Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3132382e31332e302f32342d3234203d3e20313939393235.roa
File: 34352e3132382e31332e302f32342d3234203d3e20313939393235.roa (raw, json)
Hash identifier: s2TQDlDgm+LKEqHBlB2hd8f187DM1tFrRFf93seXSWo=
Subject key identifier: D7:1F:7F:F4:58:D9:CF:BE:36:CA:30:CD:A4:2C:B1:63:8C:F2:D9:E7
Certificate issuer: /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial: 6EED6D933AB72C58A2A934369168A618164C2345
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3132382e31332e302f32342d3234203d3e20313939393235.roa
Signing time: Mon 01 Sep 2025 07:54:58 +0000
ROA not before: Mon 01 Sep 2025 07:49:58 +0000
ROA not after: Mon 31 Aug 2026 07:54:58 +0000
asID: 199925
IP address blocks: 45.128.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 04:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:ed:6d:93:3a:b7:2c:58:a2:a9:34:36:91:68:a6:18:16:4c:23:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Validity
Not Before: Sep 1 07:49:58 2025 GMT
Not After : Aug 31 07:54:58 2026 GMT
Subject: CN=D71F7FF458D9CFBE36CA30CDA42CB1638CF2D9E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:95:2b:39:ae:49:a1:fb:99:7a:65:4c:57:be:
c0:af:5b:62:7a:df:1a:35:b8:56:e4:77:7d:cf:06:
4e:ed:54:73:ec:76:c6:c5:52:d0:db:c8:26:5b:78:
d8:5b:56:bf:3e:48:0e:f0:06:a7:ee:04:58:a2:a6:
6b:a0:e5:15:bf:dc:8a:0e:a4:99:34:8a:11:88:15:
5f:0d:ff:42:6a:aa:eb:bd:37:b7:79:1f:1d:dc:f6:
49:18:84:33:be:2b:0a:c8:1d:d4:55:c7:0e:f8:7a:
2e:bf:70:14:fd:3a:4f:7b:c1:2a:98:9e:d0:34:36:
c6:5c:47:cc:29:df:16:d8:26:ad:0a:60:95:26:b6:
91:48:86:9a:85:50:75:9a:ff:ac:41:b0:83:79:4c:
f5:6c:24:f6:1c:fc:65:72:26:46:3f:23:af:60:c8:
4f:5f:9f:d8:e4:6d:07:f9:9a:73:28:6f:b9:74:27:
43:ba:71:5b:80:cf:51:1c:f3:d2:f1:b7:f7:cf:c4:
5b:3f:80:d5:82:11:cf:6d:0a:bd:be:bf:d1:15:b6:
84:60:a7:20:07:7d:f8:ae:9a:34:c5:e5:77:66:aa:
b9:a2:56:40:c2:8e:e6:5c:7b:c7:44:3d:1b:1d:36:
b4:32:cd:51:07:a0:41:e3:20:17:e6:e7:0a:a7:9d:
78:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:1F:7F:F4:58:D9:CF:BE:36:CA:30:CD:A4:2C:B1:63:8C:F2:D9:E7
X509v3 Authority Key Identifier:
keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3132382e31332e302f32342d3234203d3e20313939393235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.13.0/24
Signature Algorithm: sha256WithRSAEncryption
84:5c:1c:ff:16:d1:03:2a:9f:02:2d:32:4e:bb:80:70:c7:57:
83:a5:50:e1:74:f5:9f:e2:5f:c3:0d:75:a5:94:b8:47:fb:94:
8f:03:b1:a1:ca:16:77:72:d5:f4:fa:9e:58:f9:cf:e6:3a:79:
c6:f1:8d:14:85:4a:ad:4b:44:f0:9a:8f:66:5f:2c:61:5c:55:
13:62:89:29:1b:e5:b6:94:40:e8:49:53:2d:c0:5b:6f:a2:ce:
9d:49:32:23:d3:aa:6d:3d:a1:56:7f:aa:46:d7:14:68:43:4a:
f4:57:28:84:63:72:9a:d6:7e:6b:18:9a:a6:d8:25:92:f6:2a:
81:71:2c:64:47:04:2b:1c:32:90:2a:d5:f2:f2:3d:02:ee:52:
20:b8:4a:e4:79:1d:7d:f5:69:3d:3d:fa:ac:f3:b3:c3:b5:38:
89:c8:8e:72:db:34:48:7a:8d:12:1f:57:bc:68:19:89:25:b7:
55:cb:e4:54:ba:08:03:74:96:83:9c:43:1e:16:9b:71:68:a0:
ab:a6:e5:4c:b5:d2:e1:fb:27:37:91:26:dc:b3:8a:bb:81:fc:
26:9f:e1:43:da:8b:17:89:71:0b:b7:53:be:c4:f9:d5:5e:db:
ac:8a:04:a3:84:4d:87:2c:b9:2d:86:9e:9e:7b:dd:d0:76:ed:
48:b8:b5:88
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbu1tkzq3LFiiqTQ2kWimGBZMI0UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yNTA5MDEwNzQ5NThaFw0yNjA4MzEwNzU0NThaMDMxMTAvBgNV
BAMTKEQ3MUY3RkY0NThEOUNGQkUzNkNBMzBDREE0MkNCMTYzOENGMkQ5RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxlSs5rkmh+5l6ZUxXvsCvW2J6
3xo1uFbkd33PBk7tVHPsdsbFUtDbyCZbeNhbVr8+SA7wBqfuBFiipmug5RW/3IoO
pJk0ihGIFV8N/0Jqquu9N7d5Hx3c9kkYhDO+KwrIHdRVxw74ei6/cBT9Ok97wSqY
ntA0NsZcR8wp3xbYJq0KYJUmtpFIhpqFUHWa/6xBsIN5TPVsJPYc/GVyJkY/I69g
yE9fn9jkbQf5mnMob7l0J0O6cVuAz1Ec89Lxt/fPxFs/gNWCEc9tCr2+v9EVtoRg
pyAHffiumjTF5XdmqrmiVkDCjuZce8dEPRsdNrQyzVEHoEHjIBfm5wqnnXinAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU1x9/9FjZz742yjDNpCyxY4zy2ecwHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzQzNTJlMzEzMjM4MmUzMTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzOTM5MzkzMjM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYANMA0GCSqGSIb3DQEBCwUAA4IBAQCEXBz/FtEDKp8CLTJOu4Bwx1eDpVDhdPWf
4l/DDXWllLhH+5SPA7GhyhZ3ctX0+p5Y+c/mOnnG8Y0UhUqtS0Twmo9mXyxhXFUT
YokpG+W2lEDoSVMtwFtvos6dSTIj06ptPaFWf6pG1xRoQ0r0VyiEY3Ka1n5rGJqm
2CWS9iqBcSxkRwQrHDKQKtXy8j0C7lIguErkeR199Wk9Pfqs87PDtTiJyI5y2zRI
eo0SH1e8aBmJJbdVy+RUuggDdJaDnEMeFptxaKCrpuVMtdLh+yc3kSbcs4q7gfwm
n+FD2osXiXELt1O+xPnVXtusigSjhE2HLLkthp6ee93Qdu1IuLWI
-----END CERTIFICATE-----
Generated at Sat Sep 6 13:12:26 2025 by rpki-client