Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231342e302f32342d3234203d3e203434353437.roa
File: 34352e39352e3231342e302f32342d3234203d3e203434353437.roa (raw, json)
Hash identifier: 4mA1gqLsHB6B1P8mI+JnCzpqXJzdsvy8YAE1F7eD96c=
Subject key identifier: C3:82:14:8A:3E:0F:AA:FD:78:3C:B5:36:CF:18:38:40:DB:B0:9F:AA
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 595518FA6FD2A90954EC1282E076FF3919BB1E6D
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231342e302f32342d3234203d3e203434353437.roa
Signing time: Tue 03 Jun 2025 13:54:08 +0000
ROA not before: Tue 03 Jun 2025 13:49:08 +0000
ROA not after: Tue 02 Jun 2026 13:54:08 +0000
asID: 44547
IP address blocks: 45.95.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 04:05:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:55:18:fa:6f:d2:a9:09:54:ec:12:82:e0:76:ff:39:19:bb:1e:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jun 3 13:49:08 2025 GMT
Not After : Jun 2 13:54:08 2026 GMT
Subject: CN=C382148A3E0FAAFD783CB536CF183840DBB09FAA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9d:ce:09:e2:c2:aa:63:cc:c3:e0:3c:bd:9a:
b6:9c:4b:42:65:cc:69:ee:c3:01:66:33:10:b2:34:
5f:51:5e:9f:5c:82:07:1c:8f:2a:75:de:57:d8:2e:
48:6c:54:08:fc:1c:a2:17:cc:1c:2e:fc:f0:25:76:
04:04:8a:4a:d2:b2:1a:f2:c8:b2:af:99:b9:b1:ef:
36:84:a1:48:0f:7a:5d:d8:86:11:d3:4b:eb:bd:f2:
32:42:12:8c:12:35:c9:7f:ba:49:be:01:d8:d5:86:
a9:a6:b4:7f:24:7f:0f:69:b9:15:64:cf:a5:16:eb:
60:ee:3d:49:7b:ca:dd:a5:c1:5b:59:38:24:fb:7f:
fc:e0:f5:2f:19:44:9e:1b:a9:b9:07:eb:61:9a:c4:
f6:5d:9c:79:c6:6f:66:0f:63:db:93:cd:6a:de:23:
69:e2:69:1a:33:45:23:dc:ca:69:79:58:9a:a7:b8:
63:85:ef:db:8a:fe:e6:32:17:c2:ec:2d:15:fe:7b:
6b:a9:97:21:6c:30:9f:0e:de:e9:e7:9e:42:64:af:
2b:15:9a:e7:d2:27:b5:70:41:be:85:ef:bb:bb:39:
93:29:17:dd:c2:3f:b2:41:4a:fd:38:7e:20:5f:b3:
1e:fe:f9:f9:85:a6:0c:88:60:6c:37:10:0e:3b:22:
6b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:82:14:8A:3E:0F:AA:FD:78:3C:B5:36:CF:18:38:40:DB:B0:9F:AA
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231342e302f32342d3234203d3e203434353437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.214.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:16:4d:82:4b:6e:5b:f8:03:cb:82:c1:1d:06:a2:fd:e3:68:
b5:5d:d4:d2:a5:23:09:dd:59:23:48:c8:24:78:46:6e:b9:59:
dd:d6:98:24:5e:e8:d6:9c:fc:06:3c:31:61:d1:cf:d9:ef:29:
96:ac:29:e9:02:d5:ac:50:58:b9:2f:32:6f:a5:10:43:56:7c:
b2:36:40:fb:64:04:ca:79:fe:02:18:0e:99:59:30:db:eb:4e:
5d:df:10:68:2b:d4:86:8d:5f:1c:3b:4d:23:5a:7c:e2:5a:b8:
db:b7:d6:1d:81:18:17:08:c0:80:cb:58:d5:b1:55:a4:1f:42:
8a:18:1e:99:96:67:c3:a6:2c:b7:94:fb:1a:d2:60:9c:24:d4:
86:19:82:c6:81:cd:7a:8e:db:61:9d:9f:ae:0f:37:47:23:88:
cd:c8:93:af:f8:b6:62:b0:9a:11:58:e6:c5:b1:54:46:0b:c4:
73:a2:34:13:aa:50:90:9c:5c:9d:cf:3b:bf:a0:45:b9:de:3b:
d2:56:f0:fc:b9:d6:0a:2e:11:a3:96:00:aa:6a:5e:e4:eb:3e:
77:e9:61:54:22:fe:4d:94:38:55:f9:e7:01:ca:dd:e6:61:0e:
c4:44:d5:7c:eb:c9:9f:b5:dd:e9:3a:af:9f:3c:c4:ef:0c:b7:
a2:63:d5:cb
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUWVUY+m/SqQlU7BKC4Hb/ORm7Hm0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTA2MDMxMzQ5MDhaFw0yNjA2MDIxMzU0MDhaMDMxMTAvBgNV
BAMTKEMzODIxNDhBM0UwRkFBRkQ3ODNDQjUzNkNGMTgzODQwREJCMDlGQUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFnc4J4sKqY8zD4Dy9mracS0Jl
zGnuwwFmMxCyNF9RXp9cggccjyp13lfYLkhsVAj8HKIXzBwu/PAldgQEikrSshry
yLKvmbmx7zaEoUgPel3YhhHTS+u98jJCEowSNcl/ukm+AdjVhqmmtH8kfw9puRVk
z6UW62DuPUl7yt2lwVtZOCT7f/zg9S8ZRJ4bqbkH62GaxPZdnHnGb2YPY9uTzWre
I2niaRozRSPcyml5WJqnuGOF79uK/uYyF8LsLRX+e2uplyFsMJ8O3unnnkJkrysV
mufSJ7VwQb6F77u7OZMpF93CP7JBSv04fiBfsx7++fmFpgyIYGw3EA47ImuPAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUw4IUij4Pqv14PLU2zxg4QNuwn6owHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzkzNTJlMzIzMTM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzNDM1MzQzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1f
1jANBgkqhkiG9w0BAQsFAAOCAQEAqhZNgktuW/gDy4LBHQai/eNotV3U0qUjCd1Z
I0jIJHhGbrlZ3daYJF7o1pz8BjwxYdHP2e8plqwp6QLVrFBYuS8yb6UQQ1Z8sjZA
+2QEynn+AhgOmVkw2+tOXd8QaCvUho1fHDtNI1p84lq427fWHYEYFwjAgMtY1bFV
pB9CihgemZZnw6Yst5T7GtJgnCTUhhmCxoHNeo7bYZ2frg83RyOIzciTr/i2YrCa
EVjmxbFURgvEc6I0E6pQkJxcnc87v6BFud470lbw/LnWCi4Ro5YAqmpe5Os+d+lh
VCL+TZQ4VfnnAcrd5mEOxETVfOvJn7Xd6TqvnzzE7wy3omPVyw==
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:36:14 2025 by rpki-client