Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38302e302f32342d3234203d3e203538303631.roa
File: 34352e31322e38302e302f32342d3234203d3e203538303631.roa (raw, json)
Hash identifier: LN0D9KXpgwZG0exkesy18NYXmltayH5kt2cO48IWIJM=
Subject key identifier: FB:A6:1D:D1:F3:0E:D0:06:AD:99:35:22:E5:0F:5F:F0:B5:D4:CF:70
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 454F85D295774BBF2C7D89BE6A05B75EB7217F2A
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38302e302f32342d3234203d3e203538303631.roa
Signing time: Fri 07 Feb 2025 06:53:53 +0000
ROA not before: Fri 07 Feb 2025 06:48:53 +0000
ROA not after: Fri 06 Feb 2026 06:53:53 +0000
asID: 58061
IP address blocks: 45.12.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 03:19:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:4f:85:d2:95:77:4b:bf:2c:7d:89:be:6a:05:b7:5e:b7:21:7f:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 7 06:48:53 2025 GMT
Not After : Feb 6 06:53:53 2026 GMT
Subject: CN=FBA61DD1F30ED006AD993522E50F5FF0B5D4CF70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0a:6a:9f:f2:ec:f5:4f:09:26:90:69:97:44:
05:45:37:7a:6f:2a:2d:47:d5:67:ef:5a:4c:e0:80:
4a:70:29:81:44:40:70:08:99:91:cd:cf:68:fb:28:
6e:a9:ae:34:98:e9:98:6e:2a:32:0d:ae:50:48:f0:
e4:b8:06:55:b6:6b:a8:df:9d:06:13:23:c7:69:ee:
b6:fc:34:a6:88:f3:fb:25:d6:b5:84:dd:1f:9d:7a:
10:c9:63:75:a6:79:5c:e1:65:09:cd:cb:9d:10:2e:
8f:63:89:90:62:0d:38:05:27:1b:b8:17:f8:98:18:
c8:5c:9a:fb:be:58:fb:5f:bf:49:93:93:25:a9:81:
4b:3d:40:e8:26:ad:79:02:0d:61:77:dc:01:f5:4c:
0c:da:f9:81:24:86:4b:03:8a:0a:8b:25:5d:39:a2:
62:01:6c:a2:24:3c:14:95:43:b4:82:8d:27:2d:17:
cf:15:5f:40:b1:e6:b5:97:e5:8f:0e:ac:29:74:1b:
e3:71:95:35:40:d3:6e:e7:b5:c3:1d:68:17:8e:84:
ad:1a:c9:0f:a8:a9:82:bf:ce:00:1b:45:1f:fb:18:
31:ff:5b:c0:7d:83:f0:55:ce:63:0f:80:4b:97:86:
05:13:e7:8d:a3:d1:dd:07:21:cd:9a:a1:e4:04:05:
12:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:A6:1D:D1:F3:0E:D0:06:AD:99:35:22:E5:0F:5F:F0:B5:D4:CF:70
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38302e302f32342d3234203d3e203538303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.80.0/24
Signature Algorithm: sha256WithRSAEncryption
08:e5:01:53:25:09:19:0a:5b:f1:e1:b7:02:bf:02:5a:d1:3f:
58:fc:58:ea:d3:ab:27:be:4d:07:04:ca:50:71:b3:df:d7:4c:
fa:11:61:e4:bb:44:b4:37:b2:18:46:b3:32:99:10:74:4c:1b:
3b:19:e8:db:ca:f8:cc:13:d4:69:36:6a:1a:87:01:c9:d9:71:
f2:aa:e3:fc:fd:81:de:6a:1e:e9:49:e5:93:e3:30:a6:0b:bd:
d2:11:99:1d:8e:5e:f3:01:f8:a9:da:75:28:fb:bd:1d:6f:68:
98:2b:fb:3e:55:71:00:fb:45:fc:13:33:30:cf:56:cc:26:09:
2f:54:40:3f:c4:1e:10:ba:20:88:9f:9e:07:f4:b9:ff:a4:8c:
44:b9:b2:0b:db:7a:20:b8:be:ba:89:98:a0:64:dc:90:fe:bb:
9a:d5:c2:84:18:0f:b3:a0:51:10:24:4d:2b:ea:0c:8b:0c:c2:
53:d4:a0:47:45:ef:1a:d6:61:d9:26:a5:57:75:25:83:e1:da:
1a:1e:b5:8d:80:69:3b:48:18:34:b0:36:b4:bb:de:13:c4:8f:
1e:8b:af:ba:c8:dc:7c:92:14:08:86:52:9e:1d:35:65:46:4b:
7a:58:cc:b0:66:a6:4a:fd:0c:f2:b0:a0:20:eb:92:3d:e3:39:
7f:7d:b7:13
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIURU+F0pV3S78sfYm+agW3XrchfyowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAyMDcwNjQ4NTNaFw0yNjAyMDYwNjUzNTNaMDMxMTAvBgNV
BAMTKEZCQTYxREQxRjMwRUQwMDZBRDk5MzUyMkU1MEY1RkYwQjVENENGNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrCmqf8uz1TwkmkGmXRAVFN3pv
Ki1H1WfvWkzggEpwKYFEQHAImZHNz2j7KG6prjSY6ZhuKjINrlBI8OS4BlW2a6jf
nQYTI8dp7rb8NKaI8/sl1rWE3R+dehDJY3WmeVzhZQnNy50QLo9jiZBiDTgFJxu4
F/iYGMhcmvu+WPtfv0mTkyWpgUs9QOgmrXkCDWF33AH1TAza+YEkhksDigqLJV05
omIBbKIkPBSVQ7SCjSctF88VX0Cx5rWX5Y8OrCl0G+NxlTVA027ntcMdaBeOhK0a
yQ+oqYK/zgAbRR/7GDH/W8B9g/BVzmMPgEuXhgUT542j0d0HIc2aoeQEBRI9AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU+6Yd0fMO0AatmTUi5Q9f8LXUz3AwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMjJlMzgzMDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzgzMDM2MzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtDFAw
DQYJKoZIhvcNAQELBQADggEBAAjlAVMlCRkKW/HhtwK/AlrRP1j8WOrTqye+TQcE
ylBxs9/XTPoRYeS7RLQ3shhGszKZEHRMGzsZ6NvK+MwT1Gk2ahqHAcnZcfKq4/z9
gd5qHulJ5ZPjMKYLvdIRmR2OXvMB+KnadSj7vR1vaJgr+z5VcQD7RfwTMzDPVswm
CS9UQD/EHhC6IIifngf0uf+kjES5sgvbeiC4vrqJmKBk3JD+u5rVwoQYD7OgURAk
TSvqDIsMwlPUoEdF7xrWYdkmpVd1JYPh2hoetY2AaTtIGDSwNrS73hPEjx6Lr7rI
3HySFAiGUp4dNWVGS3pYzLBmpkr9DPKwoCDrkj3jOX99txM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:44:04 2025 by rpki-client