Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3132382e36352e3136302e302f32322d3232203d3e203438353932.roa
File: 3132382e36352e3136302e302f32322d3232203d3e203438353932.roa (raw, json)
Hash identifier: e2sDKCcJlT/U2mWShGzkoM6fLVC3axyQA7582KFjXl0=
Subject key identifier: 9B:86:D6:79:C5:8F:B8:B7:6D:3C:70:FE:6A:CA:40:E7:9A:B6:FE:38
Certificate issuer: /CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Certificate serial: 18E8401108AE708D39F8CA871F30462013C77358
Authority key identifier: 45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3132382e36352e3136302e302f32322d3232203d3e203438353932.roa
Signing time: Tue 25 Mar 2025 06:20:05 +0000
ROA not before: Tue 25 Mar 2025 06:15:05 +0000
ROA not after: Tue 24 Mar 2026 06:20:05 +0000
asID: 48592
IP address blocks: 128.65.160.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:e8:40:11:08:ae:70:8d:39:f8:ca:87:1f:30:46:20:13:c7:73:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Validity
Not Before: Mar 25 06:15:05 2025 GMT
Not After : Mar 24 06:20:05 2026 GMT
Subject: CN=9B86D679C58FB8B76D3C70FE6ACA40E79AB6FE38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2d:5c:70:67:0d:47:6f:8c:bf:c8:12:c7:cf:
17:0c:be:bf:ec:af:c1:ca:ae:fa:e0:ff:8d:ef:63:
4a:e5:22:7c:e1:26:5f:74:ab:71:e5:19:09:d5:d9:
19:1b:cd:ed:05:4e:47:0c:44:83:69:30:8e:e2:86:
0b:c0:7b:a1:2f:ed:ba:30:5f:a3:9b:ef:92:ab:46:
02:ab:a6:06:28:d3:43:b2:e4:3c:bd:cd:18:05:4a:
2f:6a:3e:44:aa:6b:d5:56:7f:40:c3:5e:7f:48:ee:
15:cb:a4:d5:06:2b:e7:37:63:c4:e9:cb:1a:8d:90:
88:4a:24:9d:e5:1f:3e:b7:60:69:7a:ff:56:70:76:
1a:ff:45:a6:a0:e6:f2:38:ad:bd:08:49:72:70:1a:
1c:10:f2:5c:26:de:dd:d8:65:86:d6:70:a0:a7:27:
a2:a6:a2:54:f4:c8:0f:0e:57:9e:bc:0b:a6:8c:bc:
1b:ae:16:22:40:26:60:3c:0b:3e:e9:59:ae:ff:5a:
13:44:6a:d8:bb:53:c1:65:26:34:72:dc:8f:cd:c4:
99:2d:cf:1b:fd:68:a6:44:75:49:08:10:d5:56:ce:
1b:4b:a8:a6:d7:40:1d:23:6f:ef:ab:e1:5d:f1:81:
ea:ed:66:cb:a6:66:3a:38:78:a2:9c:9a:e3:ea:99:
73:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:86:D6:79:C5:8F:B8:B7:6D:3C:70:FE:6A:CA:40:E7:9A:B6:FE:38
X509v3 Authority Key Identifier:
keyid:45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3132382e36352e3136302e302f32322d3232203d3e203438353932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.160.0/22
Signature Algorithm: sha256WithRSAEncryption
36:50:df:24:51:1d:cb:4e:9b:dd:35:a5:7e:4e:2f:cc:4f:99:
46:2c:21:cc:0c:e3:db:6a:44:65:a1:28:43:e0:6f:10:9a:81:
