Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bd7c231e-a33c-4555-b42e-d02093849299/0/34352e36362e36302e302f32332d3234203d3e20313734.roa
File: 34352e36362e36302e302f32332d3234203d3e20313734.roa (raw, json)
Hash identifier: 7t1m1Rme42ZN+/wbBfTFMDvACpXME33cDvgp6giSYyo=
Subject key identifier: C2:D3:66:3C:49:19:EE:53:94:2C:D7:A9:A1:82:4B:4A:F4:32:71:EE
Certificate issuer: /CN=2e2674263aecd572673f87614919ca492c79faea
Certificate serial: 6A78C32ED99B5380CA7034B2308D9B526A03FD0D
Authority key identifier: 2E:26:74:26:3A:EC:D5:72:67:3F:87:61:49:19:CA:49:2C:79:FA:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LiZ0Jjrs1XJnP4dhSRnKSSx5-uo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bd7c231e-a33c-4555-b42e-d02093849299/0/34352e36362e36302e302f32332d3234203d3e20313734.roa
Signing time: Wed 05 Feb 2025 18:35:05 +0000
ROA not before: Wed 05 Feb 2025 18:30:05 +0000
ROA not after: Wed 04 Feb 2026 18:35:05 +0000
asID: 174
IP address blocks: 45.66.60.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bd7c231e-a33c-4555-b42e-d02093849299/0/2E2674263AECD572673F87614919CA492C79FAEA.crl
rsync://rsync.paas.rpki.ripe.net/repository/bd7c231e-a33c-4555-b42e-d02093849299/0/2E2674263AECD572673F87614919CA492C79FAEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/LiZ0Jjrs1XJnP4dhSRnKSSx5-uo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:78:c3:2e:d9:9b:53:80:ca:70:34:b2:30:8d:9b:52:6a:03:fd:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e2674263aecd572673f87614919ca492c79faea
Validity
Not Before: Feb 5 18:30:05 2025 GMT
Not After : Feb 4 18:35:05 2026 GMT
Subject: CN=C2D3663C4919EE53942CD7A9A1824B4AF43271EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e1:5a:aa:d7:84:db:18:58:3f:2e:1e:88:44:
cc:3c:b7:93:78:71:6d:03:ff:bb:2b:5c:92:53:c4:
e3:3b:6f:e1:65:f7:b0:34:3f:19:57:d8:95:11:92:
a0:fb:05:62:2d:87:7f:2b:3f:7e:c9:b2:63:aa:a3:
8f:b9:e5:12:3c:76:99:72:c6:85:a7:23:05:c7:9a:
de:c6:e5:0b:57:37:0a:5c:43:7d:c5:2d:6b:8a:78:
6e:22:81:68:2b:d4:6c:30:9f:7e:5e:96:ce:f1:b5:
5f:f3:e6:d3:57:10:cb:4a:d2:6e:f7:30:7e:db:a6:
3d:29:e2:3d:53:4a:2f:9d:bf:39:e7:46:52:3e:c4:
03:fc:5e:8c:50:7e:44:34:a3:7b:05:d4:de:3f:d1:
59:ca:6c:d0:55:b4:a1:29:81:23:5c:e1:7f:7f:eb:
1d:21:db:49:e8:7f:e3:91:f0:f9:d4:21:53:c1:9d:
8b:fb:c3:09:b8:1c:a8:5c:7e:41:24:9f:59:45:0f:
e5:cb:3b:ce:ba:81:59:49:7f:ef:f5:ed:10:de:3c:
41:c4:81:71:07:5e:0d:11:be:8b:9a:ea:9e:78:0b:
13:44:77:e5:96:37:44:d8:2f:86:8a:f1:49:17:c5:
57:28:62:00:e9:1a:a8:06:c1:1a:e9:62:47:44:83:
1c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:D3:66:3C:49:19:EE:53:94:2C:D7:A9:A1:82:4B:4A:F4:32:71:EE
X509v3 Authority Key Identifier:
