Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131392e302f32342d3234203d3e20333937363330.roa
File: 34352e36352e3131392e302f32342d3234203d3e20333937363330.roa (raw, json)
Hash identifier: 6O7UijD7Q9ZBZuDnpnUiHHRzvGdG/yEo23SDV+lgQxM=
Subject key identifier: C9:80:44:01:AA:0E:27:8D:FA:A9:F4:BB:F4:BD:B5:DA:61:41:E8:D1
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 0507AD9EBFE52A513F626AF540ED8914460E6ACA
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131392e302f32342d3234203d3e20333937363330.roa
Signing time: Tue 04 Feb 2025 16:53:53 +0000
ROA not before: Tue 04 Feb 2025 16:48:53 +0000
ROA not after: Tue 03 Feb 2026 16:53:53 +0000
asID: 397630
IP address blocks: 45.65.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:07:ad:9e:bf:e5:2a:51:3f:62:6a:f5:40:ed:89:14:46:0e:6a:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Feb 4 16:48:53 2025 GMT
Not After : Feb 3 16:53:53 2026 GMT
Subject: CN=C9804401AA0E278DFAA9F4BBF4BDB5DA6141E8D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:30:5b:16:cc:fb:46:1d:4c:f1:0b:12:6c:68:
0b:2e:e0:7b:24:72:a8:e0:e8:e7:a0:95:5a:20:96:
f1:a4:77:ed:1a:19:f2:db:9f:0f:37:38:5d:a1:ff:
01:d5:cf:40:2b:d0:64:e4:db:00:a4:7f:39:9e:43:
78:7c:fc:21:74:bf:41:f2:1b:5f:13:ad:cb:2c:87:
36:6e:f4:c1:46:d8:10:43:80:d2:29:2c:b5:69:85:
36:40:8c:ed:07:5b:ec:33:05:6b:7e:89:a0:56:2a:
ff:46:b8:5a:2b:72:bc:76:b0:ee:5f:cd:58:26:4f:
66:f4:64:d4:08:d3:25:a1:2c:ae:90:aa:c8:fa:08:
02:60:2f:1a:3c:9d:91:fd:65:50:38:68:44:5d:92:
7d:b7:79:3d:e6:3d:b2:c9:96:fb:47:e1:3a:4e:da:
1a:33:72:2e:ed:41:21:f0:25:d7:ec:8e:ea:e1:6f:
3c:99:83:63:58:af:69:72:52:23:86:b2:61:9c:0e:
81:df:3d:a0:81:f9:3b:37:f4:4b:ff:74:91:5d:92:
0f:59:56:54:c3:fa:f7:90:06:b6:b9:c1:a5:1b:38:
74:7e:73:f5:9a:30:bb:81:18:53:c8:07:76:fc:a1:
88:b7:ae:28:0c:85:cf:3c:26:1d:09:13:89:94:b0:
0f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:80:44:01:AA:0E:27:8D:FA:A9:F4:BB:F4:BD:B5:DA:61:41:E8:D1
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e36352e3131392e302f32342d3234203d3e20333937363330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.119.0/24
Signature Algorithm: sha256WithRSAEncryption
52:0f:f1:af:72:5b:de:6a:50:99:51:fc:42:fd:b7:eb:79:79:
bf:9a:c0:54:fd:f7:36:2f:99:38:df:bf:f0:36:65:ac:9c:1b:
d7:06:2b:e9:fc:6d:bc:74:2e:bc:49:31:2b:1e:a2:9e:aa:ac:
16:79:59:72:c0:82:39:8a:ef:96:6d:66:86:df:78:a9:62:dc:
ff:33:38:2e:27:03:e1:09:a2:73:8a:7c:e6:a2:23:98:ff:6c:
d7:3b:d9:6f:7e:0c:d1:90:5c:42:5e:34:c7:9c:42:08:9c:8e:
28:80:76:32:3d:62:54:1f:8d:14:ef:0c:9c:7c:fc:8d:99:37:
38:ca:43:99:27:8a:05:0a:8f:83:fc:4a:e3:5e:7c:f3:95:3b:
42:af:4a:56:2f:54:10:b0:82:71:9e:c1:ad:f7:ae:3d:35:73:
1b:0d:fb:fc:0b:2b:7f:05:2c:9d:c3:bf:64:82:2d:9e:97:9b:
84:af:a7:48:5b:7e:99:2a:eb:06:a7:a1:04:4f:2c:5f:bc:80:
82:1a:2c:d3:d0:49:11:42:51:5d:94:65:54:e9:cf:e2:71:ba:
7f:76:5c:45:b1:5f:10:f9:66:15:a4:50:e1:78:3e:a8:45:da:
40:83:36:69:41:98:0e:5b:d9:a6:ca:c6:85:90:94:2c:42:f6:
c3:2f:d7:5b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBQetnr/lKlE/Ymr1QO2JFEYOasowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNTAyMDQxNjQ4NTNaFw0yNjAyMDMxNjUzNTNaMDMxMTAvBgNV
BAMTKEM5ODA0NDAxQUEwRTI3OERGQUE5RjRCQkY0QkRCNURBNjE0MUU4RDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOMFsWzPtGHUzxCxJsaAsu4Hsk
cqjg6OeglVoglvGkd+0aGfLbnw83OF2h/wHVz0Ar0GTk2wCkfzmeQ3h8/CF0v0Hy
G18TrcsshzZu9MFG2BBDgNIpLLVphTZAjO0HW+wzBWt+iaBWKv9GuForcrx2sO5f
zVgmT2b0ZNQI0yWhLK6Qqsj6CAJgLxo8nZH9ZVA4aERdkn23eT3mPbLJlvtH4TpO
2hozci7tQSHwJdfsjurhbzyZg2NYr2lyUiOGsmGcDoHfPaCB+Ts39Ev/dJFdkg9Z
VlTD+veQBra5waUbOHR+c/WaMLuBGFPIB3b8oYi3rigMhc88Jh0JE4mUsA9xAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUyYBEAaoOJ436qfS79L212mFB6NEwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzYzNTJlMzEzMTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzOTM3MzYzMzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LUF3MA0GCSqGSIb3DQEBCwUAA4IBAQBSD/GvclvealCZUfxC/bfreXm/msBU/fc2
L5k437/wNmWsnBvXBivp/G28dC68STErHqKeqqwWeVlywII5iu+WbWaG33ipYtz/
MzguJwPhCaJzinzmoiOY/2zXO9lvfgzRkFxCXjTHnEIInI4ogHYyPWJUH40U7wyc
fPyNmTc4ykOZJ4oFCo+D/ErjXnzzlTtCr0pWL1QQsIJxnsGt9649NXMbDfv8Cyt/
BSydw79kgi2el5uEr6dIW36ZKusGp6EETyxfvICCGizT0EkRQlFdlGVU6c/icbp/
dlxFsV8Q+WYVpFDheD6oRdpAgzZpQZgOW9mmysaFkJQsQvbDL9db
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:51:29 2025 by rpki-client