Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e31332e3135312e302f32342d3234203d3e20323135373033.roa
File: 34352e31332e3135312e302f32342d3234203d3e20323135373033.roa (raw, json)
Hash identifier: aPdRk0yj6WHAWMnGbb2l+kFCRQlNzfB9p5fiHofDu7s=
Subject key identifier: DE:1F:92:7E:EA:83:89:C4:31:18:FE:81:2D:0C:E7:D2:44:BB:04:DC
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 6446326716889E9F6D9E27AFDE87A07307EA14A0
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e31332e3135312e302f32342d3234203d3e20323135373033.roa
Signing time: Thu 08 May 2025 16:54:08 +0000
ROA not before: Thu 08 May 2025 16:49:08 +0000
ROA not after: Thu 07 May 2026 16:54:08 +0000
asID: 215703
IP address blocks: 45.13.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:46:32:67:16:88:9e:9f:6d:9e:27:af:de:87:a0:73:07:ea:14:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: May 8 16:49:08 2025 GMT
Not After : May 7 16:54:08 2026 GMT
Subject: CN=DE1F927EEA8389C43118FE812D0CE7D244BB04DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:59:1d:2d:31:25:75:39:9e:84:48:e1:9b:7e:
ae:1b:8f:c4:36:66:1d:57:70:7e:bc:87:be:c9:82:
8d:70:9b:a0:84:1d:d4:7c:70:5e:69:81:a5:8b:7a:
02:29:a9:b3:74:50:c6:f7:b3:84:84:f6:e3:48:ad:
cb:79:5c:78:7f:5c:61:fb:82:98:0d:e2:5f:93:5a:
2d:b1:7e:39:1f:bf:3f:28:79:67:86:58:5b:ae:1f:
e3:33:4a:55:83:5f:c6:d0:32:73:64:93:76:e4:3f:
44:05:b2:25:d9:0f:de:77:d2:80:5b:3f:79:11:6c:
b8:71:c7:a5:be:0a:26:b7:76:37:97:a0:22:88:1c:
d7:ad:e6:21:ba:54:a3:80:0c:e6:8e:02:3a:7b:a3:
a3:5e:cc:81:19:06:0b:e0:ec:68:4b:bd:f9:00:e9:
02:d1:df:ab:b9:c8:c0:15:62:6a:1b:56:54:2a:0d:
42:00:4e:81:f7:15:ba:09:3b:31:8b:81:bd:2b:52:
cf:eb:44:20:36:6e:36:85:22:de:c0:d5:2e:5b:09:
2e:96:79:90:3f:b5:8c:e9:b5:94:32:f6:41:51:f7:
d5:6a:77:ca:6c:fa:ba:f1:01:de:d6:28:f2:32:c9:
74:7d:f9:6c:77:b6:09:ba:3b:09:cf:89:7e:ad:c0:
9b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:1F:92:7E:EA:83:89:C4:31:18:FE:81:2D:0C:E7:D2:44:BB:04:DC
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e31332e3135312e302f32342d3234203d3e20323135373033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.151.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:90:40:a2:a8:f9:73:23:d2:e7:0b:e7:53:98:d2:5e:5b:b1:
7d:ed:9d:7c:a8:83:16:45:19:8a:32:45:b6:a8:40:9a:b8:ce:
d2:fd:c9:29:4e:73:b8:69:16:00:1d:0e:a1:22:27:c2:e7:b2:
dc:5f:cc:de:c9:44:97:77:20:2a:65:0c:98:41:00:a6:3a:db:
93:00:5b:f9:f9:ff:1e:e6:2d:cd:4c:40:e8:f8:ca:51:54:f8:
97:14:a4:0a:e9:9c:45:ab:f4:9a:89:0e:50:a1:d1:8e:5a:1c:
e4:4e:d7:40:4c:2b:b2:9c:cf:09:05:09:12:19:0b:19:c8:d9:
a4:fd:f4:cd:ec:0e:3f:82:24:c3:72:ad:ed:2e:32:c2:76:67:
df:a3:69:8d:5a:bd:35:80:b9:16:5b:45:de:37:b9:cb:72:ff:
07:7b:0d:b1:fc:ea:b9:71:9f:6c:88:b1:53:aa:bf:a6:6d:c2:
39:d9:b8:f7:23:cd:2f:6e:e9:e4:4e:f4:e0:28:1a:fd:54:8d:
31:0c:d4:a2:2a:ae:02:d8:2d:ea:6f:db:a8:37:76:b5:d7:60:
fc:d8:7c:51:c5:18:60:4a:8b:07:c6:89:be:51:cd:05:ed:f7:
36:5c:da:ca:61:ea:84:3d:1b:eb:71:e4:34:d9:cc:70:97:5e:
cf:52:82:90
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZEYyZxaInp9tniev3oegcwfqFKAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTA1MDgxNjQ5MDhaFw0yNjA1MDcxNjU0MDhaMDMxMTAvBgNV
BAMTKERFMUY5MjdFRUE4Mzg5QzQzMTE4RkU4MTJEMENFN0QyNDRCQjA0REMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzWR0tMSV1OZ6ESOGbfq4bj8Q2
Zh1XcH68h77Jgo1wm6CEHdR8cF5pgaWLegIpqbN0UMb3s4SE9uNIrct5XHh/XGH7
gpgN4l+TWi2xfjkfvz8oeWeGWFuuH+MzSlWDX8bQMnNkk3bkP0QFsiXZD9530oBb
P3kRbLhxx6W+Cia3djeXoCKIHNet5iG6VKOADOaOAjp7o6NezIEZBgvg7GhLvfkA
6QLR36u5yMAVYmobVlQqDUIAToH3FboJOzGLgb0rUs/rRCA2bjaFIt7A1S5bCS6W
eZA/tYzptZQy9kFR99Vqd8ps+rrxAd7WKPIyyXR9+Wx3tgm6OwnPiX6twJuNAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU3h+SfuqDicQxGP6BLQzn0kS7BNwwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzQzNTJlMzEzMzJlMzEzNTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM1MzczMDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LQ2XMA0GCSqGSIb3DQEBCwUAA4IBAQB+kECiqPlzI9LnC+dTmNJeW7F97Z18qIMW
RRmKMkW2qECauM7S/ckpTnO4aRYAHQ6hIifC57LcX8zeyUSXdyAqZQyYQQCmOtuT
AFv5+f8e5i3NTEDo+MpRVPiXFKQK6ZxFq/SaiQ5QodGOWhzkTtdATCuynM8JBQkS
GQsZyNmk/fTN7A4/giTDcq3tLjLCdmffo2mNWr01gLkWW0XeN7nLcv8Hew2x/Oq5
cZ9siLFTqr+mbcI52bj3I80vbunkTvTgKBr9VI0xDNSiKq4C2C3qb9uoN3a112D8
2HxRxRhgSosHxom+Uc0F7fc2XNrKYeqEPRvrceQ02cxwl17PUoKQ
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:29:31 2025 by rpki-client