Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3134392e302f32342d3234203d3e20323132323338.roa
File: 34352e36362e3134392e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: UYRhWU2YtAQySXQJqSHhc8PkHnSqANYorHfiKIAiPmA=
Subject key identifier: 9D:B6:96:6E:F7:4E:FE:D6:71:98:8D:97:2D:09:5A:D5:5B:AE:66:4C
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 1D935DDFA6CD29AF22D2E12C888CCD089392E962
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3134392e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 08 May 2025 16:54:08 +0000
ROA not before: Thu 08 May 2025 16:49:08 +0000
ROA not after: Thu 07 May 2026 16:54:08 +0000
asID: 212238
IP address blocks: 45.66.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 08:02:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:93:5d:df:a6:cd:29:af:22:d2:e1:2c:88:8c:cd:08:93:92:e9:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: May 8 16:49:08 2025 GMT
Not After : May 7 16:54:08 2026 GMT
Subject: CN=9DB6966EF74EFED671988D972D095AD55BAE664C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:7b:22:ab:d7:4b:9b:8f:56:b1:e7:0a:56:71:
8c:04:4e:50:76:58:7d:6d:f5:83:a2:b6:09:71:43:
3b:a5:5a:8a:ae:1b:6c:ab:68:42:50:1e:84:84:73:
c2:98:69:35:b8:a6:24:f0:7c:05:c9:b1:ba:8f:14:
84:3a:40:3c:07:6e:24:4d:58:0c:ce:84:a1:f1:84:
7a:7c:5b:80:58:c7:e9:2e:45:a1:53:91:99:1b:ea:
cf:a2:6a:03:d6:dd:24:13:9b:72:8f:e4:50:93:4d:
6d:5f:4a:40:b6:ac:18:89:80:59:e6:98:08:cc:de:
f8:e3:df:24:1c:14:4f:ff:a6:a2:17:95:f7:25:29:
c0:94:dd:1b:74:a2:2a:56:a1:58:f2:b2:12:3d:91:
2b:84:7b:1b:0e:47:33:b0:ba:eb:c1:d9:c9:d6:2c:
13:bf:59:67:7e:ef:5d:70:dd:f0:48:62:86:d6:d7:
9f:94:82:19:4d:79:41:40:69:c6:10:24:c9:ce:9d:
91:3f:f5:6a:b3:a7:5b:bb:ba:51:02:f9:26:9f:99:
27:e3:5d:5c:d9:fc:5d:50:55:db:c2:e0:75:21:aa:
50:60:81:bf:b4:6b:b5:ef:5c:ce:e8:e7:2d:9e:7f:
c9:2a:6a:db:8d:1b:3f:70:e8:9d:ce:a5:af:7b:d6:
cd:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B6:96:6E:F7:4E:FE:D6:71:98:8D:97:2D:09:5A:D5:5B:AE:66:4C
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3134392e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.149.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:d1:e6:f7:3e:a3:cd:7a:61:08:e3:df:bf:e9:50:40:3e:f9:
76:d8:c2:9a:62:4d:ae:f7:c6:8f:0a:46:a5:be:5a:d8:be:62:
40:42:ce:58:2e:42:9d:60:23:6c:61:5b:ec:80:72:db:81:72:
7f:10:9c:30:ac:92:29:b7:e1:36:2d:15:bc:ff:98:66:6f:0c:
1f:d3:59:37:5a:8b:ac:af:ab:17:60:e6:32:13:fd:8a:70:2c:
ed:49:5b:28:be:7a:ab:89:ea:c7:c8:64:f9:e1:d3:51:dd:40:
54:cc:93:f6:69:7f:03:77:e7:d2:6e:2c:84:06:2a:12:dd:73:
66:f2:5f:60:f2:9f:8d:af:c4:ef:9d:be:96:10:e2:58:bd:d8:
31:79:a7:e0:e1:67:a4:13:e6:8f:57:79:30:3f:59:d3:08:0d:
ae:34:6e:9e:e1:c4:2f:6a:e6:7d:a7:f6:3d:63:6b:58:52:eb:
8f:67:ff:ba:63:be:64:44:46:e9:f3:7e:ad:07:95:af:5c:a1:
9e:24:69:fc:83:0a:ba:3a:82:11:6b:5f:98:50:33:7c:7d:a7:
36:68:a2:73:a6:0e:8a:9b:d5:6d:80:27:5b:4c:d2:10:f4:39:
22:7d:e0:16:1b:27:e0:21:8f:97:a7:bf:ac:6f:48:b5:e9:83:
4c:fc:8f:a4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHZNd36bNKa8i0uEsiIzNCJOS6WIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTA1MDgxNjQ5MDhaFw0yNjA1MDcxNjU0MDhaMDMxMTAvBgNV
BAMTKDlEQjY5NjZFRjc0RUZFRDY3MTk4OEQ5NzJEMDk1QUQ1NUJBRTY2NEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmeyKr10ubj1ax5wpWcYwETlB2
WH1t9YOitglxQzulWoquG2yraEJQHoSEc8KYaTW4piTwfAXJsbqPFIQ6QDwHbiRN
WAzOhKHxhHp8W4BYx+kuRaFTkZkb6s+iagPW3SQTm3KP5FCTTW1fSkC2rBiJgFnm
mAjM3vjj3yQcFE//pqIXlfclKcCU3Rt0oipWoVjyshI9kSuEexsORzOwuuvB2cnW
LBO/WWd+711w3fBIYobW15+UghlNeUFAacYQJMnOnZE/9Wqzp1u7ulEC+SafmSfj
XVzZ/F1QVdvC4HUhqlBggb+0a7XvXM7o5y2ef8kqatuNGz9w6J3Opa971s3RAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUnbaWbvdO/tZxmI2XLQla1VuuZkwwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzQzNTJlMzYzNjJlMzEzNDM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LUKVMA0GCSqGSIb3DQEBCwUAA4IBAQDK0eb3PqPNemEI49+/6VBAPvl22MKaYk2u
98aPCkalvlrYvmJAQs5YLkKdYCNsYVvsgHLbgXJ/EJwwrJIpt+E2LRW8/5hmbwwf
01k3Wousr6sXYOYyE/2KcCztSVsovnqrierHyGT54dNR3UBUzJP2aX8Dd+fSbiyE
BioS3XNm8l9g8p+Nr8Tvnb6WEOJYvdgxeafg4WekE+aPV3kwP1nTCA2uNG6e4cQv
auZ9p/Y9Y2tYUuuPZ/+6Y75kREbp836tB5WvXKGeJGn8gwq6OoIRa1+YUDN8fac2
aKJzpg6Km9VtgCdbTNIQ9DkifeAWGyfgIY+Xp7+sb0i16YNM/I+k
-----END CERTIFICATE-----
Generated at Fri Jun 6 22:44:55 2025 by rpki-client