Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3134382e3139342e302f32342d3234203d3e20313938303930.roa
File: 34352e3134382e3139342e302f32342d3234203d3e20313938303930.roa (raw, json)
Hash identifier: LBVh/y0dRaPhNqyic1L6LbzpIf2DASVRTzNkpM/wwTc=
Subject key identifier: 04:4F:2A:5C:A5:15:C2:F2:49:23:17:4F:33:CC:87:6A:6D:2D:35:E1
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 38D5433306DE93FF913F37A0049DF489B8F5D465
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3134382e3139342e302f32342d3234203d3e20313938303930.roa
Signing time: Thu 03 Jul 2025 15:46:47 +0000
ROA not before: Thu 03 Jul 2025 15:41:47 +0000
ROA not after: Thu 02 Jul 2026 15:46:47 +0000
asID: 198090
IP address blocks: 45.148.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:d5:43:33:06:de:93:ff:91:3f:37:a0:04:9d:f4:89:b8:f5:d4:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 3 15:41:47 2025 GMT
Not After : Jul 2 15:46:47 2026 GMT
Subject: CN=044F2A5CA515C2F24923174F33CC876A6D2D35E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:bd:2d:63:33:0f:46:89:b5:96:96:ac:51:09:
cc:81:6d:f2:ef:23:95:10:f9:cf:b5:e8:b4:18:22:
1b:9d:54:05:43:7f:30:15:ed:5b:b6:ab:91:d2:c6:
75:0b:18:a1:af:72:44:a3:ba:86:83:9c:2d:63:3f:
c2:71:13:9a:44:ae:66:7c:d9:a7:55:df:0f:c0:8c:
7c:12:37:e2:b1:ee:3d:77:73:7a:fa:4c:01:fd:43:
a5:91:75:22:3c:8a:1d:40:ac:73:b6:f5:60:35:b9:
34:f6:e1:e2:9b:f7:44:60:c7:8d:d8:20:ef:49:fc:
2c:27:d4:2c:07:62:86:95:28:ec:eb:f7:c8:26:1b:
1b:1f:b8:a7:45:5f:72:95:5a:0a:fc:58:bb:e1:44:
9a:9e:e2:d5:78:85:20:5c:2b:26:d6:8d:37:a0:a8:
5a:68:60:d4:ab:4c:b8:4e:81:c6:02:07:5b:2d:75:
30:3c:60:07:40:83:ae:5f:47:80:fb:97:4d:fc:98:
82:75:f9:ea:ac:91:9e:4f:95:4e:df:07:eb:a5:51:
71:50:75:55:0e:97:12:44:cf:6a:f9:12:7f:c5:36:
8f:b9:06:b8:08:36:b9:53:0f:fa:48:89:69:9f:24:
06:d1:db:d9:72:9f:ea:52:6d:69:9f:45:a7:dc:a3:
84:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:4F:2A:5C:A5:15:C2:F2:49:23:17:4F:33:CC:87:6A:6D:2D:35:E1
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3134382e3139342e302f32342d3234203d3e20313938303930.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.194.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:0a:35:bb:05:e8:1a:99:b8:7e:a8:a3:09:33:96:61:ea:6f:
a4:10:03:4a:29:68:76:0c:c7:55:da:92:76:89:65:47:60:60:
44:b0:90:d1:ad:56:a2:50:32:ff:8f:b0:00:c2:5a:e4:5d:68:
9e:39:2f:16:5b:45:6a:af:60:68:06:30:06:da:5f:e0:72:1f:
a3:aa:66:fc:80:30:12:b7:0b:d2:3b:25:5b:f6:6d:4e:21:27:
0d:2e:d4:16:33:c8:24:0b:0f:80:ad:cf:f9:9a:53:8b:e9:2a:
6f:f2:0d:fa:61:dd:0d:bc:38:bf:ed:b0:36:c9:69:87:35:e7:
5c:49:1e:15:40:65:41:74:e1:e8:fa:81:00:e7:75:89:ce:ed:
51:aa:57:2e:dc:1c:e3:96:92:19:7f:aa:e2:41:37:0f:54:85:
28:ef:92:74:98:07:e0:b7:72:7b:dd:78:e5:eb:e4:83:35:7b:
aa:83:02:2e:ca:fe:db:b1:66:31:8e:fb:1b:ad:58:c0:c5:49:
af:31:3d:bf:96:c7:00:bc:cb:42:c3:a3:1f:4e:9e:92:f8:aa:
3a:b0:a8:eb:32:8b:ae:24:9a:24:b1:0c:a6:31:5e:fb:9d:07:
65:a9:7a:7e:1b:35:4e:89:30:83:dd:cc:f1:24:9f:3c:02:94:
36:5e:2f:81
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUONVDMwbek/+RPzegBJ30ibj11GUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MDMxNTQxNDdaFw0yNjA3MDIxNTQ2NDdaMDMxMTAvBgNV
BAMTKDA0NEYyQTVDQTUxNUMyRjI0OTIzMTc0RjMzQ0M4NzZBNkQyRDM1RTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+vS1jMw9GibWWlqxRCcyBbfLv
I5UQ+c+16LQYIhudVAVDfzAV7Vu2q5HSxnULGKGvckSjuoaDnC1jP8JxE5pErmZ8
2adV3w/AjHwSN+Kx7j13c3r6TAH9Q6WRdSI8ih1ArHO29WA1uTT24eKb90Rgx43Y
IO9J/Cwn1CwHYoaVKOzr98gmGxsfuKdFX3KVWgr8WLvhRJqe4tV4hSBcKybWjTeg
qFpoYNSrTLhOgcYCB1stdTA8YAdAg65fR4D7l038mIJ1+eqskZ5PlU7fB+ulUXFQ
dVUOlxJEz2r5En/FNo+5BrgINrlTD/pIiWmfJAbR29lyn+pSbWmfRafco4RFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUBE8qXKUVwvJJIxdPM8yHam0tNeEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzNDM4MmUzMTM5
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzMDM5MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtlMIwDQYJKoZIhvcNAQELBQADggEBAEwKNbsF6BqZuH6oowkzlmHqb6QQA0op
aHYMx1XaknaJZUdgYESwkNGtVqJQMv+PsADCWuRdaJ45LxZbRWqvYGgGMAbaX+By
H6OqZvyAMBK3C9I7JVv2bU4hJw0u1BYzyCQLD4Ctz/maU4vpKm/yDfph3Q28OL/t
sDbJaYc151xJHhVAZUF04ej6gQDndYnO7VGqVy7cHOOWkhl/quJBNw9UhSjvknSY
B+C3cnvdeOXr5IM1e6qDAi7K/tuxZjGO+xutWMDFSa8xPb+WxwC8y0LDox9OnpL4
qjqwqOsyi64kmiSxDKYxXvudB2Wpen4bNU6JMIPdzPEknzwClDZeL4E=
-----END CERTIFICATE-----
Generated at Fri Jul 25 17:24:14 2025 by rpki-client