3c:91:80:79:e2:ee:db:68:ec:e7:98:85:bc:ec:41:2f:6d:c8:
d8:3f:7e:2c:7b:be:52:ba:e0:63:59:5d:bc:ed:f9:58:f4:a4:
0a:c4:80:f7:bd:84:02:dd:91:25:00:05:9b:0e:9c:05:48:2b:
c9:52:22:af:e5:21:be:0a:43:8a:ec:8c:8c:84:db:d9:75:b5:
c3:6f:f3:03:ae:5b:d7:d1:e6:fa:ab:a4:1b:ae:a9:04:19:32:
20:87:f5:b6:7a:34:b2:ee:74:7a:ab:b3:66:4e:9a:17:76:19:
9c:7d:ae:2d:6f:3c:78:34:ca:92:d1:da:d2:97:b2:df:dd:39:
a8:e8:f8:d9:89:02:b5:50:24:1f:ab:4f:02:82:31:59:25:5b:
59:c1:47:3b:c2:ce:a7:24:d3:00:e8:b6:53:99:d7:cc:ca:a3:
fe:a7:1f:bc:b1:93:2e:cc:6f:69:c9:6e:b6:14:63:72:cc:d0:
3e:e0:66:01:7c:d6:9f:b6:77:f6:41:57:a7:cc:e6:13:81:f1:
33:3a:75:9e:ee:6b:35:e6:3f:21:80:49:04:4a:9f:0d:73:4e:
58:ab:49:a2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGOhAEQiucI05+MqHHzBGIBPHc1gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDVlODY0OGU0NDVkY2NkMGQ4ZWU2OTlmNTE0MGJiODE0
ZTQzYWUxYjAeFw0yNTAzMjUwNjE1MDVaFw0yNjAzMjQwNjIwMDVaMDMxMTAvBgNV
BAMTKDlCODZENjc5QzU4RkI4Qjc2RDNDNzBGRTZBQ0E0MEU3OUFCNkZFMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9LVxwZw1Hb4y/yBLHzxcMvr/s
r8HKrvrg/43vY0rlInzhJl90q3HlGQnV2Rkbze0FTkcMRINpMI7ihgvAe6Ev7bow
X6Ob75KrRgKrpgYo00Oy5Dy9zRgFSi9qPkSqa9VWf0DDXn9I7hXLpNUGK+c3Y8Tp
yxqNkIhKJJ3lHz63YGl6/1Zwdhr/Raag5vI4rb0ISXJwGhwQ8lwm3t3YZYbWcKCn
J6KmolT0yA8OV568C6aMvBuuFiJAJmA8Cz7pWa7/WhNEati7U8FlJjRy3I/NxJkt
zxv9aKZEdUkIENVWzhtLqKbXQB0jb++r4V3xgertZsumZjo4eKKcmuPqmXOJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUm4bWecWPuLdtPHD+aspA55q2/jgwHwYDVR0j
BBgwFoAURehkjkRdzNDY7mmfUUC7gU5DrhswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTMzYjJmZDctMzFjMS00NTFjLTgyODgtYzFhYTBhYTEy
NzUwLzAvNDVFODY0OEU0NDVEQ0NEMEQ4RUU2OTlGNTE0MEJCODE0RTQzQUUxQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JlaGtqa1Jkek5EWTdtbWZVVUM3Z1U1
RHJocy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTMzYjJmZDct
MzFjMS00NTFjLTgyODgtYzFhYTBhYTEyNzUwLzAvMzEzMjM4MmUzNjM1MmUzMTM2
MzAyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNDM4MzUzOTMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
gEGgMA0GCSqGSIb3DQEBCwUAA4IBAQA2UN8kUR3LTpvdNaV+Ti/MT5lGLCHMDOPb
akRloShD4G8QmoE8kYB54u7baOznmIW87EEvbcjYP34se75SuuBjWV287flY9KQK
xID3vYQC3ZElAAWbDpwFSCvJUiKv5SG+CkOK7IyMhNvZdbXDb/MDrlvX0eb6q6Qb
rqkEGTIgh/W2ejSy7nR6q7NmTpoXdhmcfa4tbzx4NMqS0drSl7Lf3Tmo6PjZiQK1
UCQfq08CgjFZJVtZwUc7ws6nJNMA6LZTmdfMyqP+px+8sZMuzG9pyW62FGNyzNA+
4GYBfNaftnf2QVenzOYTgfEzOnWe7ms15j8hgEkESp8Nc05Yq0mi
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:36 2025 by rpki-client