keyid:2E:26:74:26:3A:EC:D5:72:67:3F:87:61:49:19:CA:49:2C:79:FA:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bd7c231e-a33c-4555-b42e-d02093849299/0/2E2674263AECD572673F87614919CA492C79FAEA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LiZ0Jjrs1XJnP4dhSRnKSSx5-uo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bd7c231e-a33c-4555-b42e-d02093849299/0/34352e36362e36302e302f32332d3234203d3e20313734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.60.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:59:d7:34:c0:98:00:23:33:2d:d3:e2:79:de:f0:8f:6c:49:
19:a4:69:e7:2e:52:54:76:44:1e:4a:d4:b2:aa:75:f2:41:17:
d3:9c:09:00:c2:a0:9a:18:9b:e6:d6:2e:22:26:58:ae:42:14:
e5:94:31:60:d8:a4:3a:34:25:25:44:a3:ee:93:5b:96:10:60:
4d:c0:be:76:cf:87:83:ba:18:87:ba:cd:e7:c2:ba:98:f3:0b:
b9:b5:a8:55:2c:c0:e0:cc:07:e5:cc:0a:b6:ac:70:87:bc:ae:
60:8f:04:34:55:e7:d9:f2:01:cf:cc:a3:77:08:9b:58:d1:d6:
4a:91:5c:9d:87:f0:63:e9:f4:11:cc:3c:52:a9:b5:4a:00:7b:
cc:6f:8c:19:41:7e:8b:e9:4e:cc:e3:5b:69:e5:10:4f:e4:5a:
fc:c6:d1:f6:60:ea:e9:ff:ad:6a:7a:5a:f4:4b:98:22:1f:35:
ff:e6:3d:b5:62:53:8f:d4:00:69:f7:92:e0:1c:88:75:ad:31:
a2:d6:df:77:63:a5:8d:9f:9a:d4:3e:2c:64:90:e9:29:33:a2:
e8:69:6f:72:c2:59:67:e0:d6:57:5c:73:26:29:e4:31:19:6a:
ca:e9:0a:42:f2:f5:d3:b2:12:d4:d8:61:fd:11:7b:89:aa:e9:
95:25:68:aa
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUanjDLtmbU4DKcDSyMI2bUmoD/Q0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMmUyNjc0MjYzYWVjZDU3MjY3M2Y4NzYxNDkxOWNhNDky
Yzc5ZmFlYTAeFw0yNTAyMDUxODMwMDVaFw0yNjAyMDQxODM1MDVaMDMxMTAvBgNV
BAMTKEMyRDM2NjNDNDkxOUVFNTM5NDJDRDdBOUExODI0QjRBRjQzMjcxRUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC64Vqq14TbGFg/Lh6IRMw8t5N4
cW0D/7srXJJTxOM7b+Fl97A0PxlX2JURkqD7BWIth38rP37JsmOqo4+55RI8dply
xoWnIwXHmt7G5QtXNwpcQ33FLWuKeG4igWgr1Gwwn35els7xtV/z5tNXEMtK0m73
MH7bpj0p4j1TSi+dvznnRlI+xAP8XoxQfkQ0o3sF1N4/0VnKbNBVtKEpgSNc4X9/
6x0h20nof+OR8PnUIVPBnYv7wwm4HKhcfkEkn1lFD+XLO866gVlJf+/17RDePEHE
gXEHXg0Rvoua6p54CxNEd+WWN0TYL4aK8UkXxVcoYgDpGqgGwRrpYkdEgxzjAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUwtNmPEkZ7lOULNepoYJLSvQyce4wHwYDVR0j
BBgwFoAULiZ0Jjrs1XJnP4dhSRnKSSx5+uowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmQ3YzIzMWUtYTMzYy00NTU1LWI0MmUtZDAyMDkzODQ5
Mjk5LzAvMkUyNjc0MjYzQUVDRDU3MjY3M0Y4NzYxNDkxOUNBNDkyQzc5RkFFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0xpWjBKanJzMVhKblA0ZGhTUm5LU1N4
NS11by5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmQ3YzIzMWUt
YTMzYy00NTU1LWI0MmUtZDAyMDkzODQ5Mjk5LzAvMzQzNTJlMzYzNjJlMzYzMDJl
MzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMxMzczNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS1CPDANBgkq
hkiG9w0BAQsFAAOCAQEApVnXNMCYACMzLdPied7wj2xJGaRp5y5SVHZEHkrUsqp1
8kEX05wJAMKgmhib5tYuIiZYrkIU5ZQxYNikOjQlJUSj7pNblhBgTcC+ds+Hg7oY
h7rN58K6mPMLubWoVSzA4MwH5cwKtqxwh7yuYI8ENFXn2fIBz8yjdwibWNHWSpFc
nYfwY+n0Ecw8Uqm1SgB7zG+MGUF+i+lOzONbaeUQT+Ra/MbR9mDq6f+tanpa9EuY
Ih81/+Y9tWJTj9QAafeS4ByIda0xotbfd2OljZ+a1D4sZJDpKTOi6GlvcsJZZ+DW
V1xzJinkMRlqyukKQvL107IS1Nhh/RF7iarplSVoqg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:23:56 2025 by rpki-client