Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3133322e3231372e302f32342d3234203d3e20333935333734.roa
File: 34352e3133322e3231372e302f32342d3234203d3e20333935333734.roa (raw, json)
Hash identifier: 3xSg64X6b/VGeaW1sbUHbRQvvDa5xSkfsAgZrM/ksog=
Subject key identifier: EE:9F:D7:47:FB:53:22:94:3A:34:30:1F:F2:09:D8:D5:CB:B6:23:B5
Certificate issuer: /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial: 3E6735D9CB4F037ED5046C3C23C6E5785F3501AE
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3133322e3231372e302f32342d3234203d3e20333935333734.roa
Signing time: Thu 22 May 2025 09:00:50 +0000
ROA not before: Thu 22 May 2025 08:55:50 +0000
ROA not after: Thu 21 May 2026 09:00:50 +0000
asID: 395374
IP address blocks: 45.132.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:17:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:67:35:d9:cb:4f:03:7e:d5:04:6c:3c:23:c6:e5:78:5f:35:01:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Validity
Not Before: May 22 08:55:50 2025 GMT
Not After : May 21 09:00:50 2026 GMT
Subject: CN=EE9FD747FB5322943A34301FF209D8D5CBB623B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:34:b0:b4:9b:31:ec:42:27:f0:7e:f4:52:af:
79:b8:7a:c3:16:a8:c9:45:3c:55:90:13:fe:65:86:
db:1f:0d:61:49:b5:0f:13:3b:c3:b4:77:32:7e:90:
b2:af:b2:70:2a:76:8a:10:0b:0a:2f:73:e8:c3:50:
c6:df:39:58:81:5b:01:2a:75:f8:ce:67:42:4e:ec:
5e:b7:47:71:94:97:3b:c9:94:88:0d:bb:41:0f:11:
7c:e3:66:88:dd:f3:59:e7:63:b3:79:40:5a:88:08:
4c:c6:ea:0a:43:c9:77:67:1b:cd:ba:71:1b:af:ba:
65:27:a4:f1:69:0b:20:36:60:b9:00:98:9c:13:c2:
a1:4f:6e:79:7f:c2:5f:93:9d:51:35:13:54:a2:fb:
ee:70:65:64:5d:f3:36:7c:ef:64:c0:7b:a3:e5:95:
b7:40:c3:ad:d8:e8:22:be:49:bc:dd:99:60:46:b4:
b5:97:6b:88:fb:87:11:f4:a6:e1:a9:e3:bb:41:8a:
82:51:78:2e:4c:0b:87:4a:65:25:7c:2d:ff:63:d7:
2d:ed:3b:2a:5a:30:37:39:f9:77:37:8e:d7:30:ea:
11:9f:c6:7c:ef:dc:d6:5c:32:53:6d:19:4d:7b:21:
c6:46:3d:af:37:db:90:66:3b:b1:ed:41:8c:51:9f:
e2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:9F:D7:47:FB:53:22:94:3A:34:30:1F:F2:09:D8:D5:CB:B6:23:B5
X509v3 Authority Key Identifier:
keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3133322e3231372e302f32342d3234203d3e20333935333734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.217.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:47:7f:63:7c:68:87:5d:4b:f1:86:a7:1e:b1:aa:c6:35:b4:
f1:a0:e6:f3:12:4c:31:87:48:dd:d7:7e:08:32:96:8b:69:b8:
81:c7:8f:bc:34:29:f7:7d:40:a7:6b:f8:50:76:d2:14:47:a9:
a3:79:90:91:20:33:d7:3b:8a:d3:98:37:da:e7:7c:17:13:d0:
13:23:1e:b0:6c:ef:ef:b7:0b:61:11:b3:57:19:1b:89:05:6c:
eb:43:8c:df:43:94:f8:d1:88:24:18:51:b3:4b:4b:84:02:56:
c2:d5:1c:42:3f:06:09:b3:f4:90:0e:8f:15:b3:1b:46:64:87:
62:7b:95:70:c6:62:07:36:92:23:8a:d5:e9:a1:71:57:72:87:
07:02:22:25:b7:b8:12:ab:1e:0e:bb:b8:03:89:f7:f1:a7:09:
ac:d1:18:fa:00:18:c2:04:21:93:82:6c:51:b6:30:40:c5:45:
dc:95:bb:0c:66:29:d3:07:91:73:2e:6f:05:e6:96:e6:ce:40:
b7:e1:a4:82:96:9a:7d:89:06:96:49:47:2f:5f:45:ad:b4:67:
4c:2f:b2:d5:32:c8:64:82:dc:c3:71:0d:aa:71:9c:c5:75:74:
25:b9:0f:9e:bb:06:32:d4:01:e2:7b:1f:44:8a:b1:78:1b:c8:
63:91:79:ab
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPmc12ctPA37VBGw8I8bleF81Aa4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yNTA1MjIwODU1NTBaFw0yNjA1MjEwOTAwNTBaMDMxMTAvBgNV
BAMTKEVFOUZENzQ3RkI1MzIyOTQzQTM0MzAxRkYyMDlEOEQ1Q0JCNjIzQjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvNLC0mzHsQifwfvRSr3m4esMW
qMlFPFWQE/5lhtsfDWFJtQ8TO8O0dzJ+kLKvsnAqdooQCwovc+jDUMbfOViBWwEq
dfjOZ0JO7F63R3GUlzvJlIgNu0EPEXzjZojd81nnY7N5QFqICEzG6gpDyXdnG826
cRuvumUnpPFpCyA2YLkAmJwTwqFPbnl/wl+TnVE1E1Si++5wZWRd8zZ872TAe6Pl
lbdAw63Y6CK+SbzdmWBGtLWXa4j7hxH0puGp47tBioJReC5MC4dKZSV8Lf9j1y3t
OypaMDc5+Xc3jtcw6hGfxnzv3NZcMlNtGU17IcZGPa8325BmO7HtQYxRn+IjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU7p/XR/tTIpQ6NDAf8gnY1cu2I7UwHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzQzNTJlMzEzMzMyMmUzMjMx
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzUzMzM3MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAthNkwDQYJKoZIhvcNAQELBQADggEBAB5Hf2N8aIddS/GGpx6xqsY1tPGg5vMS
TDGHSN3XfggylotpuIHHj7w0Kfd9QKdr+FB20hRHqaN5kJEgM9c7itOYN9rnfBcT
0BMjHrBs7++3C2ERs1cZG4kFbOtDjN9DlPjRiCQYUbNLS4QCVsLVHEI/Bgmz9JAO
jxWzG0Zkh2J7lXDGYgc2kiOK1emhcVdyhwcCIiW3uBKrHg67uAOJ9/GnCazRGPoA
GMIEIZOCbFG2MEDFRdyVuwxmKdMHkXMubwXmlubOQLfhpIKWmn2JBpZJRy9fRa20
Z0wvstUyyGSC3MNxDapxnMV1dCW5D567BjLUAeJ7H0SKsXgbyGOReas=
-----END CERTIFICATE-----
Generated at Sat Jun 7 20:04:20 2025 by rpki-client