Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3132382e31342e302f32332d3233203d3e20323633353733.roa
File: 34352e3132382e31342e302f32332d3233203d3e20323633353733.roa (raw, json)
Hash identifier: KI33L3jCXI0idF/Je1YE9NDlTH40O098wxkrKuCaj0Q=
Subject key identifier: BF:5E:04:4E:7B:D9:5E:AF:CE:2B:EB:F0:56:04:DE:7E:D6:92:7F:F3
Certificate issuer: /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial: 50FEE417E27134ABCC96DDEDEFD08E172C6D700B
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3132382e31342e302f32332d3233203d3e20323633353733.roa
Signing time: Tue 28 Jan 2025 21:42:06 +0000
ROA not before: Tue 28 Jan 2025 21:37:06 +0000
ROA not after: Tue 27 Jan 2026 21:42:06 +0000
asID: 263573
IP address blocks: 45.128.14.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:fe:e4:17:e2:71:34:ab:cc:96:dd:ed:ef:d0:8e:17:2c:6d:70:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Validity
Not Before: Jan 28 21:37:06 2025 GMT
Not After : Jan 27 21:42:06 2026 GMT
Subject: CN=BF5E044E7BD95EAFCE2BEBF05604DE7ED6927FF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:32:de:04:cd:8b:c8:4c:7d:cb:54:b4:ae:ab:
dc:47:8c:7e:a3:57:17:17:69:e0:41:13:0a:0b:a5:
8c:96:a2:7a:40:a4:68:40:99:62:06:8f:02:bc:ca:
63:a6:af:2a:d8:78:b8:ab:bb:70:4f:9f:24:fa:02:
3a:97:2c:cf:9f:d5:73:ec:88:0f:8e:7a:ed:2f:f3:
8c:ec:e1:74:19:d5:09:68:ef:25:0d:7e:7d:99:36:
c0:71:5b:35:69:9e:0b:35:b6:ee:a6:58:b6:05:db:
4b:ca:38:4d:59:86:c5:85:8d:b5:39:aa:95:df:d6:
9a:4f:81:02:ed:89:11:e8:f8:8b:9d:d3:e1:09:0b:
ee:55:e6:3f:2f:c6:12:0b:1c:68:7e:7d:65:5a:2c:
10:bc:67:67:21:67:05:99:8c:15:52:0e:58:b5:29:
97:5f:c7:7a:c4:19:49:15:81:41:ce:05:26:32:ea:
f7:90:94:b8:f3:e8:64:3d:ce:6c:38:33:04:c8:6c:
71:74:f5:7e:3f:de:d9:ad:db:74:83:bd:8b:74:70:
cc:10:19:cb:7f:b9:de:f6:87:fa:cb:90:4f:d8:b5:
a1:e4:78:68:87:b0:eb:5a:94:3f:ef:26:bd:93:71:
40:8c:67:0d:99:8b:fb:a2:2a:90:95:36:f6:99:a2:
ac:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:5E:04:4E:7B:D9:5E:AF:CE:2B:EB:F0:56:04:DE:7E:D6:92:7F:F3
X509v3 Authority Key Identifier:
keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3132382e31342e302f32332d3233203d3e20323633353733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.14.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:f8:07:fe:d0:90:17:34:32:07:7c:fe:5e:3e:ba:74:41:1a:
55:96:f2:db:c1:7b:bb:1c:f8:53:6b:ac:76:c2:50:b0:8e:e3:
58:bc:4f:6f:3b:c7:df:3c:87:29:fe:97:20:35:aa:99:1f:93:
e7:84:32:28:ab:02:63:5c:7c:e4:9d:ab:9a:90:55:cb:9e:80:
53:c3:07:8e:f5:8f:70:68:6e:3d:a5:cd:ba:88:05:2b:ba:fc:
d4:9c:4a:88:ba:c6:ff:da:e2:90:20:a2:93:06:7e:ca:6a:f8:
9b:23:ce:6c:6c:a8:5a:f6:9e:cd:14:a6:83:0c:96:93:96:56:
e6:79:99:70:11:d1:f9:10:48:06:ef:da:f2:fe:1e:5d:0a:84:
4d:ab:bb:0f:d3:fd:be:95:0d:b1:77:bf:b9:55:3c:f1:c5:e9:
0d:23:01:6e:93:6e:51:85:d0:fd:eb:94:a4:16:30:43:82:9c:
fb:35:f9:34:32:86:de:b3:85:ce:8c:88:b5:96:cd:7b:03:99:
2b:8a:02:bf:13:d4:6d:f3:51:9f:49:5c:05:d2:57:b1:a5:0b:
4b:8b:ff:96:e5:14:b0:ae:dc:f7:e7:81:7b:0b:4a:e0:db:58:
d5:61:a9:bd:df:e0:e6:8e:4c:aa:19:f0:ab:51:2f:16:34:cc:
ed:75:36:39
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUP7kF+JxNKvMlt3t79COFyxtcAswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yNTAxMjgyMTM3MDZaFw0yNjAxMjcyMTQyMDZaMDMxMTAvBgNV
BAMTKEJGNUUwNDRFN0JEOTVFQUZDRTJCRUJGMDU2MDRERTdFRDY5MjdGRjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9Mt4EzYvITH3LVLSuq9xHjH6j
VxcXaeBBEwoLpYyWonpApGhAmWIGjwK8ymOmryrYeLiru3BPnyT6AjqXLM+f1XPs
iA+Oeu0v84zs4XQZ1Qlo7yUNfn2ZNsBxWzVpngs1tu6mWLYF20vKOE1ZhsWFjbU5
qpXf1ppPgQLtiRHo+Iud0+EJC+5V5j8vxhILHGh+fWVaLBC8Z2chZwWZjBVSDli1
KZdfx3rEGUkVgUHOBSYy6veQlLjz6GQ9zmw4MwTIbHF09X4/3tmt23SDvYt0cMwQ
Gct/ud72h/rLkE/YtaHkeGiHsOtalD/vJr2TcUCMZw2Zi/uiKpCVNvaZoqyhAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUv14ETnvZXq/OK+vwVgTeftaSf/MwHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzQzNTJlMzEzMjM4MmUzMTM0
MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzIzNjMzMzUzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
LYAOMA0GCSqGSIb3DQEBCwUAA4IBAQBt+Af+0JAXNDIHfP5ePrp0QRpVlvLbwXu7
HPhTa6x2wlCwjuNYvE9vO8ffPIcp/pcgNaqZH5PnhDIoqwJjXHzknauakFXLnoBT
wweO9Y9waG49pc26iAUruvzUnEqIusb/2uKQIKKTBn7KavibI85sbKha9p7NFKaD
DJaTllbmeZlwEdH5EEgG79ry/h5dCoRNq7sP0/2+lQ2xd7+5VTzxxekNIwFuk25R
hdD965SkFjBDgpz7Nfk0Mobes4XOjIi1ls17A5krigK/E9Rt81GfSVwF0lexpQtL
i/+W5RSwrtz354F7C0rg21jVYam93+DmjkyqGfCrUS8WNMztdTY5
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:51:52 2025 by rpki-client