86:b5:
70:74:d9:93:23:69:26:0b:f4:bb:37:4f:50:fe:11:2d:88:96:
fc:0b:b3:46:ec:ef:0b:97:f4:d9:be:f2:84:b7:49:b3:a1:00:
fc:e6:e5:45:ca:82:8b:19:68:dc:7e:38:6b:97:5f:0b:21:58:
9d:45:cc:02:39:7a:32:e6:6d:26:39:84:89:b0:b6:dd:49:e6:
2f:76:0d:3f:1f:e8:5f:d0:fa:f8:8f:59:99:a5:97:d0:50:74:
76:e2:76:4e:b6:7f:20:d1:12:b2:a6:d9:b6:a2:25:01:84:38:
1c:7d:10:a6:d7:fe:2e:a6:21:33:3f:6f:b4:9f:b5:ed:44:c1:
ef:a5:9a:68:c4:63:05:4a:07:89:74:03:77:e2:a5:78:18:3a:
70:8b:b0:58:e6:e4:6b:72:da:33:f4:b1:a2:b9:b4:fe:e7:e9:
b6:56:0d:d6:c4:68:fb:50:52:0f:5a:a0:b3:02:1b:87:14:ba:
18:32:81:f2:e5:96:18:1d:0d:f0:70:f2:13:16:b3:b9:89:a5:
d8:e0:3e:ff:c0:9a:a0:67:b0:e9:0c:c2:ad:d7:da:fd:f0:9c:
b0:c2:3f:2e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUbEddT6CGjosp4hQYY46eioAMgiAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MDMxNTQxNDdaFw0yNjA3MDIxNTQ2NDdaMDMxMTAvBgNV
BAMTKEJDNTVEMjc4RjQ2MzlBRjVDMzAwQTI3MTk3Mjg3M0EzRDIwN0FFREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMPb4S5w7UQlSX0teWg2VfJ6C/
0mNviyiNzD7OLZHdMpZuubXDKIK5kTrey1NXtSLtd4iIsRUEZ0r8LbYHzTkvsXKy
O5xMEo1yCCTeL6IQA7RSG9qaidipo/2ag2BzLCbHwEHZBRI1Va2+ja42d64zM3k5
rrj1O+a99/gx8MlhOkFkFA6oIgO8lehE+n4yZ2gTjciPXSv+SjpgimQ0OoNBgiyJ
554zJN+0xw7QjCOh+mi0LVJt8JqMtwRarcfGhAe1/sisQjSwqOJ8Ry5fz5rUaTSW
T7nggDvMqQEhD88rEAG8C/td1TOcSfMOtj+nYLchRsvTijXZcowKzLLQJC9fAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUvFXSePRjmvXDAKJxlyhzo9IHrtswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzMzMwMmUzMjMy
MzQyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAItguAwDQYJKoZIhvcNAQELBQADggEBAEF4/000oxL9J/IAYkkfhaKKH3HpoeGL
MNx3C2TgbG/ffMiGtXB02ZMjaSYL9Ls3T1D+ES2IlvwLs0bs7wuX9Nm+8oS3SbOh
APzm5UXKgosZaNx+OGuXXwshWJ1FzAI5ejLmbSY5hImwtt1J5i92DT8f6F/Q+viP
WZmll9BQdHbidk62fyDRErKm2baiJQGEOBx9EKbX/i6mITM/b7Sfte1Ewe+lmmjE
YwVKB4l0A3fipXgYOnCLsFjm5Gty2jP0saK5tP7n6bZWDdbEaPtQUg9aoLMCG4cU
uhgygfLllhgdDfBw8hMWs7mJpdjgPv/AmqBnsOkMwq3X2v3wnLDCPy4=
-----END CERTIFICATE-----
Generated at Fri Jul 25 17:23:43 2025 by rpki-client